totally_not_a_keylogger[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

totally_not_a_keylogger.exe
Size

6.4MB
MD5

7d877cc6172e8f6e3c9139b601e62428
SHA1

fcd4ac0337e2fea952a33c5043890585262ca96e
SHA256

0c9901c7fe7a1b8bd08ccf943794cfadda11e90fdde25964a5e9c09e95200443
SHA512

3ba64bd8f4acf221215323b4f32c849a6c0c6a04798f5946e1ea58cc3cb13a97aa5ab0e112df0fc804399060d7be888879086684a6529de295988835b3794a90
SSDEEP

196608:V3m+68BKOLzLyh6GWGadFdzTuNar45/OjCAT:VltrXHUatCE

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
totally_not_a_keylogger.exe
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$R0
unpack001/PP-UWP-Interop.dll
unpack001/avcodec-fb2k-60.dll
unpack001/avformat-fb2k-60.dll
unpack001/avutil-fb2k-58.dll
unpack001/components/foo_converter.dll
unpack001/components/foo_dsp_eq.dll
unpack001/components/foo_dsp_std.dll
unpack001/components/foo_fileops.dll
unpack001/components/foo_freedb2.dll
unpack001/components/foo_input_std.dll
unpack001/components/foo_ui_std.dll
unpack001/components/foo_unpack.dll
unpack001/foobar2000 Shell Associations Updater.exe
unpack001/foobar2000.exe
unpack001/shared.dll
unpack001/sqlite3.dll
unpack001/zlib1.dll

Files

totally_not_a_keylogger.exe
.exe windows:6 windows x64 arch:x64

14ab321ef07fa16b0e509b28abe4ec68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCloseKey
RegDeleteKeyExW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ord147
SHFileOperationW
ShellExecuteExW

ole32

OleInitialize
OleUninitialize
CoTaskMemFree
CoCreateInstance

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

DispatchMessageW
SystemParametersInfoW
SetClassLongPtrW
GetWindowLongPtrW
GetSysColor
ScreenToClient
SetCursor
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
GetSystemMenu
GetSystemMetrics
IsWindowEnabled
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
PeekMessageW
GetMessagePos
CharNextW
ExitWindowsEx
LoadCursorW
SetTimer
CreateDialogParamW
DestroyWindow
LoadImageW
FindWindowExW
SetWindowLongPtrW
InvalidateRect
ReleaseDC
GetDC
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
GetClientRect
EndPaint
BeginPaint
DrawTextW
DefWindowProcW
SetDlgItemTextW
GetDlgItemTextW
CharPrevW
MessageBoxIndirectW
CallWindowProcW
SetWindowTextW

gdi32

GetDeviceCaps
SetBkColor
CreateBrushIndirect
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateFontIndirectW

kernel32

WriteFile
GetLastError
WaitForSingleObject
GetTempFileNameW
CreateDirectoryW
GetUserDefaultUILanguage
WideCharToMultiByte
lstrlenW
lstrcpynW
GlobalLock
GlobalUnlock
CreateThread
GetDiskFreeSpaceExW
CopyFileW
GetVersionExW
GetWindowsDirectoryW
ExitProcess
GetCurrentProcess
SetErrorMode
GetExitCodeProcess
SetEnvironmentVariableW
GetCommandLineW
GetModuleFileNameW
GetTickCount
GetFileSize
CreateFileW
MultiByteToWideChar
MoveFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
lstrcmpiW
lstrcmpW
MulDiv
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
Sleep
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
ExpandEnvironmentStringsW
RemoveDirectoryW
MoveFileExW
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
GetProcAddress
lstrcatW
GetTempPathW

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x64 arch:x64

5701993c113b5b4a8df7d62ad71dffca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpynW
lstrcpyW
GetLastError
VirtualProtect
VirtualFree
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:6 windows x64 arch:x64

1d9dcf131a0c1a2ed99cd33cbafd155f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\Programming\NSIS\UAC v0.2.4-x64\x64\Release (Unicode)\UAC.pdb

Imports

kernel32

GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
SetCurrentDirectoryW
DuplicateHandle
SetLastError
SetEvent
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
lstrcatW
GetExitCodeProcess
CreateThread
GetCurrentThreadId
GetExitCodeThread
OpenProcess
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleHandleW
GetProcAddress
lstrcmpiW
FormatMessageW
lstrlenW
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryA
GetModuleFileNameW
CreateProcessW
GetLastError
GetCurrentProcessId
CloseHandle

user32

TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
CreateWindowExW
SetWindowPos
IsWindowVisible
CreateDialogParamW
CharNextW
MsgWaitForMultipleObjects
SetForegroundWindow
GetClientRect
GetWindowRect
GetWindowLongW
FindWindowExW
GetClassNameW
GetWindowThreadProcessId
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadIconW
IsDialogMessageW
LoadImageW
SetWindowLongPtrW
GetWindowLongPtrW
MessageBoxW
EnableWindow
EndDialog
DialogBoxParamW
ShowWindow
DestroyWindow
SendMessageW
wsprintfW
LoadStringW
GetDlgItem

advapi32

GetUserNameW
EqualSid
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetTokenInformation

shell32

ShellExecuteExW

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:6 windows x64 arch:x64

be212422bea078d0b2f4529b6ce1a0e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
HeapAlloc
HeapReAlloc
HeapFree
lstrcmpiW
MulDiv
GlobalFree
lstrcpynW
GetFileAttributesW
GetCurrentDirectoryW
GlobalAlloc
lstrcpyW
GetProcessHeap
SetCurrentDirectoryW

user32

CreateWindowExW
IsWindow
DestroyWindow
MapDialogRect
SetWindowPos
CreateDialogParamW
GetDlgItem
SetTimer
KillTimer
DrawTextW
SetPropW
GetPropW
RemovePropW
CallWindowProcW
GetWindowRect
SetCursor
MapWindowPoints
GetSysColor
DrawFocusRect
GetWindowLongPtrW
SetWindowLongPtrW
LoadCursorW
IsDialogMessageW
wsprintfW
GetClientRect
CharPrevW
CharNextW
DispatchMessageW
TranslateMessage
GetWindowTextW
SendMessageW
GetMessageW
ShowWindow

gdi32

SetTextColor

shell32

SHGetPathFromIDListW
SHBrowseForFolderW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$R0
.dll regsvr32 windows:6 windows x64 arch:x64

2bab0054c3b453dc2c189dff4fa27ff7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Sources\foobar2000\Fb2kShellExt\Fb2kShellExt\x64\Release\Fb2kShellExt.pdb

Imports

kernel32

MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
SetLastError
GetTickCount64
CreateProcessW
CloseHandle
GetThreadLocale
lstrcmpiW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
GetModuleHandleW
GetProcAddress
FreeLibrary
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
SetThreadLocale
InitializeCriticalSectionEx
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
FlsFree
FlsSetValue
IsDebuggerPresent
OutputDebugStringW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwind
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
HeapSize
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
WriteConsoleW

user32

GetClassNameW
SendMessageW
CharNextW
wsprintfW
EnumWindows

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW
SHGetIDListFromObject

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

oleaut32

LoadTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PP-UWP-Interop.dll
.dll windows:6 windows x64 arch:x64

b63e46bf73652a5068b140ffa67c619d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\PP-UWP-Interop.pdb

Imports

shlwapi

ord12

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream

api-ms-win-core-winrt-l1-1-0

RoInitialize

vccorlib140

?UninitializeData@Details@Platform@@YAXH@Z
?InitializeData@Details@Platform@@YAJH@Z
??0Delegate@Platform@@QE$AAA@XZ
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
?__abi_translateCurrentException@@YAJ_N@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?__abi_WinRTraiseInvalidCastException@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__std_terminate
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__C_specific_handler

api-ms-win-crt-string-l1-1-0

wcslen

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm_e
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initialize_onexit_table

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsDeleteString

kernel32

DecodePointer
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitOnceExecuteOnce

ole32

CoCreateFreeThreadedMarshaler

Exports

Exports

PP_UVC_Init_v2

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec-fb2k-60.dll
.dll windows:6 windows x64 arch:x64

74f6bd155605d7e085d47aa053f4160a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

avutil-fb2k-58

av_frame_move_ref
av_frame_new_side_data
av_frame_apply_cropping
av_hwframe_ctx_alloc
av_pix_fmt_count_planes
av_get_planar_sample_fmt
av_samples_set_silence
av_frame_ref
av_frame_get_buffer
av_frame_copy_props
av_frame_get_side_data
av_calloc
av_buffer_allocz
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_pool_get
av_sample_fmt_is_planar
av_bprint_init
av_hwframe_get_buffer
av_image_fill_linesizes
av_image_fill_plane_sizes
av_find_best_pix_fmt_of_2
av_opt_set_defaults2
av_opt_set
av_fast_realloc
av_reallocp_array
av_cpu_count
av_opt_copy
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free
av_samples_fill_arrays
av_chroma_location_enum_to_pos
av_chroma_location_pos_to_enum
av_realloc_f
av_get_cpu_flags
av_samples_copy
av_strtok
av_get_token
av_opt_next
av_opt_set_dict2
av_opt_set_from_string
av_dynarray_add_nofree
av_dict_set
av_dict_iterate
av_strerror
av_buffer_realloc
av_buffer_is_writable
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_buffer_alloc
av_realloc
av_rescale_q
av_frame_free
av_frame_alloc
av_buffer_unref
av_opt_set_dict
av_opt_free
av_opt_set_defaults
av_get_bytes_per_sample
av_get_sample_fmt_name
av_fourcc_make_string
av_gcd
avpriv_emms_asm
av_get_media_type_string
av_image_check_sar
av_image_check_size2
av_reduce
av_get_pix_fmt_name
av_chroma_location_name
av_color_space_name
av_color_transfer_name
av_color_primaries_name
av_color_range_name
av_rescale
av_pix_fmt_desc_get
av_channel_layout_check
av_channel_layout_describe
av_bprint_chars
av_bprintf
av_bprint_init_for_buffer
av_match_list
av_memdup
av_log_get_level
avpriv_alloc_fixed_dsp
av_downmix_info_update_side_data
av_channel_layout_index_from_channel
av_lfg_init_from_data
av_fast_mallocz
av_fast_malloc
av_lfg_init
av_malloc_array
av_crc_get_table
av_tx_uninit
av_tx_init
av_frame_unref
av_channel_layout_compare
av_channel_layout_copy
avpriv_request_sample
avpriv_report_missing_feature
av_log
av_freep
av_free
av_mallocz
av_malloc
avpriv_float_dsp_alloc
av_default_item_name
av_buffer_replace
av_crc
av_channel_layout_uninit
av_bprint_finalize
av_samples_get_buffer_size
av_channel_layout_from_mask

kernel32

InitOnceBeginInitialize
InitOnceComplete
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetFullPathNameW
MultiByteToWideChar
InitializeSRWLock
InitializeConditionVariable
CloseHandle
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

vcruntime140

memcpy
memmove
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

powf
hypot
atan2f
atanf
log2f
cbrt
sin
cos
_fdopen
sinf
frexp
llrint
exp2
cbrtf

api-ms-win-crt-stdio-l1-1-0

_sopen
_wsopen
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_errno
abort
_beginthreadex

api-ms-win-crt-utility-l1-1-0

bsearch

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_dirac_parse_sequence_header
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fopen_utf8
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_unpack_dictionary
av_packet_unref
av_parser_close
av_parser_init
av_parser_iterate
av_parser_parse2
av_qsv_alloc_context
av_rdft_calc
av_rdft_end
av_rdft_init
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_subtitle2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_encode_buffer
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_subtitle
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpriv_ac3_parse_header
avpriv_adts_header_parse
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_find_start_code
avpriv_get_raw_pix_fmt_tags
avpriv_mpeg4audio_get_config2
avpriv_mpegaudio_decode_header
avpriv_packet_list_free
avpriv_packet_list_get
avpriv_packet_list_put
avpriv_pix_fmt_find
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avsubtitle_free

Sections

.text
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat-fb2k-60.dll
.dll windows:6 windows x64 arch:x64

450d74ed8ed6a81f855fd79a91dc7e8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

avcodec-fb2k-60

av_packet_alloc
avcodec_parameters_alloc
av_packet_rescale_ts
av_packet_copy_props
av_packet_move_ref
av_new_packet
av_shrink_packet
avpriv_tak_parse_streaminfo
avcodec_string
avcodec_alloc_context3
avpriv_dca_parse_core_frame_header
avpriv_dca_convert_bitstream
avpriv_pix_fmt_find
avpriv_packet_list_get
av_bsf_alloc
avpriv_packet_list_put
av_get_audio_frame_duration
avpriv_codec_get_cap_skip_frame_fill_param
av_bsf_receive_packet
av_grow_packet
avcodec_is_open
avcodec_pix_fmt_to_codec_tag
av_bsf_get_by_name
av_bsf_send_packet
av_parser_parse2
av_parser_init
avcodec_receive_frame
avcodec_send_packet
avcodec_decode_subtitle2
avsubtitle_free
avcodec_close
avcodec_open2
avcodec_parameters_to_context
avcodec_parameters_from_context
av_packet_make_refcounted
av_packet_get_side_data
av_packet_new_side_data
av_init_packet
av_ac3_parse_header
av_get_audio_frame_duration2
av_codec_is_decoder
av_codec_iterate
av_get_bits_per_sample
avcodec_get_name
avpriv_packet_list_free
av_bsf_free
av_parser_close
avcodec_free_context
av_packet_unref
av_packet_ref
av_packet_free
avcodec_parameters_copy
avcodec_parameters_free
avcodec_descriptor_get
avcodec_find_decoder
av_bsf_init

avutil-fb2k-58

av_bprintf
av_bprint_chars
av_buffer_alloc
av_buffer_unref
av_fast_malloc
av_strcasecmp
av_fourcc_make_string
av_buffer_create
av_channel_layout_from_mask
av_opt_set_dict2
av_fast_realloc
av_channel_layout_uninit
av_strncasecmp
av_asprintf
av_timecode_make_smpte_tc_string2
av_stereo3d_type_name
av_spherical_projection_name
av_spherical_tile_bounds
av_dict_count
av_get_picture_type_char
av_display_rotation_get
av_get_channel_name
av_frame_free
av_frame_alloc
av_buffer_ref
av_gettime
av_opt_ptr
av_opt_get_dict_val
av_opt_set_dict_val
av_channel_layout_copy
av_realloc
av_add_stable
av_compare_mod
av_compare_ts
av_rescale_q_rnd
av_rescale_q
av_rescale_rnd
av_rescale
av_gcd
av_opt_get
av_realloc_f
av_reallocp
av_bprint_finalize
av_bprint_append_data
av_vbprintf
av_bprint_init
av_default_item_name
av_usleep
av_gettime_relative
av_opt_copy
av_opt_set
av_opt_set_dict
av_opt_set_defaults
av_strerror
av_match_list
av_strlcpy
av_strstart
av_opt_free
av_dict_free
av_dict_copy
av_dict_get
av_dynarray_add_nofree
av_memdup
av_strndup
av_strdup
av_freep
av_realloc_array
av_calloc
av_mallocz
av_div_q
av_mul_q
av_reduce
av_match_name
av_free
av_malloc
av_dict_set
av_dict_iterate
av_crc
av_crc_get_table
av_log
av_opt_set_int

kernel32

GetFullPathNameW
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

vcruntime140

strchr
memmove
memcpy
memset
strrchr
memcmp
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

abort
_errno
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

api-ms-win-crt-string-l1-1-0

strcspn
strspn
strcmp
strncmp

api-ms-win-crt-convert-l1-1-0

atoi
strtol

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-stdio-l1-1-0

_wsopen
__stdio_common_vfprintf
__stdio_common_vsprintf
_sopen
__stdio_common_vsscanf

api-ms-win-crt-math-l1-1-0

_fdopen
llrint

Exports

Exports

av_add_index_entry
av_append_packet
av_codec_get_id
av_codec_get_tag
av_codec_get_tag2
av_demuxer_iterate
av_disposition_from_string
av_disposition_to_string
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_fmt_ctx_get_duration_estimation_method
av_fopen_utf8
av_format_ffversion
av_format_inject_global_side_data
av_get_frame_filename
av_get_frame_filename2
av_get_output_timestamp
av_get_packet
av_guess_codec
av_guess_format
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_index_search_timestamp
av_interleaved_write_frame
av_interleaved_write_uncoded_frame
av_match_ext
av_muxer_iterate
av_new_program
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_buffer2
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_program_add_stream_index
av_read_frame
av_read_pause
av_read_play
av_sdp_create
av_seek_frame
av_stream_add_side_data
av_stream_get_class
av_stream_get_codec_timebase
av_stream_get_end_pts
av_stream_get_parser
av_stream_get_side_data
av_stream_new_side_data
av_url_split
av_write_frame
av_write_trailer
av_write_uncoded_frame
av_write_uncoded_frame_query
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_flush
avformat_free_context
avformat_get_class
avformat_get_mov_audio_tags
avformat_get_mov_video_tags
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_index_get_entries_count
avformat_index_get_entry
avformat_index_get_entry_from_timestamp
avformat_init_output
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_transfer_internal_stream_timing_info
avformat_version
avformat_write_header
avio_accept
avio_alloc_context
avio_check
avio_close
avio_close_dir
avio_close_dyn_buf
avio_closep
avio_context_free
avio_enum_protocols
avio_feof
avio_find_protocol_name
avio_flush
avio_free_directory_entry
avio_get_dyn_buf
avio_get_str
avio_get_str16be
avio_get_str16le
avio_handshake
avio_open
avio_open2
avio_open_dir
avio_open_dyn_buf
avio_pause
avio_print_string_array
avio_printf
avio_protocol_get_class
avio_put_str
avio_put_str16be
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_read_dir
avio_read_partial
avio_read_to_bprint
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_vprintf
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avio_write_marker
avpriv_dv_get_packet
avpriv_dv_init_demux
avpriv_dv_produce_packet
avpriv_new_chapter
avpriv_register_devices
avpriv_set_pts_info
avpriv_stream_set_need_parsing
avpriv_update_cur_dts

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-fb2k-58.dll
.dll windows:6 windows x64 arch:x64

52710d7baf4e7ba75bdbb00258d05a08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

bcrypt

BCryptGenRandom
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider

kernel32

QueryPerformanceCounter
IsProcessorFeaturePresent
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentProcess
GetProcessAffinityMask
InitOnceBeginInitialize
InitOnceComplete
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetFullPathNameW
MultiByteToWideChar
GetStdHandle
GetConsoleMode
WriteConsoleW
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
WakeAllConditionVariable
Sleep
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter

vcruntime140

__std_type_info_destroy_list
strrchr
memcpy
memset
memchr
strchr
memmove
memcmp
strstr
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_errno
abort
_beginthreadex
_cexit
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

copysign
_fdopen
llrint
log
log10
pow
frexp
hypot
atan2
llrintf
asin
atan
cos
cosh
exp
fabs
sin
sinh
tan
tanh
exp2
round
trunc
scalbn
fmod
_dclass
acos

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
_isatty
__stdio_common_vsprintf
_tempnam
__stdio_common_vfprintf
fputs
__acrt_iob_func
_sopen
_wsopen
_close
_get_osfhandle

api-ms-win-crt-string-l1-1-0

strspn
strcspn
strncmp
strcmp

api-ms-win-crt-time-l1-1-0

_gmtime64
_localtime64
clock
strftime
_mktime64

api-ms-win-crt-convert-l1-1-0

strtod
strtoull
strtoll
strtoul
strtol

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-heap-l1-1-0

_aligned_realloc
_aligned_malloc
_aligned_free
free

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

bsearch

Exports

Exports

av_add_i
av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_ambient_viewing_environment_alloc
av_ambient_viewing_environment_create_side_data
av_append_path_component
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_buffer_get_opaque
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_description
av_channel_description_bprint
av_channel_from_string
av_channel_layout_channel_from_index
av_channel_layout_channel_from_string
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_default
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_extract_channel
av_channel_layout_from_mask
av_channel_layout_from_string
av_channel_layout_index_from_channel
av_channel_layout_index_from_string
av_channel_layout_standard
av_channel_layout_subset
av_channel_layout_uninit
av_channel_name
av_channel_name_bprint
av_chroma_location_enum_to_pos
av_chroma_location_from_name
av_chroma_location_name
av_chroma_location_pos_to_enum
av_cmp_i
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_cpu_count
av_cpu_force_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_csp_approximate_trc_gamma
av_csp_luma_coeffs_from_avcsp
av_csp_primaries_desc_from_id
av_csp_primaries_id_from_desc
av_csp_trc_func_from_id
av_d2q
av_default_get_category
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_detection_bbox_alloc
av_detection_bbox_create_side_data
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_iterate
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_dovi_metadata_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynamic_hdr_plus_create_side_data
av_dynamic_hdr_vivid_alloc
av_dynamic_hdr_vivid_create_side_data
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_count_func
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc2
av_fifo_alloc_array
av_fifo_auto_grow_limit
av_fifo_can_read
av_fifo_can_write
av_fifo_drain
av_fifo_drain2
av_fifo_elem_size
av_fifo_free
av_fifo_freep
av_fifo_freep2
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_grow2
av_fifo_peek
av_fifo_peek_to_cb
av_fifo_read
av_fifo_read_to_cb
av_fifo_realloc2
av_fifo_reset
av_fifo_reset2
av_fifo_size
av_fifo_space
av_fifo_write
av_fifo_write_from_cb
av_file_map
av_file_unmap
av_film_grain_params_alloc
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_plane_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_gcd_q
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_extended_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create_derived_opts
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_plane_uc_from
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int2i
av_int_list_length_for_size
av_lfg_init
av_lfg_init_from_data
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_once
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_memdup
av_mod_i
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_nearer_q
av_opt_child_class_iterate
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_channel_layout
av_opt_get_chlayout
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_channel_layout
av_opt_set_chlayout
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_pixelutils_get_sad_fn
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_read_image_line
av_read_image_line2
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_ripemd_alloc
av_ripemd_final
av_ripemd_init
av_ripemd_size
av_ripemd_update
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_sha512_alloc
av_sha512_final
av_sha512_init
av_sha512_size
av_sha512_update
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_shr_i
av_size_mult
av_small_strptime
av_spherical_alloc
av_spherical_from_name
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_stereo3d_from_name
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod

Sections

.text
Size: 582KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_converter.dll
.dll windows:6 windows x64 arch:x64

