AddFile
Close
Init
Write
Overview
overview
9Static
static
9b6138bd31f...73.exe
windows7-x64
7b6138bd31f...73.exe
windows10-2004-x64
7$PLUGINSDIR/LogEx.dll
windows7-x64
3$PLUGINSDIR/LogEx.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3CrashReport.exe
windows7-x64
1CrashReport.exe
windows10-2004-x64
1InstallSys...ce.bat
windows7-x64
8InstallSys...ce.bat
windows10-2004-x64
8SystemClockHook.dll
windows7-x64
1SystemClockHook.dll
windows10-2004-x64
1SystemCloc...st.exe
windows7-x64
1SystemCloc...st.exe
windows10-2004-x64
1SystemCloc...64.exe
windows7-x64
6SystemCloc...64.exe
windows10-2004-x64
7SystemCloc...64.dll
windows7-x64
1SystemCloc...64.dll
windows10-2004-x64
1SystemTime...ce.exe
windows7-x64
1SystemTime...ce.exe
windows10-2004-x64
1UninstallS...ce.bat
windows7-x64
8UninstallS...ce.bat
windows10-2004-x64
8YXCalendar.exe
windows7-x64
6YXCalendar.exe
windows10-2004-x64
6YXCapture.dll
windows7-x64
1YXCapture.dll
windows10-2004-x64
1Behavioral task
behavioral1
Sample
b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73.exe
Resource
win7-20240508-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/LogEx.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/LogEx.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral13
Sample
CrashReport.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
CrashReport.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
InstallSystemTimeSyncService.bat
Resource
win7-20240508-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral16
Sample
InstallSystemTimeSyncService.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral17
Sample
SystemClockHook.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral18
Sample
SystemClockHook.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral19
Sample
SystemClockHookHost.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
SystemClockHookHost.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral21
Sample
SystemClockHookHost_x64.exe
Resource
win7-20240220-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral22
Sample
SystemClockHookHost_x64.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
8 signatures
150 seconds
Behavioral task
behavioral23
Sample
SystemClockHook_x64.dll
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral24
Sample
SystemClockHook_x64.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral25
Sample
SystemTimeSyncService.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
SystemTimeSyncService.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral27
Sample
UninstallSystemTimeSyncService.bat
Resource
win7-20240611-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral28
Sample
UninstallSystemTimeSyncService.bat
Resource
win10v2004-20240611-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral29
Sample
YXCalendar.exe
Resource
win7-20240419-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral30
Sample
YXCalendar.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral31
Sample
YXCapture.dll
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral32
Sample
YXCapture.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73
-
Size
7.1MB
-
MD5
be9a87d9ac301266af08218734ff4224
-
SHA1
c46026f4015bed9ecf183be84c60c230b291a0db
-
SHA256
b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73
-
SHA512
7c8a31d0c92ec948f4788160b4233316746ae32adb0341f80f050c2abce4a23b6987f4123b6da5d5d51afb182bce662d694f434dee711732d9c780a0504035d4
-
SSDEEP
196608:Qbf0n7QqLlUTuyTfcD4RmT5HdIFbyTu25SmF/5:QbG7Qq+h0YM9Mby/5Sm3
Score
9/10
Malware Config
Signatures
-
resource yara_rule static1/unpack001/CrashReport.exe detect_ak_stuff -
Unsigned PE 10 IoCs
Checks for missing Authenticode signature.
resource b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73 unpack001/$PLUGINSDIR/LogEx.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/inetc.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/$PLUGINSDIR/nsProcess.dll unpack002/$PLUGINSDIR/LangDLL.dll unpack002/$PLUGINSDIR/LogEx.dll unpack002/$PLUGINSDIR/inetc.dll unpack002/$PLUGINSDIR/nsProcess.dll
Files
-
b6138bd31f0930d6f489ac8ef0dad8333b30bcebc51c0940b19ab4cb3ffbab73.exe windows:4 windows x86 arch:x86
61259b55b8912888e90f516ca08dc514
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 156KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 391KB - Virtual size: 391KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LogEx.dll.dll windows:4 windows x86 arch:x86
549d7b44067bbcdf42bf6a90a80a3a9e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
WriteFile
CreateFileW
CloseHandle
GlobalFree
GlobalAlloc
VirtualFree
ReadFile
VirtualAlloc
GetFileSize
lstrcpyW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InterlockedDecrement
InterlockedIncrement
user32
FindWindowExW
GetDlgItem
SendMessageW
SetWindowTextW
Exports
Exports
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/inetc.dll.dll windows:5 windows x86 arch:x86
ac10bd0ffca217141ca47c63b7c99be6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
E:\浏览器打包\Plugins\Inetc\Unicode\Plugins\inetc.pdb
Imports
wininet
InternetOpenW
InternetCrackUrlW
InternetConnectW
HttpEndRequestW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetErrorDlg
InternetCloseHandle
HttpAddRequestHeadersA
InternetQueryOptionW
InternetSetOptionW
InternetSetFilePointer
InternetGetLastResponseInfoW
FtpOpenFileW
FtpCreateDirectoryW
HttpQueryInfoW
HttpSendRequestExW
