PlumePack v2[.]3[.]3 Installer[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

PlumePack v2.3.3 Installer.exe
Size

7.6MB
MD5

a2d722a29f0c499d95e6aa9a94c99ed6
SHA1

0494e01e61e5c2f0b6a892241391021948a73e4f
SHA256

24956e26b0cbd3c407fcd48af12f8a42cc5723551d805ad9aacc6f57ed5b50a7
SHA512

1d5ec2621367c849ad2d0c6d052c860800b31cc2635e09df177bf73f9d871f41dc376e0c53a31c99cdc11b716d7a76faedffb4ddff4fcc1fa3feb4baacaff713
SSDEEP

196608:YJ49zLuS1zIDzVQlPgKarKw/+XsYamOyAv4w7Y/eBH525CnHsSeg:Ya9nOZmharRavAvnM/eXnHsSz

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsResize.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsResize.dll	upx

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
PlumePack v2.3.3 Installer.exe
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsResize.dll
unpack002/out.upx
unpack001/$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/REDR3D-x64.dll
unpack001/$TEMP/dll_not_found_error_means_you_need_to_install_vcredist.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

PlumePack v2.3.3 Installer.exe
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/Autokroma/Autokroma.ico
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

ebc2d915841be8afc8fa1ee9f6850960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcpyA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
lstrcmpiA
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
HeapAlloc

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
DrawFocusRect
GetWindowLongA
DrawTextA
GetClientRect
SetWindowLongA
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
MapWindowPoints
RemovePropA
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsResize.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Add
GetPos
GetPosPx
GetSize
GetSizePx
Set
SetRTL
Top

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/CSXS/manifest.xml
.xml
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/META-INF/signatures.xml
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/PlumePackPanel.jsx
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/BlackmagicRawAPI.dll
.dll regsvr32 windows:6 windows x64 arch:x64

4206f53b565f3ea1e98ef118d5ff73be

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:b4:51:34:7f:bb:59:0a:44:ad:c1:9a:ac:19:54:c5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

11/01/2022, 00:00

Not After

03/01/2025, 23:59

Subject

SERIALNUMBER=098 098 287,CN=Blackmagic Design Pty Ltd,O=Blackmagic Design Pty Ltd,L=Port Melbourne,ST=Victoria,C=AU,1.3.6.1.4.1.311.60.2.1.3=#13024155,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:1f:67:47:42:24:3d:bd:a5:40:f2:58:88:45:d4:b7:6c:22:01:dc:74:94:68:f9:09:6a:93:32:6f:16:7a:9c
Signer

Actual PE Digest

b4:1f:67:47:42:24:3d:bd:a5:40:f2:58:88:45:d4:b7:6c:22:01:dc:74:94:68:f9:09:6a:93:32:6f:16:7a:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Build\ub_nMgW\project\BUILDROOT\Win\BlackmagicRAW\BlackmagicRawAPI\Release\BlackmagicRawAPI.pdb

Imports

opengl32

glDeleteTextures
glGenTextures
glGetError
glGetIntegerv
glTexImage2D
glTexParameteri
glBindTexture

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DisableThreadLibraryCalls
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetSystemInfo
GetModuleHandleExA
LocalFree
CreateFileW
CloseHandle
GetDiskFreeSpaceA
GetFileSizeEx
GetSystemTime
SystemTimeToFileTime
GetFullPathNameA
SetEnvironmentVariableW
GetCommandLineA
GetTimeZoneInformation
GetOEMCP
GetACP
IsValidCodePage
FlushFileBuffers
GetStdHandle
HeapReAlloc
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapFree
HeapAlloc
GetModuleFileNameW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
GetProcessHeap
WriteConsoleW
LoadLibraryA
IsDebuggerPresent
WaitForSingleObjectEx
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
RtlPcToFileHeader
GetCurrentDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
GetFileInformationByHandle
GetFullPathNameW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
RtlUnwind
MoveFileExW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
CreateEventW
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
DeleteFileW
GetFileType
SetStdHandle
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleOutputCP

ole32

StringFromGUID2

oleaut32

SysStringLen
SysAllocStringLen
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SafeArrayCreate
SysAllocString
VariantClear
VariantInit
SafeArrayGetVartype
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SysFreeString
SafeArrayGetUBound