935be8735ae8d3d6bc3a1f1205e55955

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_converter.pdb

Imports

uxtheme

DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData
GetThemePartSize
SetWindowTheme

kernel32

PowerCreateRequest
PowerClearRequest
PowerSetRequest
CompareStringW
GetModuleHandleW
GetProcAddress
lstrcmpiW
VerSetConditionMask
VerifyVersionInfoW
lstrlenW
OutputDebugStringW
SetEvent
InitializeCriticalSectionEx
GetVersionExW
WideCharToMultiByte
IsDebuggerPresent
GetSystemTimeAsFileTime
InitOnceComplete
InitOnceBeginInitialize
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
GetTickCount
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
ReleaseSRWLockExclusive
LoadLibraryExW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetTickCount64
DecodePointer
GetExitCodeProcess
GetStdHandle
CreateFileW
CreateNamedPipeW
GetCurrentProcessId
TerminateProcess
CreateProcessW
GetThreadPriority
CancelIoEx
GetOverlappedResult
WaitForMultipleObjects
WriteFile
ResetEvent
CreateEventW
GetCurrentProcess
DuplicateHandle
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
GetCurrentThread
SetThreadPriority
CloseHandle
ResumeThread
WaitForSingleObject
IsProcessorFeaturePresent
QueryPerformanceCounter
DisableThreadLibraryCalls
EnterCriticalSection
SetLastError
GlobalSize

user32

GetSystemMetrics
EnumThreadWindows
IsWindowVisible
GetWindowPlacement
IsIconic
MonitorFromRect
GetMenu
GetClipboardData
CloseClipboard
OpenClipboard
AdjustWindowRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
SystemParametersInfoW
ReleaseDC
GetDC
GetSysColor
OffsetRect
ReleaseCapture
TrackMouseEvent
GetCapture
UpdateWindow
IsWindow
LoadAcceleratorsW
DestroyAcceleratorTable
GetWindowTextLengthW
CharLowerW
NotifyWinEvent
GetFocus
SetWindowTextW
IsRectEmpty
GetWindowDC
GetMessagePos
InflateRect
MapWindowPoints
FrameRect
UnhookWindowsHookEx
SetWindowsHookExW
GetDlgCtrlID
SetDlgItemInt
DialogBoxParamW
WindowFromPoint
EndDialog
CallNextHookEx
GetNextDlgTabItem
RedrawWindow
GetKeyState
GetParent
SetCursor
SetCapture
InvalidateRgn
CopyRect
ScrollWindowEx
SetScrollPos
SetScrollInfo
SetGestureConfig
CloseGestureInfoHandle
KillTimer
GetGestureInfo
GetCursorPos
DestroyMenu
MonitorFromPoint
CreatePopupMenu
TrackPopupMenu
AppendMenuW
SetMenuItemInfoW
GetMenuItemInfoW
PtInRect
IntersectRect
GetScrollInfo
AdjustWindowRectEx
MapDialogRect
EndDeferWindowPos
IsZoomed
DeferWindowPos
BeginDeferWindowPos
SetRectEmpty
FillRect
ScreenToClient
DrawFocusRect
CharNextW
DrawTextW
GetWindowTextW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
CallWindowProcW
ClientToScreen
GetMonitorInfoW
EndPaint
BeginPaint
GetClientRect
SetLayeredWindowAttributes
GetWindowRect
SetFocus
MessageBeep
GetWindowLongW
SetWindowLongW
SetWindowPos
IsWindowEnabled
DestroyWindow
GetActiveWindow
SetTimer
PostMessageW
SetDlgItemTextW
EnableWindow
SendDlgItemMessageW
ShowWindow
CreateDialogParamW
LoadCursorW
GetWindowLongPtrW
SetWindowLongPtrW
UnregisterClassW
DefWindowProcW
RegisterClassW
GetDlgItem
SendMessageW
InvalidateRect
GetClassNameW
TranslateAcceleratorW

gdi32

SelectObject
GetStockObject
SetBkMode
GetObjectW
SetDCBrushColor
CreatePolygonRgn
FrameRgn
FillRgn
GetDeviceCaps
CreateCompatibleDC
GetTextMetricsW
LPtoDP
SaveDC
RestoreDC
OffsetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
CombineRgn
SetDCPenColor
LineTo
MoveToEx
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
OffsetRgn
ExtTextOutW
SetBkColor
SetTextColor
DeleteObject
DeleteDC
CreateFontIndirectW

shell32

ShellExecuteW
ord74

oleaut32

VariantClear
SysAllocString
VariantInit

shared

stricmp_utf8_ex
uSearchPath
uGetModuleFileName
uFileExists
uCreateFile
stricmp_utf8_partial
stricmp_utf8
uDeleteFile
uGetDlgItemText
uSendMessageText
?g_from_system@t_font_description@@SA?AU1@H@Z
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
PokeWindow
uGetWindowText
uCharUpper
FindOwningPopup
uReplaceStringAdd
GetInfiniteWaitEvent
uGetOpenFileName
uBrowseForFolder
uAddStringLower
ModalDialog_CanCreateNew
ModalDialog_PokeExisting
uStringCompare
uCreateDirectory
uGetTempPath
??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
uSetDlgItemText
uExceptFilterProc
uSetWindowText
?scale@audio_math@@YAXPEBN_KPEANN@Z
uFormatSystemErrorMessage
ModalDialog_Switch
uShellExecute
uPrintCrashInfo_OnEvent
uBugCheck
uFindFirstFile

msvcp140

_Thrd_hardware_concurrency
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ

shlwapi

SHAutoComplete

comctl32

ord410
ord413

msimg32

GradientFill

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown

vcruntime140_1

__CxxFrameHandler4

vcruntime140

strstr
memmove
wcschr
memcmp
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
strchr
memcpy
memset
__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
__C_specific_handler
strrchr

api-ms-win-crt-string-l1-1-0

_strdup
strncmp
strcat_s
wcsnlen
wcslen
strcmp
strlen
wcscpy_s

api-ms-win-crt-heap-l1-1-0

_recalloc
realloc
malloc
_aligned_malloc
_aligned_realloc
_aligned_free
_callnewh
_expand
free

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_errno
_invalid_parameter_noinfo
_controlfp_s
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
abort
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-utility-l1-1-0

abs
rand
srand
_byteswap_ulong
_byteswap_ushort

api-ms-win-crt-math-l1-1-0

fabs
sqrt
frexp
ldexp
pow
llround
lround
floor

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vswprintf_s
__stdio_common_vsprintf_s

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-convert-l1-1-0

_wtol
atoi
_atoi64
_wtoi

advapi32

RegOpenKeyExW
RegGetValueW
RegQueryValueExW
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop
CoCreateGuid

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 611KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_dsp_eq.dll
.dll windows:6 windows x64 arch:x64

d7582ea976568cf13add40601fb6e78c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_dsp_eq.pdb

Imports

kernel32

GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
RaiseException
MulDiv
GetLastError
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
GetSystemTimeAsFileTime
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
SetLastError
GetCurrentProcess
ResetEvent
SetEvent
CreateEventW
MultiByteToWideChar
OutputDebugStringW
CloseHandle
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
lstrlenW
GetVersionExW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared

user32

UnregisterClassW
DestroyWindow
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
CallWindowProcW
SetTimer
ShowWindow
KillTimer
GetWindowRect
SetWindowPos
SetLayeredWindowAttributes
GetClientRect
GetSysColor
GetParent
EnumChildWindows
DeferWindowPos
GetWindowDC
ReleaseDC
BeginDeferWindowPos
EndDeferWindowPos
AdjustWindowRectEx
GetWindowLongW
GetDlgItem
ClientToScreen
CreateWindowExW
RegisterClassExW
GetClassInfoExW
LoadCursorW
FillRect
SetFocus
CreateDialogParamW
EndDialog
DialogBoxParamW
DrawFocusRect
GetClassNameW
GetWindow
PtInRect
GetWindowTextW
SetWindowTextW
CharLowerW
GetKeyState
GetClipboardData
CloseClipboard
OpenClipboard
AdjustWindowRect
EnableWindow
NotifyWinEvent
MessageBeep
GetFocus
IsRectEmpty
TrackMouseEvent
GetMessagePos
UnhookWindowsHookEx
SetWindowsHookExW
WindowFromPoint
DrawIconEx
DrawIcon
FrameRect
CallNextHookEx
GetNextDlgTabItem
GetMenuStringW
DrawFrameControl
GetDlgCtrlID
OffsetRect
CopyRect
GetMenuBarInfo
InflateRect
SystemParametersInfoW
SetWindowLongW
DrawTextW
SendMessageW
GetWindowTextLengthW
GetDC
MapWindowPoints
RedrawWindow
InvalidateRgn
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
SetCursor
SetCapture
GetCursorPos
ScreenToClient
PostMessageW
GetIconInfo
IntersectRect
BeginPaint
EndPaint
InvalidateRect
IsWindowEnabled
RegisterWindowMessageW

gdi32

ExtTextOutW
SetBkColor
DeleteObject
DeleteDC
GetStockObject
CreateFontIndirectW
SaveDC
RestoreDC
GetDeviceCaps
CreatePen
SetTextColor
SelectObject
GetCurrentObject
CreateRectRgn
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
FillRgn
FrameRgn
CreatePolygonRgn
GetTextExtentPoint32W
GetObjectW
IntersectClipRect
SetWindowOrgEx
OffsetWindowOrgEx
LPtoDP
GetTextMetricsW
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
OffsetRgn
GetBkColor
GetTextColor
SetBkMode
MoveToEx
LineTo
SetDCPenColor
SetDCBrushColor

oleaut32

VariantClear
SysAllocString
VariantInit

shared

uGetTextExtentPoint32
GetInfiniteWaitEvent
??1uCallStackTracker@@QEAA@XZ
uFormatSystemErrorMessage
??0uCallStackTracker@@QEAA@PEBD@Z
uExceptFilterProc
ModalDialog_Switch
uPrintCrashInfo_OnEvent
uBugCheck
uGetFontHeight
uGetOpenFileName

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ

comctl32

ImageList_DrawEx
ord410
ord413
ImageList_GetIconSize

uxtheme

DrawThemeBackground
DrawThemeTextEx
OpenThemeData
GetThemePartSize
CloseThemeData
IsThemePartDefined
SetWindowTheme

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdiplusShutdown
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__std_exception_destroy
__std_terminate
__C_specific_handler
strchr
__std_type_info_destroy_list
_CxxThrowException
__current_exception_context
__current_exception
memset
strstr
memcmp
memmove
memcpy
_purecall

api-ms-win-crt-runtime-l1-1-0

abort
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
terminate
_initterm
_initterm_e
_errno
_initialize_onexit_table
_invalid_parameter_noinfo

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
_expand
realloc
_recalloc

api-ms-win-crt-convert-l1-1-0

_wtol
atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_wcsicmp
_strdup
wcsnlen

api-ms-win-crt-math-l1-1-0

lround
pow
cos
sin

api-ms-win-crt-utility-l1-1-0

srand
rand

advapi32

RegGetValueW

shell32

ord74

ole32

CoCreateInstance
CreateStreamOnHGlobal
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_dsp_std.dll
.dll windows:6 windows x64 arch:x64

e2a6d3740746dd8e34aa1876648f6850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_dsp_std.pdb

Imports

kernel32

GetProcessHeap
DecodePointer
HeapAlloc
HeapFree
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleW
GetProcAddress
ResetEvent
SetEvent
CreateEventW
OutputDebugStringW
CloseHandle

user32

EndDialog
UnregisterClassW
DialogBoxParamW
SetWindowLongPtrW
DestroyWindow
EnableWindow
SetDlgItemInt
GetDlgItemInt
ShowWindow
SetWindowTextW
wsprintfW
SendDlgItemMessageW
wsprintfA
CreateDialogParamW
SendMessageW
GetDlgItem

shared

GetInfiniteWaitEvent
?calculate_peak@audio_math@@YANPEBN_K@Z
uPrintfV
uBugCheck
uPrintCrashInfo_OnEvent
uSetDlgItemText
uSetWindowText
uGetWindowText
ModalDialog_Switch
uExceptFilterProc
uSendMessageText
uGetDlgItemText

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__C_specific_handler
memmove
memset
memcpy
_CxxThrowException
__std_type_info_destroy_list
memcmp

api-ms-win-crt-heap-l1-1-0

calloc
_aligned_malloc
_aligned_free
_expand
malloc
_callnewh
_aligned_realloc
free
realloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_configure_narrow_argv

api-ms-win-crt-math-l1-1-0

lround
llround
cos
log10
pow
tanh
sin

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_fileops.dll
.dll windows:6 windows x64 arch:x64

67a1b4ca5bc67c56d7aaeae1fc078317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_fileops.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentThread
OutputDebugStringW
GetVolumePathNameW
CreateHardLinkW
GetTickCount64
WaitForSingleObject
CloseHandle
GlobalSize
GlobalUnlock
CreateEventW
SetEvent
ResetEvent
GlobalLock
GlobalAlloc
GlobalFree
LoadLibraryExW
GetTickCount
lstrlenW
VerSetConditionMask
VerifyVersionInfoW
GetThreadPriority
SetThreadPriority
ResumeThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
IsDebuggerPresent
GetCurrentProcess
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
DecodePointer
MoveFileExW
GetVersionExW
GetProcAddress
GetModuleHandleW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
DisableThreadLibraryCalls
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
RaiseException
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
GetLastError
GetFileAttributesW
SetLastError
InitializeCriticalSectionAndSpinCount

user32

RedrawWindow
ScrollWindowEx
SetScrollPos
GetWindowPlacement
IsIconic
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
MonitorFromRect
GetMenu
GetClipboardData
CloseGestureInfoHandle
GetGestureInfo
CloseClipboard
OpenClipboard
AdjustWindowRect
GetNextDlgTabItem
RegisterWindowMessageW
CopyRect
MapWindowPoints
ReleaseDC
GetDC
AdjustWindowRectEx
MapDialogRect
IsZoomed
FillRect
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetScrollInfo
GetDlgCtrlID
DrawFrameControl
GetWindowTextLengthW
GetWindowTextW
CallNextHookEx
WindowFromPoint
NotifyWinEvent
SetWindowsHookExW
UnhookWindowsHookEx
FrameRect
SystemParametersInfoW
OffsetRect
InvalidateRgn
DrawEdge
InflateRect
GetMessagePos
GetWindowDC
TrackMouseEvent
DrawTextW
IsWindowVisible
EnumThreadWindows
GetSystemMetrics
CharLowerW
SetActiveWindow
GetSysColor
IsRectEmpty
DestroyMenu
MonitorFromPoint
RegisterClassW
CreatePopupMenu
TrackPopupMenuEx
AppendMenuW
GetFocus
MessageBeep
SetWindowTextW
GetDlgItem
GetActiveWindow
GetMonitorInfoW
GetKeyState
PostMessageW
GetParent
CreateDialogParamW
SetTimer
SetCursor
SetCapture
KillTimer
SetFocus
GetCursorPos
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
PtInRect
ClientToScreen
IntersectRect
ScreenToClient
GetWindowRect
EnableWindow
ShowWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
IsWindowEnabled
InvalidateRect
EndPaint
BeginPaint
GetClientRect
SetLayeredWindowAttributes
CallWindowProcW
DefWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
DestroyWindow
UnregisterClassW
SendMessageW

gdi32

RestoreDC
LPtoDP
SetWindowOrgEx
SaveDC
GetTextMetricsW
SelectObject
CreateCompatibleDC
OffsetWindowOrgEx
GetDeviceCaps
IntersectClipRect
CreateCompatibleBitmap
SetViewportOrgEx
FillRgn
CombineRgn
CreateFontIndirectW
SetDCPenColor
LineTo
MoveToEx
SetBkMode
GetObjectW
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
OffsetRgn
FrameRgn
SetDCBrushColor
GetStockObject
BitBlt
CreatePolygonRgn
DeleteObject
ExtTextOutW
SetBkColor
SetTextColor
DeleteDC

shell32

ord74
SHFileOperationW

oleaut32

VariantClear
VariantInit
SysAllocString

shared

uBrowseForFolder
PokeWindow
uGetWindowText
uShellExecute
ModalDialog_Switch
uGetOpenFileName
stricmp_utf8_ex
ModalDialog_PokeExisting
uSetWindowText
GetInfiniteWaitEvent
?g_from_system@t_font_description@@SA?AU1@H@Z
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
uExceptFilterProc
stricmp_utf8
uGetFileAttributes
??0uCallStackTracker@@QEAA@PEBD@Z
??1uCallStackTracker@@QEAA@XZ
FindOwningPopup
uFormatSystemErrorMessage
ModalDialog_CanCreateNew
uAddStringLower
uPrintCrashInfo_OnEvent
uBugCheck
uEvalKnownFolder

msvcp140

?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z

shlwapi

SHAutoComplete

comctl32

ord413
ord410

msimg32

GradientFill

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__C_specific_handler
strrchr
memset
strstr
memcpy
memmove
strchr
memcmp
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

abort
_invalid_parameter_noinfo
_errno
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-string-l1-1-0

strncmp
_strdup
strcmp
wcsnlen
wcslen
strlen

api-ms-win-crt-heap-l1-1-0

malloc
_recalloc
free
_expand
_callnewh
realloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s

api-ms-win-crt-math-l1-1-0

pow
fabs
sqrt
lround

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-convert-l1-1-0

_wtol

uxtheme

SetWindowTheme
DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData

advapi32

RegGetValueW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_freedb2.dll
.dll windows:6 windows x64 arch:x64

8b1e390e863c501308f940b0d8b63b6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_freedb2.pdb

Imports

kernel32

GetProcessHeap
RaiseException
HeapReAlloc
HeapAlloc
DecodePointer
HeapSize
HeapFree
HeapDestroy
LeaveCriticalSection
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
GetSystemTimeAsFileTime
OutputDebugStringW
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
SetLastError
GetThreadPriority
SetThreadPriority
GetCurrentThread
SetEvent
GetTickCount64
GetCurrentProcess
ResetEvent
CloseHandle
IsDebuggerPresent
WaitForSingleObject
CreateEventW
GlobalUnlock
GlobalLock
GetVersionExW
GlobalSize
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetModuleHandleW
GetProcAddress
lstrlenW
InitializeCriticalSection

user32

GetWindowLongPtrW
DefWindowProcW
GetParent
LoadCursorW
DrawEdge
RegisterClassW
GetDlgItemInt
MessageBeep
GetClassInfoExW
RegisterClassExW
CopyRect
AdjustWindowRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetFocus
WindowFromPoint
FillRect
EndDialog
DialogBoxParamW
DrawTextW
GetWindowTextW
GetWindowTextLengthW
IsWindowEnabled
GetSysColor
EndPaint
BeginPaint
DestroyWindow
GetWindowLongW
PostMessageW
SetWindowLongW
SetWindowPos
SetWindowTextW
GetKeyState
UpdateWindow
InvalidateRect
SendMessageW
GetDlgItem
SetWindowLongPtrW
UnregisterClassW
MessageBoxW
ShowWindow
EnableWindow
CreateDialogParamW
LoadIconW
CreateWindowExW
GetClipboardData
CloseClipboard
GetWindowRect
MapWindowPoints
GetClientRect
BeginDeferWindowPos
DeferWindowPos
IsZoomed
EndDeferWindowPos
MapDialogRect
AdjustWindowRectEx
IntersectRect
CallWindowProcW
OpenClipboard

gdi32

CreateFontIndirectW
DeleteObject
SetTextColor
SetBkMode
GetObjectW
GetTextExtentPoint32W
SelectObject

advapi32

CryptCreateHash
CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptGetHashParam

shared

uFormatSystemErrorMessage
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uSetDlgItemText
uGetDlgItemText
ModalDialog_Switch
GetInfiniteWaitEvent
uGetWindowText
uSetWindowText
??0uCallStackTracker@@QEAA@PEBD@Z
stricmp_utf8_ex
uPrintCrashInfo_OnEvent
uBugCheck
stricmp_utf8
uExceptFilterProc
??1uCallStackTracker@@QEAA@XZ

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

strstr
strchr
_purecall
__std_exception_copy
memset
memcpy
memmove
__current_exception
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
__std_exception_destroy
__std_terminate
__C_specific_handler
memcmp

api-ms-win-crt-string-l1-1-0

wcsnlen
_strdup
strncmp
strcmp
strlen

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_errno
_initterm_e
_invalid_parameter_noinfo
_initterm
_cexit
_crt_atexit
abort
_execute_onexit_table
_register_onexit_function
terminate
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

_expand
_callnewh
_recalloc
free
malloc
realloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vswprintf_s

api-ms-win-crt-math-l1-1-0

llround
lround

api-ms-win-crt-utility-l1-1-0

srand
rand

uxtheme

SetWindowTheme

ole32

CoCreateInstance

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_input_std.dll
.dll windows:6 windows x64 arch:x64

87a55a30fe2a72806a6978f12e5ae61f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_input_std.pdb