HttpSendRequestW
InternetWriteFile
InternetReadFile
comctl32
ord17
kernel32
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
SetStdHandle
WriteConsoleW
OutputDebugStringA
RtlUnwind
GetLocaleInfoW
InterlockedExchange
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringW
FlushFileBuffers
lstrlenW
WriteFile
ReadFile
lstrcmpW
lstrcpynW
GetLastError
GetProcAddress
LoadLibraryA
LocalFree
DeleteFileW
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatW
GetFileSize
CreateFileW
lstrcmpiW
LocalAlloc
lstrcpyW
MulDiv
GetModuleHandleW
MultiByteToWideChar
TerminateThread
WaitForSingleObject
CreateThread
CreateFileA
lstrlenA
WideCharToMultiByte
GlobalFree
GlobalAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
VirtualQuery
GetProcessHeap
HeapAlloc
TerminateProcess
HeapFree
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
ExitProcess
IsBadReadPtr
HeapValidate
GetCurrentThreadId
DecodePointer
GetCommandLineA
IsDebuggerPresent
RaiseException
LoadLibraryW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
user32
wsprintfA
FindWindowExW
CreateDialogParamW
EnableWindow
IsWindowVisible
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
RedrawWindow
UpdateWindow
KillTimer
DestroyWindow
LoadIconW
SetTimer
GetWindowRect
GetClientRect
SystemParametersInfoW
SetDlgItemTextW
SendMessageW
GetWindowTextW
PostMessageW
GetDlgItem
SendDlgItemMessageW
SetWindowTextW
GetWindowLongW
SetWindowLongW
ShowWindow
GetParent
MessageBoxW
IsWindow
wsprintfW
SetWindowPos
Exports
Exports
get
head
post
put
Sections
.textbss Size: - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 336KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 62KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
6b5c4f7d679059f68f1269aad3a5cecd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc
user32
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW
gdi32
SetTextColor
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 638B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsProcess.dll.dll windows:5 windows x86 arch:x86
439074d1c01f7b16781bdf060930814a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc
user32
GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW
Exports
Exports
_CloseProcess
_FindProcess
_KillProcess
_Unload
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 927B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CrashReport.exe.exe windows:5 windows x86 arch:x86
6da0f239c0bc210f0880b9fe9471df76
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
c2:2d:89:0d:f4:97:cd:e2:4f:ce:22:55:c4:9b:a8:34:ce:c2:dd:e8:d7:2d:67:d3:3a:b3:2b:96:c7:a2:61:fdSigner
Actual PE Digestc2:2d:89:0d:f4:97:cd:e2:4f:ce:22:55:c4:9b:a8:34:ce:c2:dd:e8:d7:2d:67:d3:3a:b3:2b:96:c7:a2:61:fdDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\CrashReport.pdb
Imports
kernel32
ReadConsoleInputA
DeleteFileA
GetModuleFileNameA
FindClose
WideCharToMultiByte
EncodePointer
DecodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
CloseHandle
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
GetCurrentThread
GetExitCodeThread
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
CreateTimerQueue
GetLastError
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FindNextFileA
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
RtlUnwind
ReadFile
CreateFileW
GetFileType
HeapAlloc
HeapFree
GetModuleHandleExW
HeapReAlloc
ExitProcess
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
SetStdHandle
SetConsoleCtrlHandler
GetProcessHeap
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
HeapSize
SetEndOfFile
LoadLibraryA
GlobalMemoryStatus
FlushConsoleInputBuffer
FindFirstFileA
SetConsoleMode
libcurl
curl_easy_reset
curl_easy_getinfo
curl_easy_perform
curl_easy_setopt
curl_easy_init
curl_easy_strerror
curl_slist_free_all
curl_slist_append
curl_global_cleanup
curl_global_init
curl_easy_cleanup
user32
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
advapi32
RegisterEventSourceA
DeregisterEventSource
ReportEventA
Sections
.text Size: 818KB - Virtual size: 818KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 262KB - Virtual size: 261KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstallSystemTimeSyncService.bat
-
SystemClockHook.dll.dll windows:5 windows x86 arch:x86
c2180e518c18b1e66d725a3cec7d4630
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
25:bd:17:c7:e9:ec:6f:94:d7:bd:6a:dd:11:ae:7e:50:a2:9d:f3:1d:ac:be:5f:06:75:53:80:32:73:f2:05:06Signer
Actual PE Digest25:bd:17:c7:e9:ec:6f:94:d7:bd:6a:dd:11:ae:7e:50:a2:9d:f3:1d:ac:be:5f:06:75:53:80:32:73:f2:05:06Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\SystemClockHook.pdb
Imports
advapi32
IsTextUnicode
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
shell32
ShellExecuteW
ShellExecuteExW
user32
MonitorFromWindow
MessageBeep
ChildWindowFromPointEx
GetMonitorInfoW
MessageBoxIndirectW
GetDesktopWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowA
SetLayeredWindowAttributes
GetWindowLongW
DefWindowProcW
MonitorFromPoint
GetWindow
DestroyWindow
SetWindowPos
keybd_event
CreateWindowExW
SendMessageW
UnregisterClassW
CreatePopupMenu
RegisterClassExW
GetWindowRect
OpenClipboard
SetTimer
FindWindowExA
CloseClipboard
EmptyClipboard
MapWindowPoints
GetSysColor
SetFocus
LoadCursorW
SetClipboardData
SetWindowLongW
CheckMenuItem
GetClientRect
AppendMenuW
KillTimer
GetParent
SetForegroundWindow
InvalidateRect
GetCursorPos
BeginPaint
EndPaint
PostMessageW
FindWindowExW
CallNextHookEx
GetClassNameA
IsWindow
FindWindowW
wsprintfW
GetDC
ReleaseDC
TrackPopupMenu
gdi32
SelectObject
CreateDIBSection
CreateCompatibleDC
GdiFlush
CreateFontW
GetTextMetricsW
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
DeleteObject
CreateBitmap
SetTextAlign
ExtTextOutW
GetDeviceCaps
BitBlt
comctl32
ord412
ord410
ord413
kernel32
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointerEx
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
LCMapStringW
GetStdHandle
GetACP
GetStringTypeW
FindClose
HeapFree
GetModuleFileNameA
ExitProcess
DeleteFileW
MoveFileExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FindFirstFileExA
FindNextFileA
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
HeapSize
HeapReAlloc
HeapAlloc
SetEndOfFile
DecodePointer
CompareStringW
EnterCriticalSection
SetLastError
GetUserDefaultLangID
GetLocaleInfoW
IsValidCodePage
MulDiv
GetDateFormatW
ReleaseSemaphore
OutputDebugStringA
OpenFileMappingW
CloseHandle
GetCurrentProcessId
MapViewOfFile
WaitNamedPipeA
GetCurrentProcess
WriteFile
GetModuleFileNameW
WaitForSingleObject
CreateFileW
GetCurrentThreadId
GetModuleHandleA
CreateFileA
GlobalAlloc
GetNativeSystemInfo
LoadLibraryW
CreateThread
GetLocalTime
GetProcAddress
GlobalLock
FreeLibrary
CreateSemaphoreW
WideCharToMultiByte
GetSystemTime
GlobalUnlock
GetVersion
LoadLibraryA
GetModuleHandleW
GetLongPathNameW
GetVersionExW
MultiByteToWideChar
Sleep
OpenSemaphoreW
GetTickCount
LoadLibraryExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
RaiseException
Exports
Exports
SetupClockAPI
Sections
.text Size: 142KB - Virtual size: 142KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 168B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.shared Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SystemClockHookHost.exe.exe windows:5 windows x86 arch:x86
a8c2dd54edcb2dc89fbd25c84eea1175
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
4e:8f:d3:c1:67:b2:cf:88:b7:84:bd:79:3f:71:87:3b:11:7b:3f:3e:8c:e7:08:e0:2f:bc:29:40:56:89:49:8fSigner
Actual PE Digest4e:8f:d3:c1:67:b2:cf:88:b7:84:bd:79:3f:71:87:3b:11:7b:3f:3e:8c:e7:08:e0:2f:bc:29:40:56:89:49:8fDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\SystemClockHookHost.pdb
Imports
shell32
ShellExecuteW
user32
PostQuitMessage
FindWindowA
GetWindow
GetClassNameA
InvalidateRect
GetMessageW
DefWindowProcW
PostMessageW
MessageBoxW
CreateWindowExW
SendMessageW
ReplyMessage
RegisterWindowMessageA
DispatchMessageW
SetTimer
RegisterClassW
TranslateMessage
LoadIconW
FindWindowW
LoadCursorW
KillTimer
psapi
EmptyWorkingSet
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
kernel32
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
DecodePointer
WriteConsoleW
RaiseException
LCMapStringW
GetFileType
HeapAlloc
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
GetCurrentProcess
OutputDebugStringA
GetModuleFileNameW
CreateMutexW
WaitForSingleObject
GetModuleHandleA
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
TerminateThread
Process32FirstW
CloseHandle
GetNativeSystemInfo
CreateThread
GetProcAddress
WTSGetActiveConsoleSessionId
GetTickCount
LoadLibraryW
FreeLibrary
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SystemClockHookHost_x64.exe.exe windows:5 windows x64 arch:x64
7ae8e8912e8d2a4e6465b4ba25fe1405
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
fa:bc:eb:e9:5e:e0:a1:76:ad:af:27:b4:a7:a6:44:0a:c4:6c:07:f6:00:34:5c:d8:8d:9f:d3:60:9a:78:52:43Signer
Actual PE Digestfa:bc:eb:e9:5e:e0:a1:76:ad:af:27:b4:a7:a6:44:0a:c4:6c:07:f6:00:34:5c:d8:8d:9f:d3:60:9a:78:52:43Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\SystemClockHookHost_x64.pdb
Imports
shell32
ShellExecuteW
user32
PostQuitMessage
FindWindowA
GetWindow
GetClassNameA
InvalidateRect
GetMessageW
DefWindowProcW
PostMessageW
MessageBoxW
CreateWindowExW
SendMessageW
ReplyMessage
RegisterWindowMessageA
DispatchMessageW
SetTimer
RegisterClassW
TranslateMessage
LoadIconW
FindWindowW
LoadCursorW
KillTimer
psapi
EmptyWorkingSet
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
kernel32
GetConsoleCP
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
SetStdHandle
LCMapStringW
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
RaiseException
HeapAlloc
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
OutputDebugStringA
GetModuleFileNameW
CreateMutexW
GetModuleHandleA
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
TerminateThread
Process32FirstW
CloseHandle
GetNativeSystemInfo
CreateThread
GetProcAddress
WTSGetActiveConsoleSessionId
GetTickCount
LoadLibraryW
FreeLibrary
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
WriteFile
CreateFileW
Sections
.text Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SystemClockHook_x64.dll.dll windows:5 windows x64 arch:x64
443433d9a18fa753f36e722021b41657
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
22:a6:67:6d:62:dc:87:a2:9a:9b:64:a5:a6:9f:7b:cf:40:5e:ea:dc:cd:e3:5e:ef:f2:96:2d:45:8d:4b:5a:f1Signer
Actual PE Digest22:a6:67:6d:62:dc:87:a2:9a:9b:64:a5:a6:9f:7b:cf:40:5e:ea:dc:cd:e3:5e:ef:f2:96:2d:45:8d:4b:5a:f1Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\SystemClockHook_x64.pdb
Imports
advapi32
IsTextUnicode
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
shell32
ShellExecuteW
ShellExecuteExW
user32
MonitorFromWindow
MessageBeep
ChildWindowFromPointEx
GetMonitorInfoW