Imports

zlib1

inflateEnd
inflate
inflateInit_

msacm32

acmStreamPrepareHeader
acmStreamClose
acmFormatTagDetailsW
acmFormatSuggest
acmStreamUnprepareHeader
acmStreamOpen
acmStreamConvert

avcodec-fb2k-60

avcodec_find_decoder
avcodec_alloc_context3
avcodec_open2
avcodec_close
avcodec_send_packet
avcodec_receive_frame
av_init_packet
av_packet_unref
avcodec_parameters_to_context
avcodec_free_context
avcodec_flush_buffers
avcodec_parameters_free
avcodec_parameters_alloc
avcodec_parameters_from_context

avformat-fb2k-60

avio_alloc_context
avio_context_free
avformat_close_input
avformat_alloc_context
avformat_open_input
avformat_find_stream_info
av_find_best_stream
av_seek_frame
av_read_frame

avutil-fb2k-58

av_dict_free
av_free
av_frame_unref
av_crc_get_table
av_version_info
av_malloc
av_dict_set
av_mallocz
av_crc

kernel32

DeviceIoControl
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionEx
GetCurrentThreadId
RaiseException
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
MulDiv
VirtualFree
DecodePointer
FreeLibrary
GetProcAddress
GetVersionExW
SetEvent
GetStdHandle
CreateFileW
GetCurrentProcessId
OutputDebugStringW
GetCurrentThread
GlobalLock
GlobalUnlock
CreateEventW
WaitForSingleObject
ResetEvent
WaitForMultipleObjects
GetModuleHandleW
Sleep
GetThreadPriority
SetThreadPriority
ResumeThread
SystemTimeToFileTime
lstrlenW
LoadLibraryExW
InterlockedPushEntrySList
VirtualAlloc
GetLastError
SetLastError
WideCharToMultiByte
GetDriveTypeW
MultiByteToWideChar
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
RtlVirtualUnwind
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
RtlCaptureContext
GetTickCount64
GlobalSize
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
SetFileAttributesW
DeleteFileW
GetFileSize
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
GetCurrentProcess
FlushInstructionCache
LoadLibraryExA
UnhandledExceptionFilter

user32

DrawEdge
AdjustWindowRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
CopyRect
MonitorFromRect
GetMonitorInfoW
IsIconic
GetWindowPlacement
IsWindowVisible
EnumThreadWindows
GetSystemMetrics
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
GetClipboardData
GetDlgItemInt
MessageBoxW
SetWindowTextW
ClientToScreen
RegisterClassW
IsZoomed
CreateWindowExW
LoadCursorW
GetMenu
AdjustWindowRectEx
MapWindowPoints
GetWindowRect
SetFocus
InvalidateRect
CreateDialogParamW
MessageBeep
GetDC
ShowWindow
GetSysColor
UpdateWindow
GetDlgItem
SendDlgItemMessageW
SetDlgItemInt
CallWindowProcW
DefWindowProcW
FillRect
GetWindowLongPtrW
SetWindowLongPtrW
DestroyWindow
GetKeyState
EnableWindow
DrawTextW
GetClassInfoExW
RegisterClassExW
EndDeferWindowPos
GetWindowLongW
SetWindowLongW
DeferWindowPos
SetWindowPos
GetFocus
BeginDeferWindowPos
TrackMouseEvent
GetDlgCtrlID
PostMessageW
EndPaint
IsWindowEnabled
BeginPaint
DrawFrameControl
GetClientRect
ReleaseDC
GetParent
GetWindowDC
UnregisterClassW
SendMessageW
wsprintfW
WindowFromPoint
CloseClipboard
OpenClipboard
MapDialogRect
GetWindowTextW
GetWindowTextLengthW
CharLowerW
OffsetRect
SystemParametersInfoW
IntersectRect

gdi32

SelectObject
GetTextExtentPoint32W
SetTextColor
SetBkMode
GetDeviceCaps
GetBkColor
GetTextColor
SetBkColor
CreateFontIndirectW
GetObjectW
DeleteObject
DeleteDC
GetStockObject

shell32

DragFinish

shared

uDeleteFile
uSendMessageText
uAddStringLower
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uGetOpenFileName
?convert_to_int16@audio_math@@YAXPEBN_KPEAFN@Z
?convert_from_int16@audio_math@@YAXPEBF_KPEANN@Z
?convert_from_int32@audio_math@@YAXPEBH_KPEANN@Z
uExceptFilterProc
stricmp_utf8_ex
uCharUpper
uCharLower
uDragQueryFileCount
uDragQueryFile
uGetWindowText
stricmp_utf8_partial
??0uCallStackTracker@@QEAA@PEBD@Z
??1uCallStackTracker@@QEAA@XZ
PokeWindow
uSetWindowText
uGetDlgItemText
uFormatSystemErrorMessage
GetInfiniteWaitEvent
uReplaceStringAdd
CreateFileAbortable
uBugCheck
uPrintCrashInfo_OnEvent
uAddStringUpper
LoadSystemLibrary
uGetTempPath
uGetTempFileName
stricmp_utf8

msvcp140

?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z

shlwapi

StrCmpLogicalW

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

uxtheme

SetWindowTheme
DrawThemeBackground
OpenThemeData
CloseThemeData

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
strrchr
memcpy
_CxxThrowException
__std_terminate
__current_exception_context
__current_exception
wcschr
memmove
__C_specific_handler
__std_exception_copy
__std_exception_destroy
memset
memcmp
wcsrchr
strchr
memchr
strstr
_purecall

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_controlfp_s
_beginthreadex
abort
_errno
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo
exit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vfprintf
fclose
__acrt_iob_func
__stdio_common_vswprintf_s

api-ms-win-crt-convert-l1-1-0

atoi
_itoa_s
atoll
strtod
_wtoi
_atoi64

api-ms-win-crt-string-l1-1-0

strcmp
strlen
wcscpy_s
_wcsicmp
_strdup
strcpy_s
wcscat_s
wcsnlen
towlower
strncmp
_strnicmp
strcat_s
isdigit
isalnum
wcslen

api-ms-win-crt-heap-l1-1-0

malloc
_expand
realloc
calloc
_aligned_malloc
_aligned_realloc
_aligned_free
_recalloc
free
_callnewh

api-ms-win-crt-math-l1-1-0

ldexp
lround
llround
log10f
floor
fabs
log
exp
sqrt
pow
acos
atan
exp2
sin
cos
cosf
log10

api-ms-win-crt-utility-l1-1-0

rand
srand
labs
abs
qsort

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid

Exports

Exports

ConvertFile
ConvertFileW
ConvertFileW2
CreateIAPEDecompress
CreateIAPEDecompressEx
CreateIAPEDecompressEx2
DecompressFile
DecompressFileW
DecompressFileW2
FillRF64Header
FillWaveFormatEx
FillWaveHeader
GetAPECompressionLevelName
GetAPEFileType
VerifyFile
VerifyFileW
VerifyFileW2
foobar2000_get_interface

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_ui_std.dll
.dll windows:6 windows x64 arch:x64

da718e7d6467c43411093e686818e513

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_ui_std.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_DrawEx
ord413
ImageList_ReplaceIcon
ImageList_Create
ord410
ord412
ImageList_Destroy
ImageList_GetIconSize

gdiplus

GdipCloneImage
GdipLoadImageFromStream
GdipGraphicsClear
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateHICONFromBitmap
GdipBitmapLockBits
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipDrawLineI
GdipDrawLinesI
GdipDrawImageRectI
GdipDrawImageI
GdipDrawLines
GdipDeletePen
GdipCreatePen1
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetCompositingMode
GdipDrawImageRect
GdiplusShutdown

uxtheme

DrawThemeTextEx
GetThemePartSize
SetWindowTheme
OpenThemeData
CloseThemeData
IsThemePartDefined
DrawThemeBackground
EnableThemeDialogTexture

kernel32

DecodePointer
DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
GetSystemTimeAsFileTime
IsDebuggerPresent
GetCurrentProcess
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetVersion
ResetEvent
SetEvent
CreateEventW
ResumeThread
SetThreadPriority
GetThreadPriority
ReleaseSRWLockShared
GetCurrentThread
OutputDebugStringW
WaitForSingleObject
WaitForMultipleObjects
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
LoadLibraryExW
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryExA
GetProcAddress
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
InitializeCriticalSectionEx
GetCurrentThreadId
RaiseException
SetLastError
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetLogicalProcessorInformation
MulDiv
GlobalSize
GetCurrentProcessId
GetTickCount64
AcquireSRWLockShared
lstrlenW
MultiByteToWideChar

user32

FrameRect
LoadMenuW
IsDialogMessageW
GetMenu
GetWindowDC
GetWindow
GetIconInfo
GetDlgCtrlID
DrawFrameControl
GetWindowTextW
ValidateRect
GetSubMenu
EnableMenuItem
TranslateAcceleratorW
LoadAcceleratorsW
RegisterClipboardFormatW
CharUpperW
CharLowerW
GetMenuItemID
SetWindowPlacement
EnumDisplayMonitors
UnionRect
EnumThreadWindows
GetWindowPlacement
CloseClipboard
OpenClipboard
AdjustWindowRect
NotifyWinEvent
InvalidateRgn
SetScrollPos
SetScrollInfo
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuState
GetScrollInfo
IsZoomed
GetMenuStringW
DrawIcon
GetMenuBarInfo
MapDialogRect
DestroyAcceleratorTable
DrawFocusRect
GetWindowTextLengthW
GetClassNameW
TrackMouseEvent
PtInRect
FillRect
DrawIconEx
SetWindowTextW
MonitorFromWindow
InvalidateRect
SendDlgItemMessageW
PostMessageW
SendMessageW
GetDlgItem
AppendMenuW
SetWindowLongPtrW
GetWindowLongPtrW
DefWindowProcW
CallWindowProcW
DestroyWindow
CreateWindowExW
RegisterClassExW
GetClassInfoExW
LoadCursorW
TrackPopupMenu
InflateRect
PeekMessageW
wsprintfW
GetMenuItemCount
UnhookWindowsHookEx
TrackPopupMenuEx
SetWindowsHookExW
keybd_event
MapWindowPoints
CallNextHookEx
SystemParametersInfoW
GetWindowThreadProcessId
IsWindow
IsChild
AdjustWindowRectEx
GetCapture
GetSystemMetrics
DrawEdge
DestroyMenu
MonitorFromPoint
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CreatePopupMenu
CheckMenuRadioItem
SetMenuDefaultItem
GetSysColor
ScrollWindow
GetSysColorBrush
IsIconic
RegisterWindowMessageW
SetRectEmpty
UpdateWindow
GetClipboardData
IsClipboardFormatAvailable
RegisterClassW
UnregisterClassW
CreateDialogParamW
GetActiveWindow
SetForegroundWindow
DrawTextW
ReleaseDC
GetDC
EqualRect
IntersectRect
ScrollWindowEx
EndPaint
BeginPaint
ReleaseCapture
SetCapture
SetDlgItemTextW
GetNextDlgTabItem
IsRectEmpty
DestroyIcon
LoadImageW
SetFocus
GetWindowRect
ScreenToClient
RedrawWindow
GetMessagePos
GetParent
GetWindowLongW
GetClientRect
ClientToScreen
SetWindowPos
SetTimer
ShowWindow
KillTimer
SetLayeredWindowAttributes
IsWindowEnabled
SetWindowLongW
EnableWindow
GetKeyState
IsWindowVisible
BringWindowToTop
GetCursorPos
WindowFromPoint
SetCursor
GetFocus
MessageBeep
SetDlgItemInt
GetDlgItemInt
MonitorFromRect
GetMonitorInfoW
CopyRect
OffsetRect

gdi32

OffsetWindowOrgEx
LPtoDP
GetTextMetricsW
FrameRgn
CreatePolygonRgn
SetTextAlign
OffsetRgn
CreatePen
GetDeviceCaps
RestoreDC
SaveDC
GetStockObject
CreateRectRgn
CreateRectRgnIndirect
GetCurrentObject
SetBkColor
SetTextColor
DeleteObject
DeleteDC
SelectObject
CreateCompatibleBitmap
SetDCBrushColor
BitBlt
StretchBlt
FillRgn
SetBkMode
ExtTextOutW
CreateFontIndirectW
IntersectClipRect
SelectClipRgn
GetClipRgn
GetObjectW
SetViewportOrgEx
CreateSolidBrush
GetTextExtentPoint32W
SetDCPenColor
LineTo
MoveToEx
CreateDIBSection
GetTextColor
GetBkColor
SetWindowOrgEx
CombineRgn
CreateCompatibleDC

shell32

ord74

ole32

CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoCreateGuid
OleSetClipboard
ReleaseStgMedium
OleGetClipboard
RegisterDragDrop
RevokeDragDrop
CoCreateInstance
DoDragDrop

shared

uStringCompare
??0uCallStackTracker@@QEAA@PEBD@Z
uGetOpenFileName
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
uGetTempFileName
uGetTempPath
uPrintfV
uGetWindowText
uAppendMenu
PokeWindow
uGetDlgItemText
uSetDlgItemText
uSetWindowText
stricmp_utf8
uExceptFilterProc
uSendMessageText
stricmp_utf8_ex
uPrintCrashInfo_OnEvent
uBugCheck
uGetFontHeight
FindOwningPopup
?calculate_peak@audio_math@@YANPEBN_K@Z
?g_from_system@t_font_description@@SA?AU1@H@Z
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
?popup_dialog@t_font_description@@QEAA_NPEAUHWND__@@@Z
uChooseColor
uShellExecute
uBrowseForFolder
ModalDialog_Switch
uFixAmpersandChars_v2
uDragQueryFileCount
uDragQueryFile
uGetModuleFileName
uGetTextExtentPoint32
uFixAmpersandChars
uLoadImage
uShellNotifyIconEx
uShellNotifyIcon
uAddStringUpper
GetInfiniteWaitEvent
uFormatSystemErrorMessage
uCharLower
uGetMenuItemType
uGetMenuString
uModifyMenu
?scale@audio_math@@YAXPEBN_KPEANN@Z
??1uCallStackTracker@@QEAA@XZ
uSetClipboardRawData

msvcp140

?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Thrd_hardware_concurrency
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xlength_error@std@@YAXPEBD@Z

msvcp140_atomic_wait

__std_atomic_wait_direct
__std_atomic_notify_one_direct

shlwapi

SHAutoComplete
StrCmpLogicalW
ord12

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler
memmove
strchr
memcpy
__std_exception_copy
__std_exception_destroy
__std_terminate
memset
memcmp
wcschr
memchr
strstr
__current_exception
__current_exception_context
_CxxThrowException
_purecall
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

wcscmp
_strdup
_wcsicmp
strncmp
strlen
wcscpy_s
strcmp
strncpy_s
wcsncpy_s
_wcsnicmp
wcsnlen
wcslen
tolower
wcscat_s

api-ms-win-crt-runtime-l1-1-0

abort
_configure_narrow_argv
_resetstkoflw
_initialize_onexit_table
_beginthreadex
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
terminate
_initterm_e
_initterm
_invalid_parameter_noinfo
_seh_filter_dll
_errno

api-ms-win-crt-heap-l1-1-0

malloc
free
_aligned_realloc
_aligned_malloc
_expand
_callnewh
realloc
_recalloc
_aligned_free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vswprintf_s

api-ms-win-crt-utility-l1-1-0

srand
labs
rand

api-ms-win-crt-math-l1-1-0

lround
log10
sin
exp
fmod
ceil
log
floor
cos
pow
ceilf
fabs
llround
sqrt
tanh

api-ms-win-crt-convert-l1-1-0

_wtol
atoi
_atoi64

advapi32

RegGetValueW

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_unpack.dll
.dll windows:6 windows x64 arch:x64

0ccab25df4128327bfb476a7dd4a1b62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foo_unpack.pdb

Imports

kernel32

GetSystemDirectoryW
CreateEventW
LoadLibraryW
SetThreadExecutionState
EnterCriticalSection
ReleaseSemaphore
GetProcessAffinityMask
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
SetEvent
CreateThread
ResetEvent
DeleteCriticalSection
CreateSemaphoreW
LocalFileTimeToFileTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
CompareStringW
GetCPInfo
MultiByteToWideChar
IsDBCSLeadByte
WideCharToMultiByte
LocalFree
GetCurrentThreadId
GetModuleHandleW
GetModuleHandleA
GetSystemInfo
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
DosDateTimeToFileTime
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
SetThreadAffinityMask
ResumeThread
SetThreadPriority
FreeLibrary
GetProcAddress
GetCurrentDirectoryW
FoldStringW
GetVersionExW
FindClose
FindFirstFileW
GetCurrentProcessId
GetFileAttributesW
SetFilePointer
ReadFile
MoveFileW
GetShortPathNameW
GetLongPathNameW
CloseHandle
DeleteFileW
CreateFileW
CreateHardLinkW
SetFileTime
RemoveDirectoryW
DeviceIoControl
GetCurrentProcess
CreateDirectoryW
GetLastError
Sleep
AreFileApisANSI
GetFileType
GetStdHandle
InitializeCriticalSectionEx
InitializeSListHead
DisableThreadLibraryCalls
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
InitOnceBeginInitialize
InitOnceComplete
IsDebuggerPresent
OutputDebugStringW
AcquireSRWLockShared
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetTickCount64
SetLastError

user32

CharUpperW
CharLowerW
CharToOemBuffW
CharToOemA
OemToCharBuffA
OemToCharA

advapi32

AllocateAndInitializeSid
FreeSid
CheckTokenMembership
LookupPrivilegeValueW
AdjustTokenPrivileges
SetFileSecurityW
OpenProcessToken

ole32

CoCreateInstance
CoCreateGuid
CoSetProxyBlanket

oleaut32

SysAllocStringLen
VariantCopy
SysAllocString
SysStringLen
SysFreeString
VariantClear

zlib1

inflateInit2_
crc32
inflateReset
inflate
inflateEnd

shared

uBugCheck
??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
stricmp_utf8
uFormatSystemErrorMessage
uGetTempPath
uPrintCrashInfo_OnEvent
GetInfiniteWaitEvent

msvcp140

?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memmove
memset
memcmp
memcpy
wcsrchr
wcsstr
strstr
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__current_exception_context
_CxxThrowException
__std_type_info_destroy_list
wcschr
__current_exception
strchr
__C_specific_handler
strrchr

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
exit
abort
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-string-l1-1-0

wcsncpy
_wcsdup
strlen
wcspbrk
wcsncmp
_wcsicmp
strncmp
_strdup

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
malloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-math-l1-1-0

lround

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
concrt140.dll
.dll windows:6 windows x64 arch:x64

a9a0a05dfeb346f520c897893cc76aa1

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:49:ff:7f:d8:9d:b5:da:ba:15:2a:ce:2f:a6:78:42:0c:35:b1:c1:53:1e:05:e4:85:b7:f5:ea:90:98:b0:af
Signer

Actual PE Digest

87:49:ff:7f:d8:9d:b5:da:ba:15:2a:ce:2f:a6:78:42:0c:35:b1:c1:53:1e:05:e4:85:b7:f5:ea:90:98:b0:af

Digest Algorithm

sha256

PE Digest Matches

true

87:49:ff:7f:d8:9d:b5:da:ba:15:2a:ce:2f:a6:78:42:0c:35:b1:c1:53:1e:05:e4:85:b7:f5:ea:90:98:b0:af
Signer

Actual PE Digest

87:49:ff:7f:d8:9d:b5:da:ba:15:2a:ce:2f:a6:78:42:0c:35:b1:c1:53:1e:05:e4:85:b7:f5:ea:90:98:b0:af

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\concrt140.amd64.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__uncaught_exception
memcpy
__C_specific_handler
__RTDynamicCast
__current_exception
__current_exception_context
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_cexit
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-math-l1-1-0

exp
sqrt

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vswprintf_s
__acrt_iob_func
fflush

kernel32

GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetThreadTimes
EncodePointer
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
GetProcAddress
SetLastError
SetThreadpoolTimer
CreateSemaphoreExW
ReleaseSemaphore
InitializeSListHead
VerifyVersionInfoW
SetProcessAffinityMask
GetProcessAffinityMask
VirtualFree
FlushProcessWriteBuffers
VerSetConditionMask
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetTickCount64
GetCurrentProcessorNumberEx
TlsFree
TlsSetValue
TlsGetValue
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
GetCurrentThread
CloseHandle
DuplicateHandle
GetLastError
SetEvent
WaitForSingleObjectEx
GetThreadPriority
GetCurrentThreadId
InitializeCriticalSectionEx
CreateEventExW
Sleep
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
TlsAlloc

Exports

Exports

??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Runtime_object@details@Concurrency@@QEAA@H@Z
??0_Runtime_object@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z
??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z
??0agent@Concurrency@@QEAA@XZ
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1agent@Concurrency@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
?AgentEventGuid@Concurrency@@3U_GUID@@B
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?ChoreEventGuid@Concurrency@@3U_GUID@@B
?ConcRTEventGuid@Concurrency@@3U_GUID@@B
?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B
?ContextEventGuid@Concurrency@@3U_GUID@@B
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?LockEventGuid@Concurrency@@3U_GUID@@B
?Log2@details@Concurrency@@YAK_K@Z
?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z
?NFS_Free@details@Concurrency@@YAXPEAX@Z
?NFS_GetLineSize@details@Concurrency@@YA_KXZ
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SchedulerEventGuid@Concurrency@@3U_GUID@@B
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetCombinableSize@details@Concurrency@@YA_KXZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAX1@ZP6AX2PEBX1@Z5@Z
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z
?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KPEAXP6AX10@ZP6AX1PEBX0@Z@Z
?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAXPEBX1@Z@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ
?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEAX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z
?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z
?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00@Z
?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00P6AXPEAX0@ZP6AX1PEBX0@Z3@Z
?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ
?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IEBAX_K@Z
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?cancel@agent@Concurrency@@QEAA_NXZ
?current@location@Concurrency@@SA?AV12@XZ
?done@agent@Concurrency@@IEAA_NXZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?is_current_task_group_canceling@Concurrency@@YA_NXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?start@agent@Concurrency@@QEAA_NXZ
?status@agent@Concurrency@@QEAA?AW4agent_status@2@XZ
?status_port@agent@Concurrency@@QEAAPEAV?$ISource@W4agent_status@Concurrency@@@2@XZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@agent@Concurrency@@SA?AW4agent_status@2@PEAV12@I@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_all@agent@Concurrency@@SAX_KPEAPEAV12@PEAW4agent_status@2@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?wait_for_one@agent@Concurrency@@SAX_KPEAPEAV12@AEAW4agent_status@2@AEA_KI@Z

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
doc/Query Syntax Help.html
.html
doc/license.html
doc/titleformat_help.css
doc/titleformat_help.html
foobar2000 Shell Associations Updater.exe
.exe windows:6 windows x64 arch:x64

c5492fa710dc1f3248fb549a0294332e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Sources\foobar2000\foobar2000\x64\Release\foobar2000 Shell Associations Updater.pdb

Imports

kernel32

GetModuleHandleW
DeleteCriticalSection
GetFileSize
GetProcAddress
CloseHandle
GetLastError
CreateFileW
InitializeCriticalSectionEx
ReadFile
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
OutputDebugStringW
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId

user32

CharLowerW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey

shell32

CommandLineToArgvW
SHChangeNotify

shlwapi

SHDeleteKeyW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler
__current_exception_context
_CxxThrowException
__std_terminate
memset
__current_exception
__std_exception_destroy
__std_exception_copy
memcpy

api-ms-win-crt-string-l1-1-0

wcslen
_wcsicmp
strlen

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
free
malloc
_callnewh

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_get_wide_winmain_command_line
terminate
_register_onexit_function
_crt_atexit
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_seh_filter_exe
_exit
_configure_wide_argv
_initialize_wide_environment
exit
_initterm_e
_initialize_onexit_table
_initterm
_set_app_type

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
foobar2000.exe
.exe windows:6 windows x64 arch:x64

a2b9970c68a976f284a711dcbbb8de3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\foobar2000.pdb

Imports

comctl32

ImageList_Destroy
ord410
ImageList_Create
ImageList_Add
ord17
ord412
ord413

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

shlwapi

SHAutoComplete
ord12
SHDeleteKeyW
StrCmpLogicalW

uxtheme

SetWindowTheme
IsThemePartDefined
GetThemePartSize
DrawThemeBackground
OpenThemeData
EnableThemeDialogTexture
CloseThemeData

kernel32

GetSystemPowerStatus
VerifyVersionInfoW
VerSetConditionMask
GlobalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
ResumeThread
GetLocaleInfoW
GetNumberFormatW
DecodePointer
GlobalSize
Sleep
SetErrorMode
LoadLibraryW
CreateEventW
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
SetEndOfFile
GetFileTime
FlushFileBuffers
CreateFileW
GetDiskFreeSpaceExW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceComplete
InitOnceBeginInitialize
MoveFileExW
SystemTimeToTzSpecificLocalTime
NormalizeString
TryEnterCriticalSection
OutputDebugStringW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
DeviceIoControl
SetFileTime
SetFilePointer
DosDateTimeToFileTime
GetFileSizeEx
FileTimeToSystemTime
GetSystemTimeAsFileTime
ReadDirectoryChangesW
GetThreadPriority
GetThreadId
GetFileInformationByHandle
GetCurrentProcess
DuplicateHandle
WriteFile
CancelIo
GetOverlappedResult
ReadFile
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCommandLineW
LoadLibraryExW
lstrlenW
GetNativeSystemInfo
GetVersionExW
PowerCreateRequest
PowerClearRequest
PowerSetRequest
SetLastError
EnterCriticalSection
SetThreadPriority
LeaveCriticalSection
GetTickCount64
DeleteCriticalSection
GetFileAttributesExW
FindNextFileW
FindClose
GetCurrentThread
SetEvent
ResetEvent
GetExitCodeThread
GetCurrentProcessId
VirtualQuery
VirtualProtect
GetSystemInfo
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
CopyFileW
IsDebuggerPresent
FreeLibrary
SetDllDirectoryW
CloseHandle
WaitForSingleObject
GetModuleHandleW
GetProcAddress
GetTickCount
GetProcessHeap
CreateMutexW
InitializeCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
InitializeCriticalSectionEx
GetLastError
RaiseException
WaitForSingleObjectEx

user32

SendMessageW
ShowWindow
EnableWindow
SetWindowTextW
DestroyWindow
UnregisterClassW
CreateDialogParamW
SetWindowLongPtrW
SendDlgItemMessageW
GetActiveWindow
GetWindowLongW
GetClientRect
ClientToScreen
GetWindowRect
SetWindowPos
SetLayeredWindowAttributes
CharUpperW
GetComboBoxInfo
GetSystemMetrics
EnumThreadWindows
GetWindowPlacement
IsIconic
AdjustWindowRect
DrawEdge
SetClipboardData
CloseClipboard
OpenClipboard
FillRect
GetWindowTextLengthW
GetWindowTextW
GetDlgItem
NotifyWinEvent
RedrawWindow
IsRectEmpty
DrawTextW
TrackMouseEvent
InflateRect
FrameRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
SystemParametersInfoW
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
MapDialogRect
IsZoomed
SetMenuItemInfoW
GetMenuItemInfoW
GetDC
BeginPaint
MapVirtualKeyW
AdjustWindowRectEx
EndPaint
InvalidateRect
IsWindowEnabled
SetWindowLongW
PostMessageW
CreateWindowExW
ScreenToClient
IntersectRect
PtInRect
DefWindowProcW
GetMenu
IsDialogMessageW
DrawTextExW
GetWindow
MonitorFromWindow
LoadIconW
RegisterClipboardFormatW
wsprintfW
AllowSetForegroundWindow
EnumWindows
GetClassNameW
GetWindowThreadProcessId
WindowFromPoint
CheckMenuRadioItem
GetClipboardData
IsCharAlphaW
RegisterShellHookWindow
DeregisterShellHookWindow
IsClipboardFormatAvailable
LoadImageW
RegisterWindowMessageW
RegisterClassW
DispatchMessageW
GetDesktopWindow
OffsetRect
CopyRect
MonitorFromRect
CharLowerW
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EmptyClipboard
IsWindowVisible
MoveWindow
TranslateMessage
PostQuitMessage
GetMessageW
MsgWaitForMultipleObjects
GetCursorPos
SetFocus
KillTimer
SetCapture
SetCursor
LoadCursorW
SetTimer
RegisterClassExW
GetClassInfoExW
PeekMessageW
CallWindowProcW
GetWindowDC
ReleaseDC
DrawFrameControl
GetParent
GetKeyState
GetMessagePos
AppendMenuW
TrackPopupMenu
CreatePopupMenu
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
MessageBoxW
EndDialog
DialogBoxParamW
MessageBeep
SetActiveWindow
EnumChildWindows
MapWindowPoints
SetMenuDefaultItem
TrackPopupMenuEx
GetDlgCtrlID
GetSysColor
GetFocus
TranslateAcceleratorW
LoadAcceleratorsW
DestroyAcceleratorTable
RegisterHotKey
UnregisterHotKey
SetDlgItemTextW
IsChild
SetForegroundWindow
GetWindowLongPtrW

gdi32

SetDCBrushColor
GetStockObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutW
SetBkColor
SetTextColor
DeleteDC
DeleteObject
GetObjectW
CreateFontIndirectW
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
SetBkMode
OffsetRgn
GetDeviceCaps
GetTextMetricsW
LPtoDP
SaveDC
RestoreDC
OffsetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreatePolygonRgn
FrameRgn
FillRgn
SetViewportOrgEx
BitBlt
CombineRgn
SetDCPenColor
LineTo
MoveToEx

advapi32

CryptImportKey
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyW
RegDeleteValueW
CryptGetHashParam
CryptVerifySignatureW
CryptHashData
CryptCreateHash
RegGetValueW
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegEnumValueW
CryptAcquireContextW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteExW
SHGetDesktopFolder
SHOpenFolderAndSelectItems
SHGetFolderPathW
ord74
SHCreateItemFromIDList
DragAcceptFiles
DragFinish
ord680

ole32

CoCreateInstance
OleSetClipboard
OleGetClipboard
CoTaskMemFree
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
ReleaseStgMedium
CoCreateGuid
RevokeDragDrop
CoUninitialize
CoInitialize
RegisterDragDrop
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
DoDragDrop

oleaut32

SysAllocString
VariantClear
VariantInit

zlib1

inflate
inflateInit2_
crc32
inflateEnd

sqlite3

sqlite3_changes
sqlite3_clear_bindings
sqlite3_column_type
sqlite3_bind_null
sqlite3_reset
sqlite3_bind_int
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_text
sqlite3_bind_text
sqlite3_finalize
sqlite3_prepare_v2
sqlite3_last_insert_rowid
sqlite3_exec
sqlite3_busy_timeout
sqlite3_close
sqlite3_errmsg
sqlite3_open_v2
sqlite3_column_name
sqlite3_column_count
sqlite3_step
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int64
sqlite3_column_double
sqlite3_column_bytes
sqlite3_column_blob

shared

GetInfiniteWaitEvent
uReplaceCharAdd
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
?g_from_system@t_font_description@@SA?AU1@H@Z
uPrintCrashInfo_AddEnvironmentInfo
?calculate_peak@audio_math@@YANPEBN_K@Z
?popup_dialog@t_font_description@@QEAA_NPEAUHWND__@@@Z
uGetClipboardString
uFixAmpersandChars_v2
uDragQueryFile
uDragQueryFileCount
uSetWindowTextEx
stricmp_utf8_max
stricmp_utf8_ex
uCharLower
?scale@audio_math@@YAXPEBN_KPEANN@Z
uGetCommandLine
uGetModuleHandle
uSetCurrentDirectory
uPrintCrashInfo_SetDumpPath
uPrintCrashInfo_StartLogging
uPrintCrashInfo_Init
uGetCurrentDirectory
uGetEnvironmentVariable
uCreateFile
uEvalKnownFolder
uGetKeyNameText
uRemovePanicHandler
uAddPanicHandler
uSearchPath
uFixPathCaps
uCreateDirectory
uGetFileAttributes
uAddStringLower
uAddStringUpper
uBrowseForFolder
uBrowseForFolderEx
uGetOpenFileName
uGetOpenFileNameMulti
uSendDlgItemMessageText
uSendMessageText
uAppendMenu
ModalDialog_Switch
uSetClipboardString
?uPrintCrashInfo_Suppress@@YAXXZ
uPrintCrashInfo_SetComponentList
uMessageBox
uLoadLibrary
uFindFirstFile
?convert_to_int32@audio_math@@YAXPEBN_KPEAHN@Z
?convert_to_int16@audio_math@@YAXPEBN_KPEAFN@Z
uGetTempFileName
uGetTempPath
stricmp_utf8
uGetModuleFileName
stricmp_utf8_partial
ModalDialog_PokeExisting
ModalDialog_CanCreateNew
PokeWindow
LoadResourceEx
uFileExists
uShellExecute
uStringCompare
??1uCallStackTracker@@QEAA@XZ
??0uCallStackTracker@@QEAA@PEBD@Z
uGetDlgItemText
uSetDlgItemText
FindOwningPopup
uGetWindowText
uExceptFilterProc
uSetWindowText
uPrintCrashInfo_OnEvent
uBugCheck
uFormatSystemErrorMessage
uCharUpper

msvcp140

_Thrd_hardware_concurrency
_Cnd_signal
_Xtime_get_ticks
_Mtx_current_owns
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_timedwait
_Query_perf_frequency
_Query_perf_counter
_Cnd_wait
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Cnd_broadcast
?uncaught_exceptions@std@@YAHXZ
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z

msvcp140_atomic_wait

__std_atomic_notify_one_direct
__std_atomic_wait_direct

msimg32

GradientFill

oleacc

AccessibleObjectFromWindow
LresultFromObject

crypt32

CertVerifyRevocation
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertVerifyTimeValidity
CertCloseStore
CertFreeCertificateChain
CertFreeCertificateContext

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW

winhttp

WinHttpOpen
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle

gdiplus

GdipFree
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipLoadImageFromStream
GdipGraphicsClear
GdipGetImageGraphicsContext
GdipDrawImageRect
GdipSetSmoothingMode
GdipSetCompositingMode
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageType
GdiplusStartup
GdipCreateBitmapFromStream
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdiplusShutdown

secur32

InitializeSecurityContextW
AcquireCredentialsHandleW
FreeContextBuffer
AcceptSecurityContext
QueryContextAttributesW
FreeCredentialsHandle
DeleteSecurityContext
DecryptMessage
EncryptMessage

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__C_specific_handler
memchr
strstr
wcschr
_set_purecall_handler
strrchr
wcsstr
memcpy
memset
memmove
memcmp
__current_exception
__current_exception_context
_CxxThrowException
strchr

api-ms-win-crt-heap-l1-1-0

_aligned_realloc
_aligned_free
free
_recalloc
_set_new_mode
realloc
_aligned_malloc
_expand
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_crt_atexit
_cexit
terminate
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_controlfp_s
_c_exit
_register_thread_local_exe_atexit_callback
abort
_beginthreadex
_invalid_parameter_noinfo
_initialize_onexit_table
_errno
_invalid_parameter_noinfo_noreturn
_set_invalid_parameter_handler
_set_abort_behavior
signal

api-ms-win-crt-math-l1-1-0

tan
llround
_fpclass
_dclass
exp
log10
lround
lroundf
pow
log2
sin
log
__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vswprintf_s
_set_fmode
__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcsncpy_s
wcstok_s
wcsncmp
wcslen
strcat_s
wmemcpy_s
wcsnlen
strncmp
strcmp
isalpha
strlen
_strdup
strcpy_s
wcscmp

api-ms-win-crt-convert-l1-1-0

_atoi64
atoll
_wtoi
_wtol
atoi

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 655KB - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
icons/aac.ico
icons/ape.ico
icons/apl.ico
icons/asx.ico
icons/cda.ico
icons/cue.ico
icons/dll.ico
icons/flac.ico
icons/fpl.ico
icons/fth.ico
icons/generic.ico
icons/m3u.ico
icons/m3u8.ico
icons/m4a.ico
icons/mka.ico
icons/mp2.ico
icons/mp3.ico
icons/mp4.ico
icons/mpc.ico
icons/ofr.ico
icons/ogg.ico
icons/opus.ico
icons/pls.ico
icons/shn.ico
icons/spx.ico
icons/tak.ico
icons/tta.ico
icons/wav.ico
icons/wma.ico
icons/wv.ico
msvcp140.dll
.dll windows:6 windows x64 arch:x64

9433fb5ddec7b65c9b51bd9dc5813de2

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:9f:fa:50:17:92:09:b6:4e:0e:b5:f3:c1:2e:7a:a2:52:5b:e7:bb:63:59:4c:4e:d5:0a:2c:35:05:96:ee:94
Signer

Actual PE Digest

46:9f:fa:50:17:92:09:b6:4e:0e:b5:f3:c1:2e:7a:a2:52:5b:e7:bb:63:59:4c:4e:d5:0a:2c:35:05:96:ee:94

Digest Algorithm

sha256

PE Digest Matches

true

46:9f:fa:50:17:92:09:b6:4e:0e:b5:f3:c1:2e:7a:a2:52:5b:e7:bb:63:59:4c:4e:d5:0a:2c:35:05:96:ee:94
Signer

Actual PE Digest

46:9f:fa:50:17:92:09:b6:4e:0e:b5:f3:c1:2e:7a:a2:52:5b:e7:bb:63:59:4c:4e:d5:0a:2c:35:05:96:ee:94

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__current_exception_context
__C_specific_handler
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm
_initterm_e
_crt_atexit
_execute_onexit_table
_cexit
_register_onexit_function
_endthreadex
_beginthreadex
_set_new_handler
abort
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table
_errno
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

isdigit
iswxdigit
isspace
isxdigit
__strncnt
wcsnlen
iswspace
isupper
wcscpy_s
iswalnum
iswdigit
isalnum
islower
_wcsdup
tolower
strcspn

api-ms-win-crt-locale-l1-1-0

_unlock_locales
_lock_locales
__pctype_func
___lc_locale_name_func
setlocale
___lc_codepage_func
___mb_cur_max_func
___lc_collate_cp_func
localeconv

api-ms-win-crt-stdio-l1-1-0

fputs
fgetwc
fseek
_fsopen
_wfsopen
fputwc
ungetwc
fsetpos
__acrt_iob_func
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
fputc
fread
__stdio_common_vsprintf_s
_fseeki64
fwrite
setvbuf
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wremove
_unlock_file
_lock_file
_wchdir
_wrmdir
_wrename

api-ms-win-crt-time-l1-1-0

_W_Getmonths
_W_Getdays
_Getdays
_Strftime
_Wcsftime
_Getmonths
_Gettnames
_W_Gettnames

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

frexp
copysign
ldexp
log
logf

api-ms-win-crt-convert-l1-1-0

strtof
btowc
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

EnterCriticalSection
RaiseException
CompareStringEx
MultiByteToWideChar
GetCPInfo
InitializeSListHead
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
RtlPcToFileHeader
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
Sleep
WaitForSingleObjectEx
GetCurrentThreadId
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@G@std@@QEAA@AEBV01@@Z
??0?$_Yarn@G@std@@QEAA@PEBG@Z
??0?$_Yarn@G@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z
??0?$_Yarn@_W@std@@QEAA@PEB_W@Z
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@G@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@G@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Getptr@_Timevec@std@@QEBAPEAXXZ
?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_1.dll
.dll windows:6 windows x64 arch:x64

20717227ccb65afbaea7feeb74196ea2

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:d9:45:1c:0b:3e:86:fe:f7:3e:59:59:d8:f8:74:f0:38:53:1b:37:b6:d6:d0:1c:e0:98:aa:74:1f:f0:00:1b
Signer

Actual PE Digest

07:d9:45:1c:0b:3e:86:fe:f7:3e:59:59:d8:f8:74:f0:38:53:1b:37:b6:d6:d0:1c:e0:98:aa:74:1f:f0:00:1b

Digest Algorithm

sha256

PE Digest Matches

true

07:d9:45:1c:0b:3e:86:fe:f7:3e:59:59:d8:f8:74:f0:38:53:1b:37:b6:d6:d0:1c:e0:98:aa:74:1f:f0:00:1b
Signer

Actual PE Digest

07:d9:45:1c:0b:3e:86:fe:f7:3e:59:59:d8:f8:74:f0:38:53:1b:37:b6:d6:d0:1c:e0:98:aa:74:1f:f0:00:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb

Imports

msvcp140

?_Xbad_alloc@std@@YAXXZ

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
memset
__std_exception_copy
memcpy
__C_specific_handler
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_callnewh
free
_aligned_free
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm_e
_initterm
_initialize_narrow_environment
_execute_onexit_table

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
IsProcessorFeaturePresent
DisableThreadLibraryCalls
SetUnhandledExceptionFilter

Exports

Exports

_Aligned_get_default_resource
_Aligned_new_delete_resource
_Aligned_set_default_resource
_Unaligned_get_default_resource
_Unaligned_new_delete_resource
_Unaligned_set_default_resource
null_memory_resource

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_2.dll
.dll windows:6 windows x64 arch:x64

d68bff3ea8e1baa2a925794feb31fdc5

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:72:bd:eb:4d:8d:90:8b:f3:5c:dc:98:62:bc:e1:45:86:55:0e:5c:e3:cf:90:0c:60:98:0c:39:52:17:81:2e
Signer

Actual PE Digest

11:72:bd:eb:4d:8d:90:8b:f3:5c:dc:98:62:bc:e1:45:86:55:0e:5c:e3:cf:90:0c:60:98:0c:39:52:17:81:2e

Digest Algorithm

sha256

PE Digest Matches

true

11:72:bd:eb:4d:8d:90:8b:f3:5c:dc:98:62:bc:e1:45:86:55:0e:5c:e3:cf:90:0c:60:98:0c:39:52:17:81:2e
Signer

Actual PE Digest

11:72:bd:eb:4d:8d:90:8b:f3:5c:dc:98:62:bc:e1:45:86:55:0e:5c:e3:cf:90:0c:60:98:0c:39:52:17:81:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_2.amd64.pdb

Imports

msvcp140

?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?clear@ios_base@std@@QEAAXH_N@Z
?rdstate@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?precision@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?widen@?$ctype@D@std@@QEBADD@Z
??1ios_base@std@@UEAA@XZ
?_Addstd@ios_base@std@@SAXPEAV12@@Z
??0ios_base@std@@IEAA@XZ
?_Init@ios_base@std@@IEAAXXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?uncaught_exceptions@std@@YAHXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Lockit@std@@QEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0_Lockit@std@@QEAA@H@Z

vcruntime140

memcmp
__std_exception_destroy
memcpy
memchr
__C_specific_handler
__std_terminate
memmove
memset
__std_exception_copy
__std_type_info_destroy_list
_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initterm
_initterm_e
_errno

api-ms-win-crt-math-l1-1-0

tan
sin
pow
frexp
log
ldexp
sqrt
atan
ceil
cos
cosh
sqrtf
fmod
exp
sinh
floor

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strcspn

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-locale-l1-1-0

localeconv

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

Exports

Exports

__std_smf_assoc_laguerre
__std_smf_assoc_laguerref
__std_smf_assoc_legendre
__std_smf_assoc_legendref
__std_smf_beta
__std_smf_betaf
__std_smf_comp_ellint_1
__std_smf_comp_ellint_1f
__std_smf_comp_ellint_2
__std_smf_comp_ellint_2f
__std_smf_comp_ellint_3
__std_smf_comp_ellint_3f
__std_smf_cyl_bessel_i
__std_smf_cyl_bessel_if
__std_smf_cyl_bessel_j
__std_smf_cyl_bessel_jf
__std_smf_cyl_bessel_k
__std_smf_cyl_bessel_kf
__std_smf_cyl_neumann
__std_smf_cyl_neumannf
__std_smf_ellint_1
__std_smf_ellint_1f
__std_smf_ellint_2
__std_smf_ellint_2f
__std_smf_ellint_3
__std_smf_ellint_3f
__std_smf_expint
__std_smf_expintf
__std_smf_hermite
__std_smf_hermitef
__std_smf_hypot3
__std_smf_hypot3f
__std_smf_laguerre
__std_smf_laguerref
__std_smf_legendre
__std_smf_legendref
__std_smf_riemann_zeta
__std_smf_riemann_zetaf
__std_smf_sph_bessel
__std_smf_sph_besself
__std_smf_sph_legendre
__std_smf_sph_legendref
__std_smf_sph_neumann
__std_smf_sph_neumannf

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_atomic_wait.dll
.dll windows:6 windows x64 arch:x64

bced65fa8a1a54f039081b1993833c8f

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:b2:14:22:74:ee:6b:48:83:99:1c:25:b3:6a:55:d3:e9:94:d1:43:96:5d:e8:b7:ce:aa:43:50:03:13:e1:5f
Signer

Actual PE Digest

b2:b2:14:22:74:ee:6b:48:83:99:1c:25:b3:6a:55:d3:e9:94:d1:43:96:5d:e8:b7:ce:aa:43:50:03:13:e1:5f

Digest Algorithm

sha256

PE Digest Matches

true

b2:b2:14:22:74:ee:6b:48:83:99:1c:25:b3:6a:55:d3:e9:94:d1:43:96:5d:e8:b7:ce:aa:43:50:03:13:e1:5f
Signer

Actual PE Digest

b2:b2:14:22:74:ee:6b:48:83:99:1c:25:b3:6a:55:d3:e9:94:d1:43:96:5d:e8:b7:ce:aa:43:50:03:13:e1:5f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_atomic_wait.amd64.pdb

Imports

msvcp140

??0_Init_locks@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Init_locks@std@@QEAA@XZ
_Thrd_hardware_concurrency

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
memcpy
__std_exception_destroy
__std_exception_copy
__std_terminate
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
abort

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
calloc
free

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
AreFileApisANSI
MultiByteToWideChar
CloseThreadpoolWork
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsProcessorFeaturePresent
GetTickCount64
GetModuleHandleW
GetProcAddress
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
GetLastError
SetLastError
LoadLibraryExW
DisableThreadLibraryCalls

Exports

Exports

__std_acquire_shared_mutex_for_instance
__std_atomic_compare_exchange_128
__std_atomic_get_mutex
__std_atomic_has_cmpxchg16b
__std_atomic_notify_all_direct
__std_atomic_notify_all_indirect
__std_atomic_notify_one_direct
__std_atomic_notify_one_indirect
__std_atomic_set_api_level
__std_atomic_wait_direct
__std_atomic_wait_get_deadline
__std_atomic_wait_get_remaining_timeout
__std_atomic_wait_indirect
__std_bulk_submit_threadpool_work
__std_calloc_crt
__std_close_threadpool_work
__std_create_threadpool_work
__std_execution_wait_on_uchar
__std_execution_wake_by_address_all
__std_free_crt
__std_parallel_algorithms_hw_threads
__std_release_shared_mutex_for_instance
__std_submit_threadpool_work
__std_tzdb_delete_current_zone
__std_tzdb_delete_leap_seconds
__std_tzdb_delete_sys_info
__std_tzdb_delete_time_zones
__std_tzdb_get_current_zone
__std_tzdb_get_leap_seconds
__std_tzdb_get_sys_info
__std_tzdb_get_time_zones
__std_wait_for_threadpool_work_callbacks

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_codecvt_ids.dll
.dll windows:6 windows x64 arch:x64

8e3190ca5b1dfe3662e83fefed12f437

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:27:e9:ba:38:2d:51:ca:c0:39:f2:32:06:51:33:3e:83:75:8a:b2:4e:f2:57:5d:8b:06:f6:59:7e:18:10:ea
Signer

Actual PE Digest

31:27:e9:ba:38:2d:51:ca:c0:39:f2:32:06:51:33:3e:83:75:8a:b2:4e:f2:57:5d:8b:06:f6:59:7e:18:10:ea

Digest Algorithm

sha256

PE Digest Matches

true

31:27:e9:ba:38:2d:51:ca:c0:39:f2:32:06:51:33:3e:83:75:8a:b2:4e:f2:57:5d:8b:06:f6:59:7e:18:10:ea
Signer