MessageBoxIndirectW
GetDesktopWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowA
SetLayeredWindowAttributes
DefWindowProcW
MonitorFromPoint
GetWindow
DestroyWindow
SetWindowPos
keybd_event
SetWindowLongPtrW
CreateWindowExW
SendMessageW
UnregisterClassW
CreatePopupMenu
GetWindowLongPtrW
GetWindowRect
TrackPopupMenu
OpenClipboard
SetTimer
FindWindowExA
CloseClipboard
EmptyClipboard
MapWindowPoints
GetSysColor
SetFocus
LoadCursorW
SetClipboardData
CheckMenuItem
GetClientRect
AppendMenuW
KillTimer
GetParent
SetForegroundWindow
InvalidateRect
GetCursorPos
BeginPaint
EndPaint
PostMessageW
FindWindowExW
CallNextHookEx
GetClassNameA
IsWindow
FindWindowW
wsprintfW
GetDC
ReleaseDC
RegisterClassExW
gdi32
SelectObject
CreateDIBSection
CreateCompatibleDC
GdiFlush
CreateFontW
GetTextMetricsW
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
DeleteObject
CreateBitmap
SetTextAlign
ExtTextOutW
GetDeviceCaps
BitBlt
comctl32
ord412
ord410
ord413
kernel32
GetConsoleMode
GetConsoleCP
SetFilePointerEx
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
LCMapStringW
CompareStringW
HeapReAlloc
GetACP
GetStringTypeW
HeapAlloc
HeapFree
ReadFile
ExitProcess
DeleteFileW
MoveFileExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
ReadConsoleW
FindClose
FindFirstFileExA
FindNextFileA
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleW
GetModuleFileNameA
HeapSize
SetEndOfFile
GetStdHandle
InterlockedFlushSList
GetUserDefaultLangID
GetLocaleInfoW
IsValidCodePage
MulDiv
GetDateFormatW
ReleaseSemaphore
OutputDebugStringA
OpenFileMappingW
CloseHandle
GetCurrentProcessId
MapViewOfFile
WaitNamedPipeA
GetCurrentProcess
WriteFile
GetModuleFileNameW
WaitForSingleObject
CreateFileW
GetCurrentThreadId
GetModuleHandleA
CreateFileA
GlobalAlloc
GetNativeSystemInfo
LoadLibraryW
CreateThread
GetLocalTime
GetProcAddress
GlobalLock
FreeLibrary
CreateSemaphoreW
WideCharToMultiByte
GetSystemTime
GlobalUnlock
GetVersion
LoadLibraryA
GetModuleHandleW
GetLongPathNameW
GetVersionExW
MultiByteToWideChar
Sleep
OpenSemaphoreW
GetTickCount
LoadLibraryExW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RaiseException
Exports
Exports
SetupClockAPI
Sections
.text Size: 158KB - Virtual size: 158KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 156B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.shared Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SystemTimeSyncService.exe.exe windows:5 windows x86 arch:x86
d20eb1af1e62fa4ab9291a0877200854
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:0d:dc:eb:30:b3:a7:3d:5a:d7:18:8d:ac:8b:65:ef:79:a6:22:9f:9d:6f:fa:3e:2d:93:dc:f7:ac:3c:92:51Signer
Actual PE Digest60:0d:dc:eb:30:b3:a7:3d:5a:d7:18:8d:ac:8b:65:ef:79:a6:22:9f:9d:6f:fa:3e:2d:93:dc:f7:ac:3c:92:51Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\SystemTimeSyncService.pdb
Imports
kernel32
CloseHandle
SetEvent
HeapCreate
HeapDestroy
GetCurrentDirectoryW
CreateFileW
WriteFile
OutputDebugStringA
SetLastError
GetCurrentProcessId
GetLocalTime
GetTickCount
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
IsDebuggerPresent
RaiseException
GetCurrentProcess
CreateThread
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
GetCommandLineW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FlushFileBuffers
ReadFile
SetEndOfFile
SetFilePointerEx
GetLastError
CreateDirectoryW
GetFileAttributesExW
FindClose
FindFirstFileExW
FindNextFileW
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
FreeLibrary
LoadLibraryExW
RtlUnwind
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileType
GetStdHandle
GetCommandLineA
GetACP
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
WriteConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetTempPathA
Sleep
CreateEventW
WaitForSingleObject
GetModuleFileNameW
SetLocalTime
advapi32
OpenServiceW
StartServiceCtrlDispatcherW
InitializeSecurityDescriptor
StartServiceW
ControlService
RegisterServiceCtrlHandlerW
DeleteService
SetServiceStatus
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
CreateServiceW
SetSecurityDescriptorDacl
shell32
SHGetSpecialFolderPathW
libcurl
curl_easy_setopt
curl_easy_cleanup
curl_easy_init
curl_easy_perform
winhttp
WinHttpGetIEProxyConfigForCurrentUser
dbghelp
SymGetLineFromAddr64
SymFromAddr
Exports
Exports
GetHandleVerifier
Sections
.text Size: 237KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 856B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UninstallSystemTimeSyncService.bat
-
YXCalendar.exe.exe windows:5 windows x86 arch:x86
a2d1e971d0322f960cc01d5aa3f86b5c
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:1f:e7:e6:63:f2:58:11:77:f3:b4:34:85:51:13:d0:42:74:f0:25:b5:42:6d:d6:7f:dd:eb:e0:af:45:7c:a2Signer
Actual PE Digest33:1f:e7:e6:63:f2:58:11:77:f3:b4:34:85:51:13:d0:42:74:f0:25:b5:42:6d:d6:7f:dd:eb:e0:af:45:7c:a2Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\YXCalendar.pdb
Imports
kernel32
SizeofResource
CreateNamedPipeA
FreeResource
LockResource
LoadResource
FindResourceW
MoveFileW
ConnectNamedPipe
GetLocalTime
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
FindClose
FindNextFileW
FlushFileBuffers
QueryPerformanceCounter
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
DeleteCriticalSection
GetFileSize
LockFileEx
LocalFree
CreateFileMappingA
UnlockFile
HeapDestroy
HeapAlloc
GetSystemInfo
HeapReAlloc
DeleteFileA
GetVersionExA
LoadLibraryA
CreateFileA
GetFileAttributesExW