Actual PE Digest

31:27:e9:ba:38:2d:51:ca:c0:39:f2:32:06:51:33:3e:83:75:8a:b2:4e:f2:57:5d:8b:06:f6:59:7e:18:10:ea

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_codecvt_ids.amd64.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

IsDebuggerPresent
QueryPerformanceCounter
DisableThreadLibraryCalls
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcessId
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_S_QU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_UDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_U_QU_Mbstatet@@@std@@2V0locale@2@A

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-console-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:21:b0:8b:85:a9:de:1f:d9:4f:fe:56:97:d3:7b:37:3d:86:6f:aa:be:dd:dc:05:03:e3:b6:57:a0:0f:c9:53
Signer

Actual PE Digest

9a:21:b0:8b:85:a9:de:1f:d9:4f:fe:56:97:d3:7b:37:3d:86:6f:aa:be:dd:dc:05:03:e3:b6:57:a0:0f:c9:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

Exports

AllocConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-console-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:a4:b7:d1:65:d5:bc:cf:9e:2c:dc:b7:61:13:97:0c:5a:4a:25:b4:e9:74:66:0a:a2:cc:88:c1:1b:f7:26:c7
Signer

Actual PE Digest

10:a4:b7:d1:65:d5:bc:cf:9e:2c:dc:b7:61:13:97:0c:5a:4a:25:b4:e9:74:66:0a:a2:cc:88:c1:1b:f7:26:c7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-2-0.pdb

Exports

Exports

AllocConsole
AttachConsole
FreeConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
PeekConsoleInputW
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-datetime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:8c:72:37:c7:ec:6f:9a:e3:b3:d0:6f:37:88:23:05:94:c6:24:84:37:0a:be:d7:8c:6c:4b:84:3c:e9:91:15
Signer

Actual PE Digest

29:8c:72:37:c7:ec:6f:9a:e3:b3:d0:6f:37:88:23:05:94:c6:24:84:37:0a:be:d7:8c:6c:4b:84:3c:e9:91:15

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

Exports

GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW

Sections

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-debug-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:b9:fd:ac:5b:dc:e8:1e:8f:2d:e8:ee:54:da:31:11:3e:3c:73:70:81:d0:4c:16:a0:a4:c0:b2:28:d9:9d:33
Signer

Actual PE Digest

39:b9:fd:ac:5b:dc:e8:1e:8f:2d:e8:ee:54:da:31:11:3e:3c:73:70:81:d0:4c:16:a0:a4:c0:b2:28:d9:9d:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

Exports

DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW

Sections

.rdata
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-errorhandling-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:c7:b6:7e:d3:49:27:25:36:5f:9c:fc:32:93:06:e7:d4:59:b3:98:d6:44:e0:e1:df:74:fc:11:88:2a:76:2e
Signer

Actual PE Digest

38:c7:b6:7e:d3:49:27:25:36:5f:9c:fc:32:93:06:e7:d4:59:b3:98:d6:44:e0:e1:df:74:fc:11:88:2a:76:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

Exports

GetErrorMode
GetLastError
RaiseException
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Sections

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

73:6f:69:75:0f:67:32:4b:fb:6f:48:bb:b3:bf:f0:1d:9f:13:4e:c8:03:5e:3a:64:44:91:63:65:78:e2:f6:56
Signer

Actual PE Digest

73:6f:69:75:0f:67:32:4b:fb:6f:48:bb:b3:bf:f0:1d:9f:13:4e:c8:03:5e:3a:64:44:91:63:65:78:e2:f6:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-1-0.pdb

Exports

Exports

CompareFileTime
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DefineDosDeviceW
DeleteFileA
DeleteFileW
DeleteVolumeMountPointW
FileTimeToLocalFileTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleA
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameA
GetLongPathNameW
GetShortPathNameW
GetTempFileNameW
GetVolumeInformationByHandleW
GetVolumeInformationW
GetVolumePathNameW
LocalFileTimeToFileTime
LockFile
LockFileEx
QueryDosDeviceW
ReadFile
ReadFileEx
ReadFileScatter
RemoveDirectoryA
RemoveDirectoryW
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
WriteFileGather

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:49:26:84:e3:13:01:27:f8:8e:a6:8c:bb:14:73:f6:bd:5c:f3:a6:4d:07:65:93:4b:75:2b:a5:11:0d:b3:a3
Signer

Actual PE Digest

a6:49:26:84:e3:13:01:27:f8:8e:a6:8c:bb:14:73:f6:bd:5c:f3:a6:4d:07:65:93:4b:75:2b:a5:11:0d:b3:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-2-0.pdb

Exports

Exports

CreateFile2
GetTempPathW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW

Sections

.rdata
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l2-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8f:84:7a:72:4f:97:ae:8a:73:6f:56:ae:84:c4:4e:1f:36:11:20:32:46:16:4e:50:68:b9:5f:14:5a:0f:2a:61
Signer

Actual PE Digest

8f:84:7a:72:4f:97:ae:8a:73:6f:56:ae:84:c4:4e:1f:36:11:20:32:46:16:4e:50:68:b9:5f:14:5a:0f:2a:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l2-1-0.pdb

Exports

Exports

CopyFile2
CopyFileExW
CreateDirectoryExW
CreateHardLinkW
CreateSymbolicLinkW
GetFileInformationByHandleEx
MoveFileExW
MoveFileWithProgressW
ReOpenFile
ReadDirectoryChangesW
ReplaceFileW

Sections

.rdata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-handle-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:33:0d:58:6e:31:17:79:5b:77:9d:fb:14:b4:ba:03:51:4a:e4:86:99:aa:43:ce:4d:57:5a:b5:8c:1a:e7:1b
Signer

Actual PE Digest

97:33:0d:58:6e:31:17:79:5b:77:9d:fb:14:b4:ba:03:51:4a:e4:86:99:aa:43:ce:4d:57:5a:b5:8c:1a:e7:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

Exports

CloseHandle
CompareObjectHandles
DuplicateHandle
GetHandleInformation
SetHandleInformation

Sections

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-heap-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:c1:dc:51:8f:ed:e4:c0:51:8a:9a:09:38:47:61:4e:40:c5:f7:3d:f6:0a:a2:71:99:59:fe:80:07:86:ff:9a
Signer

Actual PE Digest

8d:c1:dc:51:8f:ed:e4:c0:51:8a:9a:09:38:47:61:4e:40:c5:f7:3d:f6:0a:a2:71:99:59:fe:80:07:86:ff:9a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-heap-l1-1-0.pdb

Exports

Exports

GetProcessHeap
GetProcessHeaps
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
HeapSummary
HeapUnlock
HeapValidate
HeapWalk

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-interlocked-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:61:3e:3a:f8:e6:bc:36:b5:c6:dd:88:44:05:3a:cd:00:e8:03:e3:6f:a3:7e:11:54:ac:bf:4d:c8:5a:0d:a3
Signer

Actual PE Digest

a7:61:3e:3a:f8:e6:bc:36:b5:c6:dd:88:44:05:3a:cd:00:e8:03:e3:6f:a3:7e:11:54:ac:bf:4d:c8:5a:0d:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-interlocked-l1-1-0.pdb

Exports

Exports

InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedPushListSList
QueryDepthSList

Sections

.rdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-libraryloader-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:15:91:7e:6a:2d:30:3d:be:80:51:68:51:26:3a:6f:0d:ca:72:17:ee:ba:f9:33:63:f7:76:ed:89:48:32:05
Signer

Actual PE Digest

6f:15:91:7e:6a:2d:30:3d:be:80:51:68:51:26:3a:6f:0d:ca:72:17:ee:ba:f9:33:63:f7:76:ed:89:48:32:05

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-l1-1-0.pdb

Exports

Exports

AddDllDirectory
DisableThreadLibraryCalls
FindResourceExW
FindStringOrdinal
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
LoadLibraryExA
LoadLibraryExW
LoadResource
LoadStringA
LoadStringW
LockResource
RemoveDllDirectory
SetDefaultDllDirectories
SizeofResource

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-localization-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f5:69:af:08:5e:4f:96:78:41:63:67:62:7f:aa:e1:b7:ef:02:f7:e0:1f:2b:4b:4c:a8:34:16:3d:44:0a:40:42
Signer

Actual PE Digest

f5:69:af:08:5e:4f:96:78:41:63:67:62:7f:aa:e1:b7:ef:02:f7:e0:1f:2b:4b:4c:a8:34:16:3d:44:0a:40:42

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-localization-l1-2-0.pdb

Exports

Exports

ConvertDefaultLocale
EnumSystemGeoID
EnumSystemLocalesA
EnumSystemLocalesW
FindNLSString
FindNLSStringEx
FormatMessageA
FormatMessageW
GetACP
GetCPInfo
GetCPInfoExW
GetCalendarInfoEx
GetCalendarInfoW
GetFileMUIInfo
GetFileMUIPath
GetGeoInfoW
GetLocaleInfoA
GetLocaleInfoEx
GetLocaleInfoW
GetNLSVersion
GetNLSVersionEx
GetOEMCP
GetProcessPreferredUILanguages
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemPreferredUILanguages
GetThreadLocale
GetThreadPreferredUILanguages
GetThreadUILanguage
GetUILanguageInfo
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetUserGeoID
GetUserPreferredUILanguages
IdnToAscii
IdnToUnicode
IsDBCSLeadByte
IsDBCSLeadByteEx
IsNLSDefinedString
IsValidCodePage
IsValidLanguageGroup
IsValidLocale
IsValidLocaleName
IsValidNLSVersion
LCMapStringA
LCMapStringEx
LCMapStringW
LocaleNameToLCID
ResolveLocaleName
SetCalendarInfoW
SetLocaleInfoW
SetProcessPreferredUILanguages
SetThreadLocale
SetThreadPreferredUILanguages
SetThreadUILanguage
SetUserGeoID
VerLanguageNameA
VerLanguageNameW

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-memory-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:39:ec:92:4c:b0:dc:b8:75:90:05:f9:11:43:08:12:eb:d9:8b:75:36:c7:1c:2e:1d:36:07:16:58:7a:6e:78
Signer

Actual PE Digest

02:39:ec:92:4c:b0:dc:b8:75:90:05:f9:11:43:08:12:eb:d9:8b:75:36:c7:1c:2e:1d:36:07:16:58:7a:6e:78

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-memory-l1-1-0.pdb

Exports

Exports

CreateFileMappingW
FlushViewOfFile
MapViewOfFile
MapViewOfFileEx
OpenFileMappingW
ReadProcessMemory
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WriteProcessMemory

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-namedpipe-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:0b:f1:4e:1a:55:55:57:d9:b3:67:d8:d3:f8:13:7b:e1:51:39:7d:6b:19:5f:a1:e2:22:dd:25:06:1e:ca:33
Signer

Actual PE Digest

36:0b:f1:4e:1a:55:55:57:d9:b3:67:d8:d3:f8:13:7b:e1:51:39:7d:6b:19:5f:a1:e2:22:dd:25:06:1e:ca:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-namedpipe-l1-1-0.pdb

Exports

Exports

ConnectNamedPipe
CreateNamedPipeW
CreatePipe
DisconnectNamedPipe
GetNamedPipeClientComputerNameW
ImpersonateNamedPipeClient
PeekNamedPipe
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW

Sections

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processenvironment-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:69:b2:24:c4:45:ef:64:a3:50:c7:0b:fa:32:3e:d4:ad:57:88:0d:ae:b3:ad:09:88:cd:70:ed:31:f6:aa:c4
Signer

Actual PE Digest

5a:69:b2:24:c4:45:ef:64:a3:50:c7:0b:fa:32:3e:d4:ad:57:88:0d:ae:b3:ad:09:88:cd:70:ed:31:f6:aa:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processenvironment-l1-1-0.pdb

Exports

Exports

ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStdHandle
SearchPathW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetStdHandleEx

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processthreads-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

89:60:95:ee:d1:89:4a:71:e9:0b:72:83:76:ab:99:b5:33:c9:ad:c4:82:da:2e:f2:e7:c2:cc:ff:60:15:d3:a2
Signer

Actual PE Digest

89:60:95:ee:d1:89:4a:71:e9:0b:72:83:76:ab:99:b5:33:c9:ad:c4:82:da:2e:f2:e7:c2:cc:ff:60:15:d3:a2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-0.pdb

Exports

Exports

CreateProcessA
CreateProcessAsUserW
CreateProcessW
CreateRemoteThread
CreateRemoteThreadEx
CreateThread
DeleteProcThreadAttributeList
ExitProcess
ExitThread
FlushProcessWriteBuffers
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetPriorityClass
GetProcessId
GetProcessIdOfThread
GetProcessTimes
GetProcessVersion
GetStartupInfoW
GetThreadId
GetThreadPriority
GetThreadPriorityBoost
InitializeProcThreadAttributeList
OpenProcessToken
OpenThread
OpenThreadToken
ProcessIdToSessionId
QueryProcessAffinityUpdateMode
QueueUserAPC
ResumeThread
SetPriorityClass
SetProcessAffinityUpdateMode
SetProcessShutdownParameters
SetThreadPriority
SetThreadPriorityBoost
SetThreadStackGuarantee
SetThreadToken
SuspendThread
SwitchToThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UpdateProcThreadAttribute

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processthreads-l1-1-1.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:2c:05:2f:23:c7:b5:cb:ab:e7:e7:b5:10:11:09:fb:1d:ae:bd:8b:e2:06:6b:b9:3f:c9:0e:0f:79:ae:91:9b
Signer

Actual PE Digest

1f:2c:05:2f:23:c7:b5:cb:ab:e7:e7:b5:10:11:09:fb:1d:ae:bd:8b:e2:06:6b:b9:3f:c9:0e:0f:79:ae:91:9b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-1.pdb

Exports

Exports

FlushInstructionCache
GetCurrentProcessorNumber
GetCurrentProcessorNumberEx
GetCurrentThreadStackLimits
GetProcessHandleCount
GetProcessMitigationPolicy
GetThreadContext
GetThreadIdealProcessorEx
GetThreadTimes
IsProcessorFeaturePresent
OpenProcess
SetProcessMitigationPolicy
SetThreadContext
SetThreadIdealProcessorEx

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-profile-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d6:cb:43:ca:0b:6b:66:8d:af:48:cf:42:ed:3c:78:d0:4d:19:c9:d0:51:9f:14:ea:59:67:eb:83:98:e0:18:02
Signer

Actual PE Digest

d6:cb:43:ca:0b:6b:66:8d:af:48:cf:42:ed:3c:78:d0:4d:19:c9:d0:51:9f:14:ea:59:67:eb:83:98:e0:18:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-profile-l1-1-0.pdb

Exports

Exports

QueryPerformanceCounter
QueryPerformanceFrequency

Sections

.rdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-rtlsupport-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a2:4f:f4:be:16:db:3b:f4:f4:72:a1:62:16:8e:8d:d7:8b:f9:0e:9c:58:9c:c2:37:07:4d:c2:35:68:53:34:9b
Signer

Actual PE Digest

a2:4f:f4:be:16:db:3b:f4:f4:72:a1:62:16:8e:8d:d7:8b:f9:0e:9c:58:9c:c2:37:07:4d:c2:35:68:53:34:9b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-rtlsupport-l1-1-0.pdb

Exports

Exports

RtlAddFunctionTable
RtlCaptureContext
RtlCaptureStackBackTrace
RtlCompareMemory
RtlDeleteFunctionTable
RtlInstallFunctionTableCallback
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlRaiseException
RtlRestoreContext
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-string-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:33:ef:74:7e:cd:84:4a:50:41:dc:e8:bb:81:bf:3c:d7:0c:d4:6c:2d:67:d9:a6:0e:15:22:ce:4a:f9:2a:21
Signer

Actual PE Digest

59:33:ef:74:7e:cd:84:4a:50:41:dc:e8:bb:81:bf:3c:d7:0c:d4:6c:2d:67:d9:a6:0e:15:22:ce:4a:f9:2a:21

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

Exports

CompareStringEx
CompareStringOrdinal
CompareStringW
FoldStringW
GetStringTypeExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

Sections

.rdata
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-synch-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:5c:a9:6d:67:a8:2a:0d:05:92:40:7f:de:cd:93:12:bc:7a:2e:b4:49:f3:14:77:99:8f:ac:79:78:83:0c:af
Signer

Actual PE Digest

8c:5c:a9:6d:67:a8:2a:0d:05:92:40:7f:de:cd:93:12:bc:7a:2e:b4:49:f3:14:77:99:8f:ac:79:78:83:0c:af

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
CancelWaitableTimer
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateSemaphoreExW
CreateWaitableTimerExW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
LeaveCriticalSection
OpenEventA
OpenEventW
OpenMutexW
OpenSemaphoreW
OpenWaitableTimerW
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
SetCriticalSectionSpinCount
SetEvent
SetWaitableTimer
SetWaitableTimerEx
SleepEx
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-synch-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

67:be:a8:c4:d7:a1:32:52:b1:2c:33:14:01:f8:51:a1:d7:9f:2d:1b:e8:d7:1b:56:77:24:ed:70:68:fc:ad:38
Signer

Actual PE Digest

67:be:a8:c4:d7:a1:32:52:b1:2c:33:14:01:f8:51:a1:d7:9f:2d:1b:e8:d7:1b:56:77:24:ed:70:68:fc:ad:38

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-2-0.pdb

Exports

Exports

DeleteSynchronizationBarrier
EnterSynchronizationBarrier
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitOnceInitialize
InitializeConditionVariable
InitializeSynchronizationBarrier
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
WaitOnAddress
WakeAllConditionVariable
WakeByAddressAll
WakeByAddressSingle
WakeConditionVariable

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-sysinfo-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cc:2e:cb:89:b9:14:b9:65:90:79:ec:3a:12:58:e7:c6:ed:48:1d:17:8b:d6:d3:66:71:d9:29:fe:99:85:56:9c
Signer

Actual PE Digest

cc:2e:cb:89:b9:14:b9:65:90:79:ec:3a:12:58:e7:c6:ed:48:1d:17:8b:d6:d3:66:71:d9:29:fe:99:85:56:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-sysinfo-l1-1-0.pdb

Exports

Exports

GetComputerNameExA
GetComputerNameExW
GetLocalTime
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetTickCount
GetTickCount64
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalMemoryStatusEx
SetLocalTime

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-timezone-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:4c:6f:99:c2:05:c7:f3:53:93:23:bd:09:52:75:d3:98:9b:87:68:f9:f8:e7:bc:9f:0a:9e:75:a4:ee:3a:b9
Signer

Actual PE Digest

78:4c:6f:99:c2:05:c7:f3:53:93:23:bd:09:52:75:d3:98:9b:87:68:f9:f8:e7:bc:9f:0a:9e:75:a4:ee:3a:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-timezone-l1-1-0.pdb

Exports

Exports

EnumDynamicTimeZoneInformation
FileTimeToSystemTime
GetDynamicTimeZoneInformation
GetDynamicTimeZoneInformationEffectiveYears
GetTimeZoneInformation
GetTimeZoneInformationForYear
SetDynamicTimeZoneInformation
SetTimeZoneInformation
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
SystemTimeToTzSpecificLocalTimeEx
TzSpecificLocalTimeToSystemTime
TzSpecificLocalTimeToSystemTimeEx

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-util-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:3a:dd:89:19:d5:35:79:fd:06:0e:c9:52:2a:3a:87:a6:56:fc:69:c6:a6:30:e9:bf:59:b5:71:1d:43:dc:49
Signer

Actual PE Digest

ea:3a:dd:89:19:d5:35:79:fd:06:0e:c9:52:2a:3a:87:a6:56:fc:69:c6:a6:30:e9:bf:59:b5:71:1d:43:dc:49

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-util-l1-1-0.pdb

Exports

Exports

Beep
DecodePointer
DecodeSystemPointer
EncodePointer
EncodeSystemPointer

Sections

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-conio-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:c4:bc:06:a1:27:e4:af:0f:05:e1:69:23:40:a0:29:02:17:12:d3:53:9f:bc:26:8e:5a:de:88:c8:7b:dd:77
Signer

Actual PE Digest

7f:c4:bc:06:a1:27:e4:af:0f:05:e1:69:23:40:a0:29:02:17:12:d3:53:9f:bc:26:8e:5a:de:88:c8:7b:dd:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-conio-l1-1-0.pdb

Exports

Exports

__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
_cgets
_cgets_s
_cgetws
_cgetws_s
_cputs
_cputws
_getch
_getch_nolock
_getche
_getche_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_putch
_putch_nolock
_putwch
_putwch_nolock
_ungetch
_ungetch_nolock
_ungetwch
_ungetwch_nolock

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-convert-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:70:1c:dc:fc:48:4f:d4:94:d0:b4:0a:86:0b:e3:f3:30:37:94:f3:4d:48:64:48:e6:82:6a:21:64:36:37:76
Signer

Actual PE Digest

11:70:1c:dc:fc:48:4f:d4:94:d0:b4:0a:86:0b:e3:f3:30:37:94:f3:4d:48:64:48:e6:82:6a:21:64:36:37:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

Exports

__toascii
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_ecvt
_ecvt_s
_fcvt
_fcvt_s
_gcvt
_gcvt_s
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_itoa
_itoa_s
_itow
_itow_s
_ltoa
_ltoa_s
_ltow
_ltow_s
_strtod_l
_strtof_l
_strtoi64
_strtoi64_l
_strtoimax_l
_strtol_l
_strtold_l
_strtoll_l
_strtoui64
_strtoui64_l
_strtoul_l
_strtoull_l
_strtoumax_l
_ui64toa
_ui64toa_s
_ui64tow
_ui64tow_s
_ultoa
_ultoa_s
_ultow
_ultow_s
_wcstod_l
_wcstof_l
_wcstoi64
_wcstoi64_l
_wcstoimax_l
_wcstol_l
_wcstold_l
_wcstoll_l
_wcstombs_l
_wcstombs_s_l
_wcstoui64
_wcstoui64_l
_wcstoul_l
_wcstoull_l
_wcstoumax_l
_wctomb_l
_wctomb_s_l
_wtof
_wtof_l
_wtoi
_wtoi64
_wtoi64_l
_wtoi_l
_wtol
_wtol_l
_wtoll
_wtoll_l
atof
atoi
atol
atoll
btowc
c16rtomb
c32rtomb
mbrtoc16
mbrtoc32
mbrtowc
mbsrtowcs
mbsrtowcs_s
mbstowcs
mbstowcs_s
mbtowc
strtod
strtof
strtoimax
strtol
strtold
strtoll
strtoul
strtoull
strtoumax
wcrtomb
wcrtomb_s
wcsrtombs
wcsrtombs_s
wcstod
wcstof
wcstoimax
wcstol
wcstold
wcstoll
wcstombs
wcstombs_s
wcstoul
wcstoull
wcstoumax
wctob
wctomb
wctomb_s
wctrans

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-environment-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:05:94:9b:7e:3b:46:a7:3d:9f:d3:6a:8c:33:12:40:55:6c:06:5b:65:cc:f8:32:e5:2f:b4:c6:17:97:49:d4
Signer

Actual PE Digest

ca:05:94:9b:7e:3b:46:a7:3d:9f:d3:6a:8c:33:12:40:55:6c:06:5b:65:cc:f8:32:e5:2f:b4:c6:17:97:49:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

Exports

__p__environ
__p__wenviron
_dupenv_s
_putenv
_putenv_s
_searchenv
_searchenv_s
_wdupenv_s
_wgetcwd
_wgetdcwd
_wgetenv
_wgetenv_s
_wputenv
_wputenv_s
_wsearchenv
_wsearchenv_s
getenv
getenv_s

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-filesystem-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:62:9f:f3:5d:82:9e:32:0f:c1:53:1f:c7:ad:d4:82:2f:e2:21:34:e0:e1:11:27:0b:5a:56:21:eb:b4:54:13
Signer

Actual PE Digest

e7:62:9f:f3:5d:82:9e:32:0f:c1:53:1f:c7:ad:d4:82:2f:e2:21:34:e0:e1:11:27:0b:5a:56:21:eb:b4:54:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-filesystem-l1-1-0.pdb

Exports

Exports

_access
_access_s
_chdir
_chdrive
_chmod
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_fullpath
_getdiskfree
_getdrive
_getdrives
_lock_file
_makepath
_makepath_s
_mkdir
_rmdir
_splitpath
_splitpath_s
_stat32
_stat32i64
_stat64
_stat64i32
_umask
_umask_s
_unlink
_unlock_file
_waccess
_waccess_s
_wchdir
_wchmod
_wfindfirst32
_wfindfirst32i64
_wfindfirst64
_wfindfirst64i32
_wfindnext32
_wfindnext32i64
_wfindnext64
_wfindnext64i32
_wfullpath
_wmakepath
_wmakepath_s
_wmkdir
_wremove
_wrename
_wrmdir
_wsplitpath
_wsplitpath_s
_wstat32
_wstat32i64
_wstat64
_wstat64i32
_wunlink
remove
rename

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-heap-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:00:04:99:2f:7c:e6:46:fd:e2:e1:af:5f:4d:79:b8:86:e6:35:7b:53:6c:44:1f:c7:2b:c8:a1:c7:1f:88:3e
Signer

Actual PE Digest

a7:00:04:99:2f:7c:e6:46:fd:e2:e1:af:5f:4d:79:b8:86:e6:35:7b:53:6c:44:1f:c7:2b:c8:a1:c7:1f:88:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

Exports

_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_callnewh
_calloc_base
_expand
_free_base
_get_heap_handle
_heapchk
_heapmin
_heapwalk
_malloc_base
_msize
_query_new_handler
_query_new_mode
_realloc_base
_recalloc
_set_new_mode
calloc
free
malloc
realloc

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-locale-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a8:50:43:72:83:2b:15:35:cc:f3:f7:71:eb:51:c8:d4:b8:62:01:1b:fa:b7:40:fc:25:96:4b:57:e7:7a:06:b9
Signer

Actual PE Digest

a8:50:43:72:83:2b:15:35:cc:f3:f7:71:eb:51:c8:d4:b8:62:01:1b:fa:b7:40:fc:25:96:4b:57:e7:7a:06:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-locale-l1-1-0.pdb

Exports

Exports

___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__initialize_lconv_for_unsigned_char
__pctype_func
__pwctype_func
_configthreadlocale
_create_locale
_free_locale
_get_current_locale
_getmbcp
_lock_locales
_setmbcp
_unlock_locales
_wcreate_locale
_wsetlocale
localeconv
setlocale

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-math-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:e4:73:61:28:5d:4d:09:7d:a5:80:d5:c1:84:d3:94:3e:3a:65:b4:1a:6a:89:dd:cd:29:2c:9f:44:f0:6e:43
Signer

Actual PE Digest

2e:e4:73:61:28:5d:4d:09:7d:a5:80:d5:c1:84:d3:94:3e:3a:65:b4:1a:6a:89:dd:cd:29:2c:9f:44:f0:6e:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-math-l1-1-0.pdb

Exports

Exports

_Cbuild
_Cmulcc
_Cmulcr
_FCbuild
_FCmulcc
_FCmulcr
_LCbuild
_LCmulcc
_LCmulcr
__setusermatherr
_cabs
_chgsign
_chgsignf
_copysign
_copysignf
_d_int
_dclass
_dexp
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_except1
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_finite
_finitef
_fpclass
_fpclassf
_get_FMA3_enable
_hypot
_hypotf
_isnan
_isnanf
_j0
_j1
_jn
_ld_int
_ldclass
_ldexp
_ldlog
_ldpcomp
_ldpoly
_ldscale
_ldsign
_ldsin
_ldtest
_ldunscale
_logb
_logbf
_nextafter
_nextafterf
_scalb
_scalbf
_set_FMA3_enable
_y0
_y1
_yn
acos
acosf
acosh
acoshf
acoshl
asin
asinf
asinh
asinhf
asinhl
atan
atan2
atan2f
atanf
atanh
atanhf
atanhl
cabs
cabsf
cabsl
cacos
cacosf
cacosh
cacoshf
cacoshl
cacosl
carg
cargf
cargl
casin
casinf
casinh
casinhf
casinhl
casinl
catan
catanf
catanh
catanhf
catanhl
catanl
cbrt
cbrtf
cbrtl
ccos
ccosf
ccosh
ccoshf
ccoshl
ccosl
ceil
ceilf
cexp
cexpf
cexpl
cimag
cimagf
cimagl
clog
clog10
clog10f
clog10l
clogf
clogl
conj
conjf
conjl
copysign
copysignf
copysignl
cos
cosf
cosh
coshf
cpow
cpowf
cpowl
cproj
cprojf
cprojl
creal
crealf
creall
csin
csinf
csinh
csinhf
csinhl
csinl
csqrt
csqrtf
csqrtl
ctan
ctanf
ctanh
ctanhf
ctanhl
ctanl
erf
erfc
erfcf
erfcl
erff
erfl
exp
exp2
exp2f
exp2l
expf
expm1
expm1f
expm1l
fabs
fdim
fdimf
fdiml
floor
floorf
fma
fmaf
fmal
fmax
fmaxf
fmaxl
fmin
fminf
fminl
fmod
fmodf
frexp
hypot
ilogb
ilogbf
ilogbl
ldexp
lgamma
lgammaf
lgammal
llrint
llrintf
llrintl
llround
llroundf
llroundl
log
log10
log10f
log1p
log1pf
log1pl
log2
log2f
log2l
logb
logbf
logbl
logf
lrint
lrintf
lrintl
lround
lroundf
lroundl
modf
modff
nan
nanf
nanl
nearbyint
nearbyintf
nearbyintl
nextafter
nextafterf
nextafterl
nexttoward
nexttowardf
nexttowardl
norm
normf
norml
pow
powf
remainder
remainderf
remainderl
remquo
remquof
remquol
rint
rintf
rintl
round
roundf
roundl
scalbln
scalblnf
scalblnl
scalbn
scalbnf
scalbnl
sin
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
tanhf
tgamma
tgammaf
tgammal
trunc
truncf
truncl

Sections

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-multibyte-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:06:4f:f0:2a:66:44:2c:c8:d0:c6:74:a9:fe:b3:9d:59:96:af:b0:dd:16:fe:e9:9c:ee:bf:cd:59:08:21:da
Signer

Actual PE Digest

ea:06:4f:f0:2a:66:44:2c:c8:d0:c6:74:a9:fe:b3:9d:59:96:af:b0:dd:16:fe:e9:9c:ee:bf:cd:59:08:21:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-multibyte-l1-1-0.pdb

Exports

Exports

__p__mbcasemap
__p__mbctype
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcblank
_ismbcblank_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_mbbtombc
_mbbtombc_l
_mbbtype
_mbbtype_l
_mbcasemap
_mbccpy
_mbccpy_l
_mbccpy_s
_mbccpy_s_l
_mbcjistojms
_mbcjistojms_l
_mbcjmstojis
_mbcjmstojis_l
_mbclen
_mbclen_l
_mbctohira
_mbctohira_l
_mbctokata
_mbctokata_l
_mbctolower
_mbctolower_l
_mbctombb
_mbctombb_l
_mbctoupper
_mbctoupper_l
_mblen_l
_mbsbtype
_mbsbtype_l
_mbscat_s
_mbscat_s_l
_mbschr
_mbschr_l
_mbscmp
_mbscmp_l
_mbscoll
_mbscoll_l
_mbscpy_s
_mbscpy_s_l
_mbscspn
_mbscspn_l
_mbsdec
_mbsdec_l
_mbsdup
_mbsicmp
_mbsicmp_l
_mbsicoll
_mbsicoll_l
_mbsinc
_mbsinc_l
_mbslen
_mbslen_l
_mbslwr
_mbslwr_l
_mbslwr_s
_mbslwr_s_l
_mbsnbcat
_mbsnbcat_l
_mbsnbcat_s
_mbsnbcat_s_l
_mbsnbcmp
_mbsnbcmp_l
_mbsnbcnt
_mbsnbcnt_l
_mbsnbcoll
_mbsnbcoll_l
_mbsnbcpy
_mbsnbcpy_l
_mbsnbcpy_s
_mbsnbcpy_s_l
_mbsnbicmp
_mbsnbicmp_l
_mbsnbicoll
_mbsnbicoll_l
_mbsnbset
_mbsnbset_l
_mbsnbset_s
_mbsnbset_s_l
_mbsncat
_mbsncat_l
_mbsncat_s
_mbsncat_s_l
_mbsnccnt
_mbsnccnt_l
_mbsncmp
_mbsncmp_l
_mbsncoll
_mbsncoll_l
_mbsncpy
_mbsncpy_l
_mbsncpy_s
_mbsncpy_s_l
_mbsnextc
_mbsnextc_l
_mbsnicmp
_mbsnicmp_l
_mbsnicoll
_mbsnicoll_l
_mbsninc
_mbsninc_l
_mbsnlen
_mbsnlen_l
_mbsnset
_mbsnset_l
_mbsnset_s
_mbsnset_s_l
_mbspbrk
_mbspbrk_l
_mbsrchr
_mbsrchr_l
_mbsrev
_mbsrev_l
_mbsset
_mbsset_l
_mbsset_s
_mbsset_s_l
_mbsspn
_mbsspn_l
_mbsspnp
_mbsspnp_l
_mbsstr
_mbsstr_l
_mbstok
_mbstok_l
_mbstok_s
_mbstok_s_l
_mbstowcs_l
_mbstowcs_s_l
_mbstrlen
_mbstrlen_l
_mbstrnlen
_mbstrnlen_l
_mbsupr
_mbsupr_l
_mbsupr_s
_mbsupr_s_l
_mbtowc_l

Sections

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-private-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

56:9a:11:13:75:72:4a:94:11:6d:e7:dc:88:94:a4:a9:b8:bb:e1:a4:c7:bf:40:70:c2:de:7c:d6:32:81:24:26
Signer

Actual PE Digest

56:9a:11:13:75:72:4a:94:11:6d:e7:dc:88:94:a4:a9:b8:bb:e1:a4:c7:bf:40:70:c2:de:7c:d6:32:81:24:26

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-private-l1-1-0.pdb

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_IsExceptionObjectToBeDestroyed
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxFrameHandler4
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_o__Getdays
_o__Getmonths
_o__Gettnames
_o__Strftime
_o__W_Getdays
_o__W_Getmonths
_o__W_Gettnames
_o__Wcsftime
_o____lc_codepage_func
_o____lc_collate_cp_func
_o____lc_locale_name_func
_o____mb_cur_max_func
_o___acrt_iob_func
_o___conio_common_vcprintf
_o___conio_common_vcprintf_p
_o___conio_common_vcprintf_s
_o___conio_common_vcscanf
_o___conio_common_vcwprintf
_o___conio_common_vcwprintf_p
_o___conio_common_vcwprintf_s
_o___conio_common_vcwscanf
_o___daylight
_o___dstbias
_o___fpe_flt_rounds
_o___p___argc
_o___p___argv
_o___p___wargv
_o___p__acmdln
_o___p__commode
_o___p__environ
_o___p__fmode
_o___p__mbcasemap
_o___p__mbctype
_o___p__pgmptr
_o___p__wcmdln
_o___p__wenviron
_o___p__wpgmptr
_o___pctype_func
_o___pwctype_func
_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o___std_type_info_name
_o___stdio_common_vfprintf
_o___stdio_common_vfprintf_p
_o___stdio_common_vfprintf_s
_o___stdio_common_vfscanf
_o___stdio_common_vfwprintf
_o___stdio_common_vfwprintf_p
_o___stdio_common_vfwprintf_s
_o___stdio_common_vfwscanf
_o___stdio_common_vsnprintf_s
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsprintf_p
_o___stdio_common_vsprintf_s
_o___stdio_common_vsscanf
_o___stdio_common_vswprintf
_o___stdio_common_vswprintf_p
_o___stdio_common_vswprintf_s
_o___stdio_common_vswscanf
_o___timezone
_o___tzname
_o___wcserror
_o__access
_o__access_s
_o__aligned_free
_o__aligned_malloc
_o__aligned_msize
_o__aligned_offset_malloc
_o__aligned_offset_realloc
_o__aligned_offset_recalloc
_o__aligned_realloc
_o__aligned_recalloc
_o__atodbl
_o__atodbl_l
_o__atof_l
_o__atoflt
_o__atoflt_l
_o__atoi64
_o__atoi64_l
_o__atoi_l
_o__atol_l
_o__atoldbl
_o__atoldbl_l
_o__atoll_l
_o__beep
_o__beginthread
_o__beginthreadex
_o__cabs
_o__callnewh
_o__calloc_base
_o__cexit
_o__cgets
_o__cgets_s
_o__cgetws
_o__cgetws_s
_o__chdir
_o__chdrive
_o__chmod
_o__chsize
_o__chsize_s
_o__close
_o__commit
_o__configthreadlocale
_o__configure_narrow_argv
_o__configure_wide_argv
_o__controlfp_s
_o__cputs
_o__cputws
_o__creat
_o__create_locale
_o__crt_atexit
_o__ctime32_s
_o__ctime64_s
_o__cwait
_o__d_int
_o__dclass
_o__difftime32
_o__difftime64
_o__dlog
_o__dnorm
_o__dpcomp
_o__dpoly
_o__dscale
_o__dsign
_o__dsin
_o__dtest
_o__dunscale
_o__dup
_o__dup2
_o__dupenv_s
_o__ecvt
_o__ecvt_s
_o__endthread
_o__endthreadex
_o__eof
_o__errno
_o__except1
_o__execute_onexit_table
_o__execv
_o__execve
_o__execvp
_o__execvpe
_o__exit
_o__expand
_o__fclose_nolock
_o__fcloseall
_o__fcvt
_o__fcvt_s
_o__fd_int
_o__fdclass
_o__fdexp
_o__fdlog
_o__fdopen
_o__fdpcomp
_o__fdpoly
_o__fdscale
_o__fdsign
_o__fdsin
_o__fflush_nolock
_o__fgetc_nolock
_o__fgetchar
_o__fgetwc_nolock
_o__fgetwchar
_o__filelength
_o__filelengthi64
_o__fileno
_o__findclose
_o__findfirst32
_o__findfirst32i64
_o__findfirst64
_o__findfirst64i32
_o__findnext32
_o__findnext32i64
_o__findnext64
_o__findnext64i32
_o__flushall
_o__fpclass
_o__fpclassf
_o__fputc_nolock
_o__fputchar
_o__fputwc_nolock
_o__fputwchar
_o__fread_nolock
_o__fread_nolock_s
_o__free_base
_o__free_locale
_o__fseek_nolock
_o__fseeki64
_o__fseeki64_nolock
_o__fsopen
_o__fstat32
_o__fstat32i64
_o__fstat64
_o__fstat64i32
_o__ftell_nolock
_o__ftelli64
_o__ftelli64_nolock
_o__ftime32
_o__ftime32_s
_o__ftime64
_o__ftime64_s
_o__fullpath
_o__futime32
_o__futime64
_o__fwrite_nolock
_o__gcvt
_o__gcvt_s
_o__get_daylight
_o__get_doserrno
_o__get_dstbias
_o__get_errno
_o__get_fmode
_o__get_heap_handle
_o__get_initial_narrow_environment
_o__get_initial_wide_environment
_o__get_invalid_parameter_handler
_o__get_narrow_winmain_command_line
_o__get_osfhandle
_o__get_pgmptr
_o__get_stream_buffer_pointers
_o__get_terminate
_o__get_thread_local_invalid_parameter_handler
_o__get_timezone
_o__get_tzname
_o__get_wide_winmain_command_line
_o__get_wpgmptr
_o__getc_nolock
_o__getch
_o__getch_nolock
_o__getche
_o__getche_nolock
_o__getcwd
_o__getdcwd
_o__getdiskfree
_o__getdllprocaddr
_o__getdrive
_o__getdrives
_o__getmbcp
_o__getsystime
_o__getw
_o__getwc_nolock
_o__getwch
_o__getwch_nolock
_o__getwche
_o__getwche_nolock
_o__getws
_o__getws_s
_o__gmtime32
_o__gmtime32_s
_o__gmtime64
_o__gmtime64_s
_o__heapchk
_o__heapmin
_o__hypot
_o__hypotf
_o__i64toa
_o__i64toa_s
_o__i64tow
_o__i64tow_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__isatty
_o__isctype
_o__isctype_l
_o__isleadbyte_l
_o__ismbbalnum
_o__ismbbalnum_l
_o__ismbbalpha
_o__ismbbalpha_l
_o__ismbbblank
_o__ismbbblank_l
_o__ismbbgraph
_o__ismbbgraph_l
_o__ismbbkalnum
_o__ismbbkalnum_l
_o__ismbbkana
_o__ismbbkana_l
_o__ismbbkprint
_o__ismbbkprint_l
_o__ismbbkpunct
_o__ismbbkpunct_l
_o__ismbblead
_o__ismbblead_l
_o__ismbbprint
_o__ismbbprint_l
_o__ismbbpunct
_o__ismbbpunct_l
_o__ismbbtrail
_o__ismbbtrail_l
_o__ismbcalnum
_o__ismbcalnum_l
_o__ismbcalpha
_o__ismbcalpha_l
_o__ismbcblank
_o__ismbcblank_l
_o__ismbcdigit
_o__ismbcdigit_l
_o__ismbcgraph
_o__ismbcgraph_l
_o__ismbchira
_o__ismbchira_l
_o__ismbckata
_o__ismbckata_l
_o__ismbcl0
_o__ismbcl0_l
_o__ismbcl1
_o__ismbcl1_l
_o__ismbcl2
_o__ismbcl2_l
_o__ismbclegal
_o__ismbclegal_l
_o__ismbclower
_o__ismbclower_l
_o__ismbcprint
_o__ismbcprint_l
_o__ismbcpunct
_o__ismbcpunct_l
_o__ismbcspace
_o__ismbcspace_l
_o__ismbcsymbol
_o__ismbcsymbol_l
_o__ismbcupper
_o__ismbcupper_l
_o__ismbslead
_o__ismbslead_l
_o__ismbstrail
_o__ismbstrail_l
_o__iswctype_l
_o__itoa
_o__itoa_s
_o__itow
_o__itow_s
_o__j0
_o__j1
_o__jn
_o__kbhit
_o__ld_int
_o__ldclass
_o__ldexp
_o__ldlog
_o__ldpcomp
_o__ldpoly
_o__ldscale
_o__ldsign
_o__ldsin
_o__ldtest
_o__ldunscale
_o__lfind
_o__lfind_s
_o__loaddll
_o__localtime32
_o__localtime32_s
_o__localtime64
_o__localtime64_s
_o__lock_file
_o__locking
_o__logb
_o__logbf
_o__lsearch
_o__lsearch_s
_o__lseek
_o__lseeki64
_o__ltoa
_o__ltoa_s
_o__ltow
_o__ltow_s
_o__makepath
_o__makepath_s
_o__malloc_base
_o__mbbtombc
_o__mbbtombc_l
_o__mbbtype
_o__mbbtype_l
_o__mbccpy
_o__mbccpy_l
_o__mbccpy_s
_o__mbccpy_s_l
_o__mbcjistojms
_o__mbcjistojms_l
_o__mbcjmstojis
_o__mbcjmstojis_l
_o__mbclen
_o__mbclen_l
_o__mbctohira
_o__mbctohira_l
_o__mbctokata
_o__mbctokata_l
_o__mbctolower
_o__mbctolower_l
_o__mbctombb
_o__mbctombb_l
_o__mbctoupper
_o__mbctoupper_l
_o__mblen_l
_o__mbsbtype
_o__mbsbtype_l
_o__mbscat_s
_o__mbscat_s_l
_o__mbschr
_o__mbschr_l
_o__mbscmp
_o__mbscmp_l
_o__mbscoll
_o__mbscoll_l
_o__mbscpy_s
_o__mbscpy_s_l
_o__mbscspn
_o__mbscspn_l
_o__mbsdec
_o__mbsdec_l
_o__mbsicmp
_o__mbsicmp_l
_o__mbsicoll
_o__mbsicoll_l
_o__mbsinc
_o__mbsinc_l
_o__mbslen
_o__mbslen_l
_o__mbslwr
_o__mbslwr_l
_o__mbslwr_s
_o__mbslwr_s_l
_o__mbsnbcat
_o__mbsnbcat_l
_o__mbsnbcat_s
_o__mbsnbcat_s_l
_o__mbsnbcmp
_o__mbsnbcmp_l
_o__mbsnbcnt
_o__mbsnbcnt_l
_o__mbsnbcoll
_o__mbsnbcoll_l
_o__mbsnbcpy
_o__mbsnbcpy_l
_o__mbsnbcpy_s
_o__mbsnbcpy_s_l
_o__mbsnbicmp
_o__mbsnbicmp_l
_o__mbsnbicoll
_o__mbsnbicoll_l

Sections

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-process-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:d0:05:2c:d7:24:6d:c6:af:9d:9d:db:89:12:8f:a0:ca:1c:ea:2d:57:a9:e9:ae:44:3f:b2:6d:29:62:46:c0
Signer

Actual PE Digest

f7:d0:05:2c:d7:24:6d:c6:af:9d:9d:db:89:12:8f:a0:ca:1c:ea:2d:57:a9:e9:ae:44:3f:b2:6d:29:62:46:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

Exports

_beep
_cwait
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_loaddll
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_unloaddll
_wexecl
_wexecle
_wexeclp
_wexeclpe
_wexecv
_wexecve
_wexecvp
_wexecvpe
_wspawnl
_wspawnle
_wspawnlp
_wspawnlpe
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-runtime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:fc:50:cb:59:16:c1:43:b3:c0:c4:28:9c:53:56:2e:1d:50:b4:4c:72:07:e1:41:12:c1:a6:b2:22:86:1a:10
Signer