GetFileAttributesA
GetLastError
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
LockFile
GetDiskFreeSpaceW
InterlockedCompareExchange
WriteFile
GetFullPathNameW
EnterCriticalSection
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
SetThreadExecutionState
FindFirstFileW
SetUnhandledExceptionFilter
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
WriteConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetStdHandle
GetCurrentProcessId
CreateFileW
GetCurrentProcess
OpenEventW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MapViewOfFile
CreateFileMappingW
TerminateProcess
OpenProcess
CopyFileW
GetModuleHandleW
GetNativeSystemInfo
InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryW
GetModuleFileNameW
GetTempPathW
GetTickCount
DeleteFileW
CreateThread
CloseHandle
TerminateThread
SetEvent
OutputDebugStringW
Sleep
SetStdHandle
ResumeThread
ExitThread
PeekNamedPipe
GetFileType
GetDriveTypeW
GetConsoleMode
GetConsoleCP
RtlUnwind
CreateTimerQueue
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
CreateEventW
WaitForSingleObject
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
GetTimeZoneInformation
FindFirstFileExW
RegisterWaitForSingleObject
UnregisterWaitEx
GetModuleHandleA
SetFilePointerEx
VirtualFree
VirtualAlloc
GetModuleHandleExW
ReleaseMutex
FileTimeToSystemTime
GetCurrentThreadId
OutputDebugStringA
TryEnterCriticalSection
GetStringTypeW
QueryPerformanceFrequency
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
MulDiv
lstrlenW
GetCurrentDirectoryW
ExitProcess
GetACP
VerSetConditionMask
VerifyVersionInfoW
lstrcmpiW
lstrcpyW
GlobalFree
SetFileTime
LocalFileTimeToFileTime
CreateDirectoryW
RaiseException
lstrcpynW
ResetEvent
IsDebuggerPresent
DuplicateHandle
GetCurrentThread
SetThreadPriority
GetThreadPriority
GetCommandLineW
RtlCaptureStackBackTrace
SystemTimeToTzSpecificLocalTime
user32
ShowWindow
MonitorFromWindow
SetWindowPos
GetWindowRect
GetWindow
MonitorFromPoint
GetWindowThreadProcessId
SendMessageW
IsWindowVisible
PostMessageW
KillTimer
ClientToScreen
IsIconic
IsZoomed
GetClientRect
SetFocus
SetTimer
PtInRect
GetSystemMetrics
IntersectRect
OffsetRect
IsWindow
SetWindowLongW
GetWindowLongW
SetParent
GetClassNameW
GetMonitorInfoW
MoveWindow
FindWindowExW
wsprintfW
GetDC
GetKeyState
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetWindowTextW
FindWindowA
RegisterWindowMessageW
GetLastInputInfo
ReleaseDC
RegisterHotKey
EnumDisplayMonitors
AttachThreadInput
GetForegroundWindow
GetParent
SetForegroundWindow
LoadIconW
CreatePopupMenu
AppendMenuW
CheckMenuItem
TrackPopupMenu
keybd_event
InvalidateRect
GetCursorPos
EnumWindows
GetWindowTextLengthW
PostThreadMessageW
ScreenToClient
SetClassLongW
OpenClipboard
CloseClipboard
EmptyClipboard
ExitWindowsEx
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
GetCursor
WindowFromPoint
FindWindowW
LoadCursorW
MessageBoxA
MapVirtualKeyW
MessageBoxW
GetKeyNameTextA
UnregisterHotKey
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
DestroyWindow
CharNextW
GetActiveWindow
GetFocus
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
MapWindowPoints
GetSysColor
UnionRect
IsRectEmpty
LoadImageW
SetWindowRgn
SetCursor
InflateRect
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
IsWindowEnabled
DestroyMenu
EnableMenuItem
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
SetWindowTextW
UpdateWindow
EqualRect
CharPrevW
DrawTextW
FillRect
SetRect
DrawIconEx
GetKeyboardLayout
GetKeyNameTextW
MapVirtualKeyExW
UpdateLayeredWindow
GetWindowRgn
wsprintfA
DrawTextA
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
PostQuitMessage
gdi32
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
GetDeviceCaps
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
EnumFontFamiliesW
CreateDIBitmap
SaveDC
SelectObject
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
SetWindowOrgEx
CreateRoundRectRgn
CreatePatternBrush
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
SetTextColor
CombineRgn
CreatePenIndirect
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
SelectClipRgn
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
CreateDIBSection
MoveToEx
TextOutW
GdiFlush
CreateRectRgn
PtInRegion
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
BitBlt
SetBkMode
GetObjectA
GetObjectW
SetBkColor
GetPixel
RestoreDC
Rectangle
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyA
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegQueryInfoKeyA
RegOpenKeyExA
GetTokenInformation
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyExW
shell32
SHGetSpecialFolderPathW
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteA
ShellExecuteExW
ShellExecuteW
DragQueryFileW
ole32
CreateStreamOnHGlobal
DoDragDrop
CoCreateInstance
ReleaseStgMedium
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoSetProxyBlanket
CoUninitialize
CoCreateGuid
OleLockRunning
CoInitialize
oleaut32
SysStringLen
VariantClear
VariantInit
SysFreeString
SysAllocStringByteLen
SysAllocString
comctl32
InitCommonControlsEx
_TrackMouseEvent
ord17
gdiplus
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipCreateFontFromDC
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipSaveImageToFile
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetFontSize
GdipGetImageEncodersSize
GdipGetGenericFontFamilySansSerif
GdipCreateHBITMAPFromBitmap
GdipGetPathWorldBounds
GdipGetFontStyle
GdipCreatePath
GdipDisposeImage