Actual PE Digest

20:fc:50:cb:59:16:c1:43:b3:c0:c4:28:9c:53:56:2e:1d:50:b4:4c:72:07:e1:41:12:c1:a6:b2:22:86:1a:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

Exports

_Exit
__doserrno
__fpe_flt_rounds
__fpecode
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__pgmptr
__p__wcmdln
__p__wpgmptr
__pxcptinfoptrs
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__wcserror
__wcserror_s
_assert
_beginthread
_beginthreadex
_c_exit
_cexit
_clearfp
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_crt_at_quick_exit
_crt_atexit
_endthread
_endthreadex
_errno
_execute_onexit_table
_exit
_fpieee_flt
_fpreset
_get_doserrno
_get_errno
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_pgmptr
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_wide_winmain_command_line
_get_wpgmptr
_getdllprocaddr
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_query_app_type
_register_onexit_function
_register_thread_local_exe_atexit_callback
_resetstkoflw
_seh_filter_dll
_seh_filter_exe
_set_abort_behavior
_set_app_type
_set_controlfp
_set_doserrno
_set_errno
_set_error_mode
_set_invalid_parameter_handler
_set_new_handler
_set_thread_local_invalid_parameter_handler
_seterrormode
_sleep
_statusfp
_strerror
_strerror_s
_wassert
_wcserror
_wcserror_s
_wperror
_wsystem
abort
exit
feclearexcept
fegetenv
fegetexceptflag
fegetround
feholdexcept
fesetenv
fesetexceptflag
fesetround
fetestexcept
perror
quick_exit
raise
set_terminate
signal
strerror
strerror_s
system
terminate

Sections

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-stdio-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:43:f2:ac:36:51:c7:c4:77:4b:9b:bd:85:93:41:7b:bd:d0:c4:f5:03:2d:c3:4c:4d:77:e8:43:91:5e:cc:1b
Signer

Actual PE Digest

00:43:f2:ac:36:51:c7:c4:77:4b:9b:bd:85:93:41:7b:bd:d0:c4:f5:03:2d:c3:4c:4d:77:e8:43:91:5e:cc:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

Exports

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_chsize
_chsize_s
_close
_commit
_creat
_dup
_dup2
_eof
_fclose_nolock
_fcloseall
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_flushall
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_ftell_nolock
_ftelli64
_ftelli64_nolock
_fwrite_nolock
_get_fmode
_get_osfhandle
_get_printf_count_output
_get_stream_buffer_pointers
_getc_nolock
_getcwd
_getdcwd
_getmaxstdio
_getw
_getwc_nolock
_getws
_getws_s
_isatty
_kbhit
_locking
_lseek
_lseeki64
_mktemp
_mktemp_s
_open
_open_osfhandle
_pclose
_pipe
_popen
_putc_nolock
_putw
_putwc_nolock
_putws
_read
_rmtmp
_set_fmode
_set_printf_count_output
_setmaxstdio
_setmode
_sopen
_sopen_dispatch
_sopen_s
_tell
_telli64
_tempnam
_ungetc_nolock
_ungetwc_nolock
_wcreat
_wfdopen
_wfopen
_wfopen_s
_wfreopen
_wfreopen_s
_wfsopen
_wmktemp
_wmktemp_s
_wopen
_wpopen
_write
_wsopen
_wsopen_dispatch
_wsopen_s
_wtempnam
_wtmpnam
_wtmpnam_s
clearerr
clearerr_s
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetwc
fgetws
fopen
fopen_s
fputc
fputs
fputwc
fputws
fread
fread_s
freopen
freopen_s
fseek
fsetpos
ftell
fwrite
getc
getchar
gets
gets_s
getwc
getwchar
putc
putchar
puts
putwc
putwchar
rewind
setbuf
setvbuf
tmpfile
tmpfile_s
tmpnam
tmpnam_s
ungetc
ungetwc

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-string-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

19:69:cb:7b:91:a3:b1:a8:93:fa:0a:ea:60:88:f9:32:1e:56:f5:8a:11:10:ff:0c:31:be:39:fe:b4:af:2b:34
Signer

Actual PE Digest

19:69:cb:7b:91:a3:b1:a8:93:fa:0a:ea:60:88:f9:32:1e:56:f5:8a:11:10:ff:0c:31:be:39:fe:b4:af:2b:34

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

Exports

__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__strncnt
__wcsncnt
_isalnum_l
_isalpha_l
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_memccpy
_memicmp
_memicmp_l
_strcoll_l
_strdup
_stricmp
_stricmp_l
_stricoll
_stricoll_l
_strlwr
_strlwr_l
_strlwr_s
_strlwr_s_l
_strncoll
_strncoll_l
_strnicmp
_strnicmp_l
_strnicoll
_strnicoll_l
_strnset
_strnset_s
_strrev
_strset
_strset_s
_strupr
_strupr_l
_strupr_s
_strupr_s_l
_strxfrm_l
_tolower
_tolower_l
_toupper
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsdup
_wcsicmp
_wcsicmp_l
_wcsicoll
_wcsicoll_l
_wcslwr
_wcslwr_l
_wcslwr_s
_wcslwr_s_l
_wcsncoll
_wcsncoll_l
_wcsnicmp
_wcsnicmp_l
_wcsnicoll
_wcsnicoll_l
_wcsnset
_wcsnset_s
_wcsrev
_wcsset
_wcsset_s
_wcsupr
_wcsupr_l
_wcsupr_s
_wcsupr_s_l
_wcsxfrm_l
_wctype
is_wctype
isalnum
isalpha
isblank
iscntrl
isdigit
isgraph
isleadbyte
islower
isprint
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswblank
iswcntrl
iswctype
iswdigit
iswgraph
iswlower
iswprint
iswpunct
iswspace
iswupper
iswxdigit
isxdigit
mblen
mbrlen
memcpy_s
memmove_s
memset
strcat
strcat_s
strcmp
strcoll
strcpy
strcpy_s
strcspn
strlen
strncat
strncat_s
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
strtok
strtok_s
strxfrm
tolower
toupper
towctrans
towlower
towupper
wcscat
wcscat_s
wcscmp
wcscoll
wcscpy
wcscpy_s
wcscspn
wcslen
wcsncat
wcsncat_s
wcsncmp
wcsncpy
wcsncpy_s
wcsnlen
wcspbrk
wcsspn
wcstok
wcstok_s
wcsxfrm
wctype
wmemcpy_s
wmemmove_s

Sections

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-time-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:fa:1a:fc:b0:e3:97:b8:8e:09:6c:34:28:0f:c8:a6:95:ea:a1:d6:ed:97:82:a3:7d:9b:c8:ff:55:ab:34:a3
Signer

Actual PE Digest

16:fa:1a:fc:b0:e3:97:b8:8e:09:6c:34:28:0f:c8:a6:95:ea:a1:d6:ed:97:82:a3:7d:9b:c8:ff:55:ab:34:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

Exports

_Getdays
_Getmonths
_Gettnames
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__daylight
__dstbias
__timezone
__tzname
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_difftime32
_difftime64
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_futime32
_futime64
_get_daylight
_get_dstbias
_get_timezone
_get_tzname
_getsystime
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_localtime32
_localtime32_s
_localtime64
_localtime64_s
_mkgmtime32
_mkgmtime64
_mktime32
_mktime64
_setsystime
_strdate
_strdate_s
_strftime_l
_strtime
_strtime_s
_time32
_time64
_timespec32_get
_timespec64_get
_tzset
_utime32
_utime64
_wasctime
_wasctime_s
_wcsftime_l
_wctime32
_wctime32_s
_wctime64
_wctime64_s
_wstrdate
_wstrdate_s
_wstrtime
_wstrtime_s
_wutime32
_wutime64
asctime
asctime_s
clock
strftime
wcsftime

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-utility-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:4f:6c:3e:d6:66:5c:65:97:01:b7:87:1d:a7:7d:ad:6f:f3:a9:63:9c:f4:f5:51:3f:09:26:76:ea:6c:3a:79
Signer

Actual PE Digest

cf:4f:6c:3e:d6:66:5c:65:97:01:b7:87:1d:a7:7d:ad:6f:f3:a9:63:9c:f4:f5:51:3f:09:26:76:ea:6c:3a:79

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

Exports

_abs64
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_lfind
_lfind_s
_lrotl
_lrotr
_lsearch
_lsearch_s
_rotl
_rotl64
_rotr
_rotr64
_swab
abs
bsearch
bsearch_s
div
imaxabs
imaxdiv
labs
ldiv
llabs
lldiv
qsort
qsort_s
rand
rand_s
srand

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/runtime.manifest
.xml
runtime/ucrtbase.dll
.dll windows:10 windows x64 arch:x64

405cde0fc80c30dcc3d783173dbd4143

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:09:1a:39:a5:c3:fd:37:30:89:d0:08:0c:5b:0e:eb:cd:6b:70:a1:0d:10:93:83:62:ff:4e:94:0a:b2:4f:61
Signer

Actual PE Digest

e2:09:1a:39:a5:c3:fd:37:30:89:d0:08:0c:5b:0e:eb:cd:6b:70:a1:0d:10:93:83:62:ff:4e:94:0a:b2:4f:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ucrtbase.pdb

Imports

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
SetLastError
SetErrorMode
GetLastError

api-ms-win-core-heap-l1-1-0

HeapWalk
HeapValidate
HeapFree
HeapCompact
HeapReAlloc
HeapQueryInformation
GetProcessHeap
HeapAlloc
HeapSize

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetStartupInfoW
GetCurrentProcess
TlsAlloc
GetCurrentThread
TlsGetValue
GetCurrentThreadId
CreateProcessW
TlsSetValue
ExitProcess
ExitThread
CreateThread
TlsFree
GetExitCodeProcess
ResumeThread
TerminateProcess

api-ms-win-core-libraryloader-l1-1-0

FreeLibrary
LoadLibraryExW
GetModuleHandleExW
FreeLibraryAndExitThread
GetModuleHandleW
GetProcAddress
GetModuleFileNameW

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
SetStdHandle
GetCommandLineA
GetCurrentDirectoryW
GetStdHandle
SetEnvironmentVariableW
GetEnvironmentStringsW
SetCurrentDirectoryW
FreeEnvironmentStringsW

api-ms-win-core-file-l1-1-0

ReadFile
GetFileSizeEx
GetFileType
SetFilePointerEx
CreateFileW
FindClose
FindNextFileW
FindFirstFileExW
GetFileInformationByHandle
GetFullPathNameW
GetDriveTypeW
GetFileAttributesExW
GetDiskFreeSpaceW
GetLogicalDrives
SetFileAttributesW
SetFileTime
CreateDirectoryW
LockFileEx
UnlockFileEx
FlushFileBuffers
SetEndOfFile
DeleteFileW
WriteFile
RemoveDirectoryW

api-ms-win-core-string-l1-1-0

CompareStringW
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW

api-ms-win-core-localization-l1-2-0

GetOEMCP
EnumSystemLocalesW
IsValidCodePage
GetACP
GetCPInfo
IsValidLocale
GetUserDefaultLCID
GetLocaleInfoW
LCMapStringW

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW
GetDateFormatW

api-ms-win-core-sysinfo-l1-1-0

SetLocalTime
GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
RtlUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-console-l1-1-0

PeekConsoleInputA
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
WriteConsoleW
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
ReadConsoleW
ReadConsoleInputW
SetConsoleMode

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
CreatePipe

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualAlloc
VirtualProtect

api-ms-win-core-util-l1-1-0

Beep
EncodePointer

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList

Exports

Exports

_Cbuild
_Cmulcc
_Cmulcr
_CreateFrameInfo
_CxxThrowException
_Exit
_FCbuild
_FCmulcc
_FCmulcr
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_Getdays
_Getmonths
_Gettnames
_IsExceptionObjectToBeDestroyed
_LCbuild
_LCmulcc
_LCmulcr
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxFrameHandler4
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__acrt_iob_func
__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
__current_exception
__current_exception_context
__daylight
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__doserrno
__dstbias
__fpe_flt_rounds
__fpecode
__initialize_lconv_for_unsigned_char
__intrinsic_setjmp
__intrinsic_setjmpex
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__commode
__p__environ
__p__fmode
__p__mbcasemap
__p__mbctype
__p__pgmptr
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__processing_throw
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__setusermatherr
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
__strncnt
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__wcserror
__wcserror_s
__wcsncnt
_abs64
_access
_access_s
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_base
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chgsignf
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_configthreadlocale
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_copysign
_copysignf
_cputs
_cputws
_creat
_create_locale
_crt_at_quick_exit
_crt_atexit
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_d_int
_dclass
_dexp
_difftime32
_difftime64
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_endthread
_endthreadex
_eof
_errno
_except1
_execl
_execle
_execlp
_execlpe
_execute_onexit_table
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_finitef
_flushall
_fpclass
_fpclassf
_fpieee_flt
_fpreset
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_base
_free_locale
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_fullpath
_futime32
_futime64
_fwrite_nolock
_gcvt
_gcvt_s
_get_FMA3_enable
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_osfhandle
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_stream_buffer_pointers
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_timezone
_get_tzname
_get_unexpected
_get_wide_winmain_command_line
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwc_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_heapchk
_heapmin
_heapwalk
_hypot
_hypotf
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_is_exception_typeof
_isalnum_l
_isalpha_l
_isatty
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcblank
_ismbcblank_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_isnan
_isnanf
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_itoa
_itoa_s
_itow
_itow_s
_j0
_j1
_jn
_kbhit
_ld_int
_ldclass
_ldexp
_ldlog
_ldpcomp
_ldpoly
_ldscale
_ldsign
_ldsin
_ldtest
_ldunscale
_lfind
_lfind_s
_loaddll
_local_unwind

Sections

.text
Size: 718KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shared.dll
.dll windows:6 windows x64 arch:x64

7e485aa68e158f090d2853ba691aca17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\shared.pdb

Imports

comctl32

ImageList_LoadImageW
CreateStatusWindowW

imagehlp

SymGetModuleInfo64
SymCleanup
SymEnumerateModules64
SymGetSymFromAddr64
SymInitialize

uxtheme

GetThemeSysFont

dbghelp

MiniDumpWriteDump

kernel32

Sleep
CloseHandle
DeleteFileW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesW
InitializeCriticalSectionEx
WaitForSingleObject
MulDiv
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringW
lstrcmpiW
LoadLibraryW
CreateEventW
GlobalAlloc
GlobalFree
GlobalSize
GetEnvironmentVariableW
GetModuleHandleW
MoveFileW
RemoveDirectoryW
CreateMutexW
GetFullPathNameW
GetLongPathNameW
GetCommandLineW
GetTempPathW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetShortPathNameW
CompareStringW
CreateFileMappingW
LoadResource
LockResource
SizeofResource
FindResourceExW
FindResourceW
SearchPathW
SetThreadPriority
GetThreadPriority
GetCurrentThread
ResumeThread
WaitForMultipleObjects
CancelSynchronousIo
FormatMessageW
GlobalLock
GlobalUnlock
InitOnceComplete
InitOnceBeginInitialize
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
GetTickCount64
WriteFile
SetLastError
CreateDirectoryW
GetLastError
CreateFileW
IsBadReadPtr
IsBadCodePtr
GetCurrentProcess

user32

wsprintfW
SetClipboardData
SendMessageW
EmptyClipboard
GetClipboardData
GetClassNameW
LoadCursorW
LoadIconW
LoadMenuW
RegisterWindowMessageW
CreateWindowExW
LoadImageW
DdeCreateStringHandleW
DdeQueryStringW
CloseClipboard
OpenClipboard
GetClipboardFormatNameW
DdeInitializeW
RegisterClipboardFormatW
GetMenuItemInfoW
ModifyMenuW
GetMenuStringW
GetKeyNameTextW
GetParent
GetDC
ReleaseDC
IsWindowEnabled
SetActiveWindow
FlashWindow
GetWindow
MessageBeep
CharNextW
IntersectRect
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowLongW
CharUpperW
CharLowerW
InsertMenuW
AppendMenuW
MessageBoxW
SetDlgItemTextW
DdeAccessData

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
ExtTextOutW
SetTextColor
SetBkMode
SetTextAlign
GetTextExtentPoint32W
LPtoDP
GetTextMetricsW
GetStockObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps

comdlg32

GetSaveFileNameW
ChooseColorW
ChooseFontW
GetOpenFileNameW

advapi32

GetUserNameW

shell32

SHGetPathFromIDListW
SHGetMalloc
DragQueryFileW
Shell_NotifyIconW
SHParseDisplayName
SHGetFolderPathW
SHCreateShellItem
SHBrowseForFolderW
ShellExecuteW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

strstr
wcsrchr
memset
__std_exception_destroy
__std_exception_copy
__std_terminate
__C_specific_handler
memcpy
__std_type_info_destroy_list
_CxxThrowException
strchr

api-ms-win-crt-heap-l1-1-0

realloc
free
_callnewh
_expand
malloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initterm_e
abort
_beginthreadex

api-ms-win-crt-convert-l1-1-0

wcstoul

api-ms-win-crt-string-l1-1-0

_wcsdup

api-ms-win-crt-math-l1-1-0

lround

api-ms-win-crt-utility-l1-1-0

rand
srand

Exports

Exports

??0uCallStackTracker@@QEAA@PEBD@Z
??1uCallStackTracker@@QEAA@XZ
?add_offset@audio_math@@YAXPEANN_K@Z
?calculate_peak@audio_math@@YANPEBN_K@Z
?convert_from_int16@audio_math@@YAXPEBF_KPEANN@Z
?convert_from_int32@audio_math@@YAXPEBH_KPEANN@Z
?convert_to_int16@audio_math@@YAXPEBN_KPEAFN@Z
?convert_to_int16_calculate_peak@audio_math@@YANPEBN_KPEAFN@Z
?convert_to_int32@audio_math@@YAXPEBN_KPEAHN@Z
?convert_to_int32_calculate_peak@audio_math@@YANPEBN_KPEAHN@Z
?create@t_font_description@@QEBAPEAUHFONT__@@XZ
?from_font@t_font_description@@QEAAXPEAUHFONT__@@@Z
?g_from_font@t_font_description@@SA?AU1@PEAUHFONT__@@@Z
?g_from_logfont@t_font_description@@SA?AU1@AEBUtagLOGFONTW@@@Z
?g_from_system@t_font_description@@SA?AU1@H@Z
?kill_denormal@audio_math@@YAXPEAN_K@Z
?popup_dialog@t_font_description@@QEAA_NPEAUHWND__@@@Z
?scale@audio_math@@YAXPEBN_KPEANN@Z
?uPrintCrashInfo_Suppress@@YAXXZ
CreateFileAbortable
FindOwningPopup
GetInfiniteWaitEvent
LoadResourceEx
LoadSystemLibrary
ModalDialog_CanCreateNew
ModalDialog_PokeExisting
ModalDialog_Switch
PokeWindow
stricmp_utf8
stricmp_utf8_ex
stricmp_utf8_max
stricmp_utf8_partial
stricmp_utf8_stringtoblock
uAddPanicHandler
uAddStringLower
uAddStringUpper
uAppendMenu
uBrowseForFolder
uBrowseForFolderEx
uBrowseForFolderWithFile
uBugCheck
uCharCompare
uCharLength
uCharLower
uCharUpper
uChooseColor
uCompareString
uCreateDirectory
uCreateEvent
uCreateFile
uCreateFileMapping
uCreateMutex
uCreateStatusWindow
uCreateWindowEx
uDdeAccessData_Text
uDdeCreateStringHandle
uDdeInitialize
uDdeQueryString
uDeleteFile
uDragQueryFile
uDragQueryFileCount
uDumpCrashInfo
uEvalKnownFolder
uExceptFilterProc
uExpandEnvironmentStrings
uExtTextOut
uFileExists
uFindFirstFile
uFindResource
uFixAmpersandChars
uFixAmpersandChars_v2
uFixPathCaps
uFormatSystemErrorMessage
uGetCallStackPath
uGetClassName
uGetClipboardFormatName
uGetClipboardString
uGetCommandLine
uGetCurrentDirectory
uGetDlgItemText
uGetEnvironmentVariable
uGetFileAttributes
uGetFontHeight
uGetFullPathName
uGetKeyNameText
uGetLongPathName
uGetMenuItemType
uGetMenuString
uGetModuleFileName
uGetModuleHandle
uGetOpenFileName
uGetOpenFileNameMulti
uGetShortPathName
uGetSystemDirectory
uGetTempFileName
uGetTempPath
uGetTextExtentPoint32
uGetTextHeight
uGetUserName
uGetWindowText
uGetWindowsDirectory
uImageList_LoadImage
uInsertMenu
uListBox_GetText
uLoadCursor
uLoadIcon
uLoadImage
uLoadLibrary
uLoadMenu
uLoadResource
uLoadString
uMessageBox
uModifyMenu
uMoveFile
uOutputDebugString
uPrintCrashInfo
uPrintCrashInfo_AddEnvironmentInfo
uPrintCrashInfo_Init
uPrintCrashInfo_OnEvent
uPrintCrashInfo_SetComponentList
uPrintCrashInfo_SetDumpPath
uPrintCrashInfo_StartLogging
uPrintfV
uRegisterClipboardFormat
uRegisterWindowMessage
uRemoveDirectory
uRemovePanicHandler
uReplaceCharAdd
uReplaceStringAdd
uSearchPath
uSendDlgItemMessageText
uSendMessageText
uSetClipboardRawData
uSetClipboardString
uSetCurrentDirectory
uSetDlgItemText
uSetDlgItemTextEx
uSetWindowText
uSetWindowTextEx
uShellExecute
uShellNotifyIcon
uShellNotifyIconEx
uSortPathCompare
uSortStringCompare
uSortStringCompareEx
uSortStringCreate
uSortStringFree
uStringCompare
uStringCompare_ConvertNumbers
uTabCtrl_InsertItem
uTabCtrl_SetItem
uTextOutColors
uTextOutColorsTabbed
uTreeView_GetText
uTreeView_GetUserData
uTreeView_InsertItem

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sqlite3.dll
.dll windows:6 windows x64 arch:x64

cb5ff0eb905e0adc3517df427ef65d46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000\foobar2000\x64\Release\sqlite3.pdb

Imports

kernel32

AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

vcruntime140

memset
memcpy
memcmp
memmove
strrchr
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_cexit
_beginthreadex
_configure_narrow_argv
_endthreadex
_initialize_onexit_table
_execute_onexit_table
_initialize_narrow_environment

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-heap-l1-1-0

free
_msize
malloc
realloc

api-ms-win-crt-string-l1-1-0

strcspn
strcmp
strncmp

Exports

Exports

sqlite3_aggregate_context
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace_v2
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug

Sections

.text
Size: 797KB - Virtual size: 797KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
themes/Album List + Properties (tabbed) + Visualisations.fth
themes/Album List + Properties (tabbed).fth
themes/Album List + Properties + Visualisations.fth
themes/Album List + Properties.fth
themes/Album List + Visualisation (alternate).fth
themes/Album List + Visualisation.fth
themes/Album art in playlist.fth
themes/Black.fth
themes/Blue.fth
themes/Dark Blue.fth
themes/Dark Grey Magenta.fth
themes/Dark Grey Orange.fth
themes/Dark Orange.fth
themes/Default Playlist.fth
themes/Faded.fth
themes/Forum.fth
themes/Gray Orange.fth
themes/Gray.fth
themes/Group by Albums.fth
themes/Hello Kitty.fth
themes/Olive.fth
themes/Orange.fth
themes/Pastel Green.fth
themes/Separate Album & Artist Columns.fth
themes/Shades of Grey.fth
themes/Simple Playlist + Tabs.fth
themes/Slim View + Tabs.fth
themes/System Default.fth
themes/Vintage.fth
themes/Visualisation + Cover Art + Tabs.fth
themes/White.fth
themes/Yellow.fth
vccorlib140.dll
.dll windows:6 windows x64 arch:x64

d5ec94ca50152cc1e7188b825074fef2

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:f2:a6:00:19:78:ea:4e:2f:4f:15:bf:3e:1a:32:35:63:ff:ae:c5:04:17:fe:cf:e0:c9:9c:21:3e:ba:92:d8
Signer

Actual PE Digest

0c:f2:a6:00:19:78:ea:4e:2f:4f:15:bf:3e:1a:32:35:63:ff:ae:c5:04:17:fe:cf:e0:c9:9c:21:3e:ba:92:d8

Digest Algorithm

sha256

PE Digest Matches

true

0c:f2:a6:00:19:78:ea:4e:2f:4f:15:bf:3e:1a:32:35:63:ff:ae:c5:04:17:fe:cf:e0:c9:9c:21:3e:ba:92:d8
Signer

Actual PE Digest

0c:f2:a6:00:19:78:ea:4e:2f:4f:15:bf:3e:1a:32:35:63:ff:ae:c5:04:17:fe:cf:e0:c9:9c:21:3e:ba:92:d8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\vccorlib140.amd64.pdb

Imports

kernel32

RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
FormatMessageW
GetProcAddress
LoadLibraryExW
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetLastError
OutputDebugStringW
HeapAlloc
DeleteCriticalSection
GetProcessHeap
CreateEventExW
WaitForMultipleObjectsEx
SetEvent
CloseHandle
DecodePointer
InitializeSRWLock
TryAcquireSRWLockShared
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
_CxxThrowException
__C_specific_handler
memmove
__std_type_info_destroy_list
_purecall
__current_exception_context
__current_exception
_SetWinRTOutOfMemoryExceptionCallback
__GetPlatformExceptionInfo
__std_exception_copy
__std_exception_destroy
__std_terminate
memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vswprintf_s

api-ms-win-crt-runtime-l1-1-0

_invoke_watson
__p___wargv
__p___argc
_invalid_parameter_noinfo_noreturn
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_configure_wide_argv
_register_onexit_function
_execute_onexit_table
_initterm_e
_initterm
_cexit
_crt_atexit

api-ms-win-crt-heap-l1-1-0

_aligned_offset_malloc
_aligned_free
free
_callnewh
malloc

api-ms-win-crt-string-l1-1-0

wcscpy_s

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

ole32

CoTaskMemAlloc
CoGetApartmentType
CoMarshalInterThreadInterfaceInStream
CoAddRefServerProcess
CoGetContextToken
CoGetInterfaceAndReleaseStream
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoReleaseServerProcess
CoGetObjectContext

oleaut32

SysAllocStringLen
SysFreeString

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsGetStringRawBuffer
WindowsCreateStringReference
WindowsDeleteString
WindowsCompareStringOrdinal
WindowsIsStringEmpty
WindowsDuplicateString
WindowsStringHasEmbeddedNull
WindowsCreateString

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo
RoOriginateError
GetRestrictedErrorInfo
RoTransformError

api-ms-win-core-winrt-l1-1-0

RoRegisterForApartmentShutdown
RoGetActivationFactory
RoUnregisterForApartmentShutdown
RoGetApartmentIdentifier
RoInitialize
RoUninitialize
RoRevokeActivationFactories
RoRegisterActivationFactories

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

?<Dispose>@Exception@Platform@@UE$AAAXXZ
?<Dispose>@String@Platform@@UE$AAAXXZ
?<Dispose>@Type@Platform@@UE$AAAXXZ
??0AccessDeniedException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0AccessDeniedException@Platform@@QE$AAA@XZ
??0Attribute@Metadata@Platform@@QE$AAA@XZ
??0Boolean@Platform@@QEAA@_N@Z
??0COMException@Platform@@QE$AAA@H@Z
??0COMException@Platform@@QE$AAA@HPE$AAVString@1@@Z
??0ChangedStateException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0ChangedStateException@Platform@@QE$AAA@XZ
??0ClassNotRegisteredException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0ClassNotRegisteredException@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
??0DisconnectedException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0DisconnectedException@Platform@@QE$AAA@XZ
??0Enum@Platform@@QE$AAA@XZ
??0Exception@Platform@@QE$AAA@H@Z
??0Exception@Platform@@QE$AAA@HPE$AAVString@1@@Z
??0FailureException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0FailureException@Platform@@QE$AAA@XZ
??0GridLength@Xaml@UI@Windows@@QEAA@NW4GridUnitType@123@@Z
??0IntPtr@Platform@@QEAA@H@Z
??0IntPtr@Platform@@QEAA@PEAX@Z
??0InvalidArgumentException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0InvalidArgumentException@Platform@@QE$AAA@XZ
??0InvalidCastException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0InvalidCastException@Platform@@QE$AAA@XZ
??0MTAThreadAttribute@Platform@@QE$AAA@XZ
??0NotImplementedException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0NotImplementedException@Platform@@QE$AAA@XZ
??0NullReferenceException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
??0Object@Platform@@QE$AAA@XZ
??0ObjectDisposedException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0ObjectDisposedException@Platform@@QE$AAA@XZ
??0OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAA@XZ
??0OperationCanceledException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0OperationCanceledException@Platform@@QE$AAA@XZ
??0OutOfBoundsException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0OutOfBoundsException@Platform@@QE$AAA@XZ
??0OutOfMemoryException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0OutOfMemoryException@Platform@@QE$AAA@XZ
??0Rect@Foundation@Windows@@QEAA@VPoint@12@0@Z
??0Rect@Foundation@Windows@@QEAA@VPoint@12@VSize@12@@Z
??0RepeatBehavior@Animation@Media@Xaml@UI@Windows@@QEAA@N@Z
??0STAThreadAttribute@Platform@@QE$AAA@XZ
??0SizeT@Platform@@QEAA@H@Z
??0SizeT@Platform@@QEAA@PEAX@Z
??0Type@Platform@@QE$AAA@PE$AAVObject@1@@Z
??0Type@Platform@@QE$AAA@VIntPtr@1@@Z
??0Type@Platform@@QE$AAA@VTypeName@Interop@Xaml@UI@Windows@@@Z
??0ValueType@Platform@@QE$AAA@XZ
??0WrongThreadException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0WrongThreadException@Platform@@QE$AAA@XZ
??0char16@default@@QEAA@_W@Z
??0float32@default@@QEAA@M@Z
??0float64@default@@QEAA@N@Z
??0int16@default@@QEAA@F@Z
??0int32@default@@QEAA@H@Z
??0int64@default@@QEAA@_J@Z
??0int8@default@@QEAA@C@Z
??0uint16@default@@QEAA@G@Z
??0uint32@default@@QEAA@I@Z
??0uint64@default@@QEAA@_K@Z
??0uint8@default@@QEAA@E@Z
??BIntPtr@Platform@@SA?AV01@H@Z
??BIntPtr@Platform@@SA?AV01@PEAX@Z
??BIntPtr@Platform@@SAPEAXV01@@Z
??BType@Platform@@SA?AVTypeName@Interop@Xaml@UI@Windows@@PE$AAV01@@Z
??BType@Platform@@SAPE$AAV01@VTypeName@Interop@Xaml@UI@Windows@@@Z
??DMatrix3D@Media3D@Media@Xaml@UI@Windows@@SA?AV012345@V012345@0@Z
??GDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z
??HDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z
??MDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??NDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??ODuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??PDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
?AlignedAllocate@Heap@Details@Platform@@SAPEAX_K00@Z
?AlignedAllocate@Heap@Details@Platform@@SAPEAX_K0@Z
?AlignedAllocateException@Heap@Details@Platform@@SAPEAX_K00@Z
?AlignedAllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?AlignedFreeException@Heap@Details@Platform@@SAXPEAX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K@Z
?Compare@Duration@Xaml@UI@Windows@@SAHV1234@0@Z
?Contains@Rect@Foundation@Windows@@QEAA_NVPoint@23@@Z
?CreateException@Exception@Platform@@SAPE$AAV12@H@Z
?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?EnableFactoryCache@@YAXXZ
?EnumerateAllocatedObjects@Heap@Details@Platform@@SAXPE$AAVHeapEntryHandler@23@@Z
?Equals@Attribute@Metadata@Platform@@QE$AAA_NPE$AAVObject@3@@Z
?Equals@Boolean@Platform@@QEAA_NPE$AAVObject@2@@Z
?Equals@Delegate@Platform@@QE$AAA_NPE$AAVObject@2@@Z
?Equals@Enum@Platform@@QE$AAA_NPE$AAVObject@2@@Z
?Equals@Exception@Platform@@UE$AAA_NPE$AAVObject@2@@Z
?Equals@MTAThreadAttribute@Platform@@QE$AAA_NPE$AAVObject@2@@Z
?Equals@Object@Platform@@QE$AAA_NPE$AAV12@@Z
?Equals@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAA_NPE$AAVObject@4@@Z
?Equals@STAThreadAttribute@Platform@@QE$AAA_NPE$AAVObject@2@@Z
?Equals@Type@Platform@@UE$AAA_NPE$AAVObject@2@@Z
?Equals@ValueType@Platform@@QE$AAA_NPE$AAVObject@2@@Z
?Equals@char16@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@float32@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@float64@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@int16@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@int32@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@int64@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@int8@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@uint16@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@uint32@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@uint64@default@@QEAA_NPE$AAVObject@Platform@@@Z
?Equals@uint8@default@@QEAA_NPE$AAVObject@Platform@@@Z
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
?FlushFactoryCache@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?FreeException@Heap@Details@Platform@@SAXPEAX@Z
?GetActivationFactory@Details@Platform@@YAJPEAVModuleBase@1WRL@Microsoft@@PEAUHSTRING__@@PEAPEAUIActivationFactory@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?GetCmdArguments@Details@Platform@@YAPEAPEA_WPEAH@Z
?GetHashCode@Attribute@Metadata@Platform@@QE$AAAHXZ
?GetHashCode@Boolean@Platform@@QEAAHXZ
?GetHashCode@Delegate@Platform@@QE$AAAHXZ
?GetHashCode@Enum@Platform@@QE$AAAHXZ
?GetHashCode@Exception@Platform@@UE$AAAHXZ
?GetHashCode@Guid@Platform@@QEAAHXZ
?GetHashCode@MTAThreadAttribute@Platform@@QE$AAAHXZ
?GetHashCode@Object@Platform@@QE$AAAHXZ
?GetHashCode@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAAHXZ
?GetHashCode@STAThreadAttribute@Platform@@QE$AAAHXZ
?GetHashCode@Type@Platform@@UE$AAAHXZ
?GetHashCode@ValueType@Platform@@QE$AAAHXZ
?GetHashCode@char16@default@@QEAAHXZ
?GetHashCode@float32@default@@QEAAHXZ
?GetHashCode@float64@default@@QEAAHXZ
?GetHashCode@int16@default@@QEAAHXZ
?GetHashCode@int32@default@@QEAAHXZ
?GetHashCode@int64@default@@QEAAHXZ
?GetHashCode@int8@default@@QEAAHXZ
?GetHashCode@uint16@default@@QEAAHXZ
?GetHashCode@uint32@default@@QEAAHXZ
?GetHashCode@uint64@default@@QEAAHXZ
?GetHashCode@uint8@default@@QEAAHXZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?GetType@Boolean@Platform@@QEAAPE$AAVType@2@XZ
?GetType@Guid@Platform@@QEAAPE$AAVType@2@XZ
?GetType@Object@Platform@@QE$AAAPE$AAVType@2@XZ
?GetType@char16@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@float32@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@float64@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@int16@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@int32@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@int64@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@int8@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@uint16@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@uint32@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@uint64@default@@QEAAPE$AAVType@Platform@@XZ
?GetType@uint8@default@@QEAAPE$AAVType@Platform@@XZ
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z
?InitControlBlock@ControlBlock@Details@Platform@@AEAAXPEAX_N11@Z
?InitializeData@Details@Platform@@YAJH@Z
?Intersect@Rect@Foundation@Windows@@QEAAXV123@@Z
?IntersectsWith@Rect@Foundation@Windows@@QEAA_NV123@@Z
?Invert@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?ReferenceEquals@Object@Platform@@SA_NPE$AAV12@0@Z
?ReferenceEquals@Object@Platform@@SA_NPE$AAVString@2@0@Z
?RegisterFactories@Details@Platform@@YAPE$AAVObject@2@PEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@P6AXXZ@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z
?RunApplicationServer@Details@Platform@@YAXPEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@PEB_W@Z
?RunServer@Details@Platform@@YAXPEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@PEB_W@Z
?TerminateModule@Details@Platform@@YA_NPEAVModuleBase@1WRL@Microsoft@@@Z
?ToInt32@IntPtr@Platform@@QEAAHXZ
?ToString@Attribute@Metadata@Platform@@QE$AAAPE$AAVString@3@XZ
?ToString@Boolean@Platform@@QEAAPE$AAVString@2@XZ
?ToString@Delegate@Platform@@QE$AAAPE$AAVString@2@XZ
?ToString@Enum@Platform@@QE$AAAPE$AAVString@2@XZ
?ToString@Exception@Platform@@UE$AAAPE$AAVString@2@XZ
?ToString@Guid@Platform@@QEAAPE$AAVString@2@XZ
?ToString@MTAThreadAttribute@Platform@@QE$AAAPE$AAVString@2@XZ
?ToString@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAAPE$AAVString@4@XZ
?ToString@STAThreadAttribute@Platform@@QE$AAAPE$AAVString@2@XZ
?ToString@Type@Platform@@UE$AAAPE$AAVString@2@XZ
?ToString@ValueType@Platform@@QE$AAAPE$AAVString@2@XZ
?ToString@char16@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@float32@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@float64@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@int16@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@int32@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@int64@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@int8@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@uint16@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@uint32@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@uint64@default@@QEAAPE$AAVString@Platform@@XZ
?ToString@uint8@default@@QEAAPE$AAVString@Platform@@XZ
?UninitializeData@Details@Platform@@YAXH@Z
?Union@Rect@Foundation@Windows@@QEAAXV123@@Z
?Union@Rect@Foundation@Windows@@QEAAXVPoint@23@@Z
?WriteLine@Console@Details@Platform@@SAXPE$AAVObject@3@@Z
?WriteLine@Console@Details@Platform@@SAXPE$AAVString@3@@Z
?WriteLine@Console@Details@Platform@@SAXXZ
?__abi_FailFast@@YAXXZ
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?__abi_Resolve@ControlBlock@Details@Platform@@UEAAJAEAVGuid@3@PEAPEAU__abi_IInspectable@@@Z
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__getActivationFactoryByHSTRING@@YAJPEAUHSTRING__@@AEAVGuid@Platform@@PEAPEAX@Z
?get@Bottom@Rect@Foundation@Windows@@QEAAMXZ
?get@BreakOnAllocationId@Heap@Details@Platform@@SAHXZ
?get@BreakOnFreeId@Heap@Details@Platform@@SAHXZ
?get@CurrentAllocationId@Heap@Details@Platform@@SAHXZ
?get@Empty@Rect@Foundation@Windows@@SA?AV234@XZ
?get@Empty@Size@Foundation@Windows@@SA?AV234@XZ
?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ
?get@HasInverse@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QEAA_NXZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?get@ObjectCount@Heap@Details@Platform@@SAHXZ
?get@Right@Rect@Foundation@Windows@@QEAAMXZ
?get@TrackingLevel@Heap@Details@Platform@@SA?AW4HeapAllocationTrackingLevel@34@XZ
?set@BreakOnAllocationId@Heap@Details@Platform@@SAXH@Z
?set@BreakOnFreeId@Heap@Details@Platform@@SAXH@Z
?set@TrackingLevel@Heap@Details@Platform@@SAXW4HeapAllocationTrackingLevel@34@@Z

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f91c705cf579114968b3edc12e1175e

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:b2:f9:9b:d8:d7:e7:a4:7c:9a:5b:62:f1:32:a8:a7:cd:79:2c:ce:93:3f:69:2d:49:f9:54:55:eb:1c:7a:43
Signer

Actual PE Digest

7c:b2:f9:9b:d8:d7:e7:a4:7c:9a:5b:62:f1:32:a8:a7:cd:79:2c:ce:93:3f:69:2d:49:f9:54:55:eb:1c:7a:43

Digest Algorithm

sha256

PE Digest Matches

true

7c:b2:f9:9b:d8:d7:e7:a4:7c:9a:5b:62:f1:32:a8:a7:cd:79:2c:ce:93:3f:69:2d:49:f9:54:55:eb:1c:7a:43
Signer

Actual PE Digest

7c:b2:f9:9b:d8:d7:e7:a4:7c:9a:5b:62:f1:32:a8:a7:cd:79:2c:ce:93:3f:69:2d:49:f9:54:55:eb:1c:7a:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

SetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
RtlUnwind
GetModuleHandleW
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
GetModuleFileNameW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fothk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

72707e942878aac770fcc118ce3ec1c9

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5b:2a:76:e2:02:bc:48:a3:52:00:8e:5c:37:fd:f9:45:46:52:3f:65:31:9b:2a:4a:cd:5f:f3:35:71:05:ae:42
Signer

Actual PE Digest

5b:2a:76:e2:02:bc:48:a3:52:00:8e:5c:37:fd:f9:45:46:52:3f:65:31:9b:2a:4a:cd:5f:f3:35:71:05:ae:42

Digest Algorithm

sha256

PE Digest Matches

true

5b:2a:76:e2:02:bc:48:a3:52:00:8e:5c:37:fd:f9:45:46:52:3f:65:31:9b:2a:4a:cd:5f:f3:35:71:05:ae:42
Signer

Actual PE Digest

5b:2a:76:e2:02:bc:48:a3:52:00:8e:5c:37:fd:f9:45:46:52:3f:65:31:9b:2a:4a:cd:5f:f3:35:71:05:ae:42

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
GetLastError
DeleteCriticalSection
SetLastError

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140_threads.dll
.dll windows:6 windows x64 arch:x64

5ec0377a6cf6fab1a21b56f09428ef6a

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:56:dd:30:17:bf:08:7a:53:2c:08:55:f1:c0:85:6e:3a:a4:5a:b3:89:7e:6c:e4:b3:47:7b:98:12:ab:6f:56
Signer

Actual PE Digest

20:56:dd:30:17:bf:08:7a:53:2c:08:55:f1:c0:85:6e:3a:a4:5a:b3:89:7e:6c:e4:b3:47:7b:98:12:ab:6f:56

Digest Algorithm

sha256

PE Digest Matches

true

20:56:dd:30:17:bf:08:7a:53:2c:08:55:f1:c0:85:6e:3a:a4:5a:b3:89:7e:6c:e4:b3:47:7b:98:12:ab:6f:56
Signer

Actual PE Digest

20:56:dd:30:17:bf:08:7a:53:2c:08:55:f1:c0:85:6e:3a:a4:5a:b3:89:7e:6c:e4:b3:47:7b:98:12:ab:6f:56

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_threads.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
abort
_beginthreadex
_errno

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-time-l1-1-0

_timespec64_get
_timespec32_get

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
__CxxFrameHandler3
memset
memcpy

kernel32

AcquireSRWLockExclusive
SwitchToThread
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetThreadId
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetExitCodeThread
Sleep
WaitForSingleObject
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
ExitThread
CloseHandle
GetLastError
ReleaseSRWLockExclusive
ReleaseSRWLockShared
InitOnceExecuteOnce
AcquireSRWLockShared
GetCurrentThreadId

Exports

Exports

_cnd_timedwait32
_cnd_timedwait64
_mtx_timedlock32
_mtx_timedlock64
_thrd_sleep32
_thrd_sleep64
call_once
cnd_broadcast
cnd_destroy
cnd_init
cnd_signal
cnd_wait
mtx_destroy
mtx_init
mtx_lock
mtx_trylock
mtx_unlock
thrd_create
thrd_current
thrd_detach
thrd_equal
thrd_exit
thrd_join
thrd_yield
tss_create
tss_delete
tss_get
tss_set

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:6 windows x64 arch:x64

469cefa9bbd088726b7f185c87e7397f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\zlib-1.3.1\x64\Release\zlibwapi.pdb

Imports

vcruntime140

memcpy
memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler
memchr
memmove

api-ms-win-crt-stdio-l1-1-0

_read
_write
__stdio_common_vsprintf
_close
_wopen
_lseeki64
_open

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_crt_at_quick_exit
_errno
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
strerror

kernel32

SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind

Exports

Exports

adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_combine_gen
crc32_combine_gen64
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ab321ef07fa16b0e509b28abe4ec68

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 386KB

.pdata Size: 1024B - Virtual size: 864B

.ndata Size: - Virtual size: 1.4MB

.rsrc Size: 78KB - Virtual size: 78KB

5701993c113b5b4a8df7d62ad71dffca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 84B

.pdata Size: 512B - Virtual size: 324B

1d9dcf131a0c1a2ed99cd33cbafd155f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 200B

.pdata Size: 512B - Virtual size: 420B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 512B - Virtual size: 16B

be212422bea078d0b2f4529b6ce1a0e2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: - Virtual size: 8KB

.pdata Size: 512B - Virtual size: 312B

.rsrc Size: 512B - Virtual size: 152B

2bab0054c3b453dc2c189dff4fa27ff7

Headers

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 386KB

.pdata
Size: 1024B - Virtual size: 864B

.ndata
Size: - Virtual size: 1.4MB

.rsrc
Size: 78KB - Virtual size: 78KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 84B

.pdata
Size: 512B - Virtual size: 324B

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 200B

.pdata
Size: 512B - Virtual size: 420B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 16B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: - Virtual size: 8KB

.pdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 512B - Virtual size: 152B

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 22KB - Virtual size: 22KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 232B

.text
Size: 536KB - Virtual size: 536KB

.rdata
Size: 345KB - Virtual size: 345KB

.data
Size: 512B - Virtual size: 1.1MB

.pdata
Size: 14KB - Virtual size: 14KB

_RDATA
Size: 146KB - Virtual size: 145KB

.rsrc
Size: 1024B - Virtual size: 864B

.reloc
Size: 5KB - Virtual size: 5KB