GdipDeletePath
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAddPathString
GdipGetFamily
GdipGetImageEncoders
GdipGetImageHeight
GdipDeleteStringFormat
GdipDeleteFont
GdipCreateSolidFill
GdipFillPieI
GdipDeleteBrush
GdipAlloc
GdipSetSmoothingMode
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipGetPropertyItem
GdipFree
GdipGetPropertyItemSize
GdipCreateFromHDC
GdipFillEllipseI
GdipCloneBrush
GdipFillRectangleI
GdipDeleteGraphics
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdiplusStartup
GdiplusShutdown
GdipAddPathLine
ord1
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawEllipse
GdipDrawPath
GdipFillPath
GdipDrawImageRectI
GdipDrawString
GdipMeasureString
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipAddPathEllipseI
GdipLoadImageFromFile
GdipDrawEllipseI
GdipSetClipPath
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
dbghelp
SymGetLineFromAddr64
SymFromAddr
MiniDumpWriteDump
winmm
timeGetTime
timeKillEvent
timeSetEvent
PlaySoundW
ws2_32
WSAStartup
gethostbyname
WSACleanup
gethostname
libcurl
curl_easy_strerror
curl_global_cleanup
curl_global_init
curl_easy_getinfo
curl_easy_setopt
curl_easy_cleanup
curl_easy_perform
curl_easy_init
curl_slist_append
curl_slist_free_all
winhttp
WinHttpGetIEProxyConfigForCurrentUser
iphlpapi
GetAdaptersInfo
imm32
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext
Exports
Exports
GetHandleVerifier
Sections
.text Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 914KB - Virtual size: 914KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 21B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 218KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
YXCapture.dll.dll windows:5 windows x86 arch:x86
e3d948651137792db1574debe5630739
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
c0:d3:aa:a1:51:d1:55:a1:c5:21:74:be:2a:c1:39:94:9c:72:ae:e4:37:13:ca:a8:a1:eb:5d:64:c5:d3:96:bdSigner
Actual PE Digestc0:d3:aa:a1:51:d1:55:a1:c5:21:74:be:2a:c1:39:94:9c:72:ae:e4:37:13:ca:a8:a1:eb:5d:64:c5:d3:96:bdDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\yxcapture\bin\YXCapture.pdb
Imports
kernel32
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetStringTypeW
GetStdHandle
LCMapStringW
GetModuleFileNameA
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemInfo
SetLastError
InterlockedFlushSList
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
EncodePointer
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
WriteConsoleW
GetFileAttributesW
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
GetLocalTime
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
GetProfileIntW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
GetLastError
RaiseException
WaitForSingleObjectEx
ResetEvent
SetEvent
CreateDirectoryW
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
SetFileTime
SetFilePointer
WriteFile
GetFileType
GetCurrentProcess
CreateFileW
CloseHandle
ReadFile
GetFileSize
ExitProcess
GetCurrentDirectoryW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetACP
OutputDebugStringA
user32
IsWindow
IsWindowVisible
GetWindowRect
FindWindowExW
GetWindow
GetWindowLongW
FillRect
GetClientRect
ClientToScreen
ClipCursor
SetCapture
GetWindowTextLengthW
CharPrevW
CharNextW
MessageBoxW
SetWindowRgn
IsIconic
MapWindowPoints
GetClassNameW
KillTimer
SetTimer
GetFocus
DestroyWindow
MonitorFromWindow
GetParent
GetPropW
SetPropW
EnableWindow
PtInRect
RegisterClassW
GetMessageW
GetCapture
DispatchMessageW
ReleaseCapture
EnumDisplayMonitors
GetUpdateRect
GetDesktopWindow
GetMonitorInfoW
GetCursorPos
ScreenToClient
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetFocus
InvalidateRgn
GetSystemMetrics
UpdateWindow
GetDCEx
GetDC
ReleaseDC
GetWindowThreadProcessId
CallWindowProcW
ShowWindow
SetWindowTextW
InflateRect
CreateWindowExW
SendMessageW
PostMessageW
SetWindowLongW
MoveWindow
InvalidateRect
SetCursor
LoadCursorW
GetClassInfoExW
CloseClipboard
OffsetRect
EqualRect
SetRectEmpty
SetRect
IsRectEmpty
CopyRect
IsZoomed
IntersectRect
EndPaint
BeginPaint
wsprintfW
DrawTextW
SetClipboardData
EmptyClipboard
OpenClipboard
SendInput
CloseWindow
PostQuitMessage
DefWindowProcW
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
RegisterClassExW
TranslateMessage
TranslateAcceleratorW
GetKeyState
LoadAcceleratorsW
SetWindowPos
GetWindowTextW
gdi32
GetPixel
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
CreateFontW
CreatePen
ExtTextOutW
SetBkColor
RestoreDC
PatBlt
SetBkMode
UnrealizeObject
Rectangle
SetROP2
GetStockObject
SelectObject
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
CreatePatternBrush
CreateBitmap
SaveDC
CreateSolidBrush
GetObjectW
DeleteObject
TextOutW
MoveToEx
CreateDIBSection
SetStretchBltMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateRoundRectRgn
GetTextMetricsW
CreateFontIndirectW
DeleteDC
GetObjectA
comdlg32
GetSaveFileNameW
shell32
SHGetSpecialFolderPathW
ole32
CreateStreamOnHGlobal
comctl32
_TrackMouseEvent
ord17
gdiplus
GdipCreatePen1
GdipDeletePen
GdipCreateAdjustableArrowCap
GdipDeleteCustomLineCap
GdipFree
GdipSetPenCustomEndCap
GdipDrawLineI
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipWidenPath
GdipIsVisiblePathPointI
GdipDrawLinesI
GdipAddPathLine2I
GdipDrawEllipseI
GdipAddPathEllipseI
GdipGetDC
GdipReleaseDC
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateLineBrushI
GdipSetStringFormatAlign
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdipSetClipRectI
GdipDrawLines
GdipDrawString
GdipSetTextRenderingHint
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipCreateRegionRectI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushFromRectI
GdipCombineRegionPath
GdipAddPathPolygonI
GdipCreateRegionPath
GdipAddPathRectangleI
GdipDrawRectangleI
GdipResetClip
GdipFillRectangleI
GdipSetSolidFillColor
GdipGetRegionBoundsI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipSetClipRegion
GdipDeleteRegion
GdipSaveImageToFile
GdipGetImageEncoders
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
shlwapi
PathFindExtensionW
Exports
Exports
??0CScreenCaptureWrapper@@QAE@XZ
??4CScreenCaptureWrapper@@QAEAAV0@$$QAV0@@Z
??4CScreenCaptureWrapper@@QAEAAV0@ABV0@@Z
?fnScreenCaptureWrapper@@YAHXZ
?nScreenCaptureWrapper@@3HA
YXCaptureInit
YXCaptureSetAutoSave
YXCaptureSetAutoSavePath
YXCaptureStart
Sections
.text Size: 325KB - Virtual size: 324KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
YXUpdate.exe.exe windows:5 windows x86 arch:x86
ae40e2621116b97a8c371655e4362b32
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
18:72:bf:23:6f:a0:44:8d:89:ee:b4:ac:91:35:68:05:e0:ac:5d:3f:5f:cd:43:cc:05:69:a6:8c:3f:5f:c7:aeSigner
Actual PE Digest18:72:bf:23:6f:a0:44:8d:89:ee:b4:ac:91:35:68:05:e0:ac:5d:3f:5f:cd:43:cc:05:69:a6:8c:3f:5f:c7:aeDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\code\yxcalendar\win\YXCalendar\bin\YXUpdate.pdb
Imports
kernel32
Sleep
GetLastError
OutputDebugStringW
CopyFileW
MoveFileW
WaitForSingleObject
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
DeleteFileW
GetModuleFileNameW
WideCharToMultiByte
SystemTimeToFileTime
GetCurrentDirectoryW
CloseHandle
LocalFileTimeToFileTime
MultiByteToWideChar
GetFileAttributesW
CreateFileW
SetFilePointer
HeapCreate
HeapDestroy
OutputDebugStringA
SetLastError
GetCurrentProcessId
GetLocalTime
GetTickCount
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
IsDebuggerPresent
RaiseException
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
GetCommandLineW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetFileTime
SetEndOfFile
SetFilePointerEx
CreateEventW
GetFileAttributesExW
SetEvent
FindFirstFileExW
ResetEvent
UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
FreeLibrary
LoadLibraryExW
RtlUnwind
GetConsoleCP
GetConsoleMode
ExitProcess
SetStdHandle
GetFileType
GetStdHandle
GetCommandLineA
GetACP
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WriteConsoleW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteFile
ReadFile
FlushFileBuffers
CreateDirectoryW
user32
SendMessageW
FindWindowW
wsprintfW
shell32
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
libcurl
curl_easy_setopt
curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
winhttp
WinHttpGetIEProxyConfigForCurrentUser
dbghelp
SymGetLineFromAddr64
SymFromAddr
Exports
Exports
GetHandleVerifier
Sections
.text Size: 256KB - Virtual size: 255KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 389KB - Virtual size: 389KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
data.dat
-
data1.dat
-
data2.dat
-
data4.dat
-
data6.dat
-
directui license.txt
-
duilib license.txt
-
echarts.min.js.js
-
libcurl.dll.dll windows:6 windows x86 arch:x86
eb425d2964f463fa8f4eb5046781399a
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
e1:0c:3c:8e:3c:bf:d0:cc:0a:c9:99:5e:33:a8:47:4b:e8:73:5b:ec:64:5e:c9:e3:3a:8b:0c:ed:f6:9c:58:b2Signer
Actual PE Digeste1:0c:3c:8e:3c:bf:d0:cc:0a:c9:99:5e:33:a8:47:4b:e8:73:5b:ec:64:5e:c9:e3:3a:8b:0c:ed:f6:9c:58:b2Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
E:\curl-7.65.2\build\Win32\VC14\DLL Release - DLL OpenSSL\libcurl.pdb
Imports
ws2_32
getnameinfo
gethostbyname
sendto
recvfrom
WSACleanup
WSAStartup
send
select
__WSAFDIsSet
ioctlsocket
listen
accept
gethostname
freeaddrinfo
getaddrinfo
WSAIoctl
WSASetLastError
socket
setsockopt
recv
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
WSAGetLastError
shutdown
wldap32
ord219
ord167
ord301
ord147
ord133
ord79
ord142
ord145
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46
crypt32
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertGetCertificateContextProperty
kernel32
SetFileAttributesW
GetFileAttributesExW
FlushFileBuffers
SetStdHandle
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapReAlloc
EnumSystemLocalesW
FindClose
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetACP
GetStringTypeW
GetCurrentThread
HeapAlloc
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetUserDefaultLCID
GetCPInfo
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
GetCommandLineA
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
FormatMessageW
WriteFile
GetSystemTimeAsFileTime
SwitchToFiber
DeleteFiber
CreateFiber
GetCurrentProcessId
GlobalMemoryStatus
FindFirstFileW
ConvertFiberToThread
ConvertThreadToFiber
GetSystemTime
SystemTimeToFileTime
HeapFree
GetConsoleCP
GetModuleFileNameW
GetModuleFileNameA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetTimeZoneInformation
HeapSize
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
EncodePointer
DecodePointer
Sleep
LoadLibraryA
RaiseException
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
LoadLibraryExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
CreateFileW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetFilePointerEx
SetConsoleCtrlHandler
user32
GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation
advapi32
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CryptGenRandom
Exports
Exports
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 403KB - Virtual size: 402KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 34KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 368B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
uninst.exe.exe windows:4 windows x86 arch:x86
61259b55b8912888e90f516ca08dc514
Code Sign
21:d6:d0:4a:4f:25:0f:c9:32:37:fc:aa:5e:12:8d:e9Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before06/10/2011, 08:39Not After06/10/2046, 08:39SubjectCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLKey Usages
KeyUsageCertSign
KeyUsageCRLSign
34:9b:5e:1c:4b:84:90:fc:72:86:2a:aa:7b:9e:dc:b3Certificate
IssuerCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNNot Before11/07/2022, 06:38Not After10/07/2024, 06:38SubjectCN=Dongguan Youxiao Network Technology Co.\,Ltd,O=Dongguan Youxiao Network Technology Co.\,Ltd,L=Dongguan,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:9c:d2:9d:8f:db:c7:39:f5:49:33:be:ce:98:93:b4Certificate
IssuerCN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PLNot Before26/05/2021, 06:46Not After18/05/2027, 06:46SubjectCN=WoTrus Code Signing 2021 CA,O=WoTrus CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
13:9d:dc:db:75:41:f0:34:3f:58:3c:b7:16:ee:24:4a:e4:b8:eb:b1:0e:6e:dc:24:27:a2:3b:8d:18:2b:45:20Signer
Actual PE Digest13:9d:dc:db:75:41:f0:34:3f:58:3c:b7:16:ee:24:4a:e4:b8:eb:b1:0e:6e:dc:24:27:a2:3b:8d:18:2b:45:20Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 156KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 391KB - Virtual size: 391KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LangDLL.dll.dll windows:4 windows x86 arch:x86
3e8d18bb71c7ebbda2ddc2a4bb03547b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrlenW
GlobalFree
lstrcpynW
lstrcmpW
GlobalAlloc
MulDiv
GetModuleHandleW
lstrcpyW
user32
DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
SetWindowTextW
LoadIconW
ShowWindow
SendMessageW
GetDC
gdi32
GetDeviceCaps
CreateFontIndirectW
DeleteObject
Exports
Exports
LangDialog
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 681B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/LogEx.dll.dll windows:4 windows x86 arch:x86
549d7b44067bbcdf42bf6a90a80a3a9e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
WriteFile
CreateFileW
CloseHandle
GlobalFree
GlobalAlloc
VirtualFree
ReadFile
VirtualAlloc
GetFileSize
lstrcpyW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
InterlockedDecrement
InterlockedIncrement
user32
FindWindowExW
GetDlgItem
SendMessageW
SetWindowTextW
Exports
Exports
AddFile
Close
Init
Write
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/inetc.dll.dll windows:5 windows x86 arch:x86
ac10bd0ffca217141ca47c63b7c99be6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
E:\浏览器打包\Plugins\Inetc\Unicode\Plugins\inetc.pdb
Imports
wininet
InternetOpenW
InternetCrackUrlW
InternetConnectW
HttpEndRequestW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetErrorDlg
InternetCloseHandle
HttpAddRequestHeadersA
InternetQueryOptionW
InternetSetOptionW
InternetSetFilePointer
InternetGetLastResponseInfoW
FtpOpenFileW
FtpCreateDirectoryW
HttpQueryInfoW
HttpSendRequestExW
HttpSendRequestW
InternetWriteFile
InternetReadFile
comctl32
ord17
kernel32
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
SetStdHandle
WriteConsoleW
OutputDebugStringA
RtlUnwind
GetLocaleInfoW
InterlockedExchange
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringW
FlushFileBuffers
lstrlenW
WriteFile
ReadFile
lstrcmpW
lstrcpynW
GetLastError
GetProcAddress
LoadLibraryA
LocalFree
DeleteFileW
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatW
GetFileSize
CreateFileW
lstrcmpiW
LocalAlloc
lstrcpyW
MulDiv
GetModuleHandleW
MultiByteToWideChar
TerminateThread
WaitForSingleObject
CreateThread
CreateFileA
lstrlenA
WideCharToMultiByte
GlobalFree
GlobalAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
VirtualQuery
GetProcessHeap
HeapAlloc
TerminateProcess
HeapFree
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
ExitProcess
IsBadReadPtr
HeapValidate
GetCurrentThreadId
DecodePointer
GetCommandLineA
IsDebuggerPresent
RaiseException
LoadLibraryW
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
user32
wsprintfA
FindWindowExW
CreateDialogParamW
EnableWindow
IsWindowVisible
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
RedrawWindow
UpdateWindow
KillTimer
DestroyWindow
LoadIconW
SetTimer
GetWindowRect
GetClientRect
SystemParametersInfoW
SetDlgItemTextW
SendMessageW
GetWindowTextW
PostMessageW
GetDlgItem
SendDlgItemMessageW
SetWindowTextW
GetWindowLongW
SetWindowLongW
ShowWindow
GetParent
MessageBoxW
IsWindow
wsprintfW
SetWindowPos
Exports
Exports
get
head
post
put
Sections
.textbss Size: - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 336KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 62KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsProcess.dll.dll windows:5 windows x86 arch:x86
439074d1c01f7b16781bdf060930814a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc
user32
GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW
Exports
Exports
_CloseProcess
_FindProcess
_KillProcess
_Unload
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 927B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