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

Exports

Exports

CreateBlackmagicRawFactoryInstance
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/PlumePack.exe
.exe windows:6 windows x64 arch:x64

320d3e2435ba4d69d84e279e178e09ef

Code Sign

35:a3:21:fe:01:53:f1:4c
Certificate

Issuer

CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US

Not Before

24/11/2021, 20:09

Not After

25/11/2026, 20:09

Subject

CN=Developer ID Application: AESCRIPTS\, INC. (YL6UJ9V949),OU=YL6UJ9V949,O=AESCRIPTS\, INC.,C=US,0.9.2342.19200300.100.1.1=#130a594c36554a3956393439

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:f6:4d:f7:8c:34:f0:3c:6f:44:2a:79:6f:e8:d0:c3:9e:45:65:b6:62:ab:0c:c0:72:7e:0b:31:ee:a6:6c:de
Signer

Actual PE Digest

b2:f6:4d:f7:8c:34:f0:3c:6f:44:2a:79:6f:e8:d0:c3:9e:45:65:b6:62:ab:0c:c0:72:7e:0b:31:ee:a6:6c:de

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

icu

u_tolower

rpcrt4

UuidToStringW
RpcStringFreeW

ws2_32

recv
listen
getsockopt
getsockname
connect
closesocket
gethostname
ntohl
ntohs
getaddrinfo
recvfrom
gethostbyname
freeaddrinfo
getservbyport
inet_ntop
getservbyname
WSASetLastError
WSAGetLastError
ioctlsocket
inet_ntoa
WSAStartup
WSACleanup
WSAAsyncSelect
select
send
sendto
bind
accept
__WSAFDIsSet
setsockopt
shutdown
socket
htonl
htons
inet_addr
gethostbyaddr

urlmon

URLDownloadToFileW

wininet

DeleteUrlCacheEntryW
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
InternetConnectA
InternetCloseHandle
InternetOpenA

kernel32

GetLongPathNameW
GetTempFileNameW
SetFileTime
GetTempPathW
GetEnvironmentVariableW
GetDiskFreeSpaceExW
IsDebuggerPresent
TerminateProcess
GlobalMemoryStatusEx
GetVersionExW
GetNativeSystemInfo
LoadResource
LockResource
SizeofResource
FindResourceW
GetComputerNameW
IsValidCodePage
GetCPInfo
SetEvent
CreateEventW
GetACP
GetFileTime
WaitForMultipleObjects
GetSystemDirectoryA
ExpandEnvironmentStringsW
QueryPerformanceCounter
QueryPerformanceFrequency
GetDriveTypeW
GetLogicalDriveStringsW
ExitProcess
GetCurrentProcessorNumber
VerSetConditionMask
VerifyVersionInfoW
GetVolumeInformationW
LocalAlloc
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CreateDirectoryA
CreateFileA
SetFileAttributesA
GetSystemTime
SystemTimeToFileTime
FindNextFileW
CreateActCtxW
ActivateActCtx
SetLastError
GetModuleHandleExW
OutputDebugStringA
GetModuleFileNameW
FindActCtxSectionStringW
DeactivateActCtx
QueryActCtxW
GetLastError
LoadLibraryA
LoadLibraryW
GetProcAddress
FreeLibrary
Sleep
GetCurrentProcessId
CopyFile2
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
GetModuleHandleW
LoadLibraryExW
FormatMessageA
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetErrorMode
MulDiv
GetCurrentThreadId
WideCharToMultiByte
OutputDebugStringW
TryEnterCriticalSection
GetCurrentProcess
SetThreadPriority
TerminateThread
GetExitCodeThread
ResumeThread
TlsAlloc
TlsSetValue
TlsFree
GetSystemInfo
GetSystemTimeAsFileTime
SetCurrentDirectoryW
CreateFileW
GetFileAttributesW
GetFileType
CopyFileW
GetStdHandle
FreeConsole
AttachConsole
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
ReadConsoleOutputCharacterA
LocalFree
FormatMessageW
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
FindClose
FindFirstFileW

user32

GetKeyState
DefWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
GetWindowLongPtrW
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowLongPtrW
GetWindowPlacement
IsIconic
SendMessageW
GetIconInfo
LoadIconW
LoadBitmapW
GetLastActivePopup
GetTopWindow
GetWindowLongW
BringWindowToTop
IsZoomed
MessageBoxW
SetWindowPos
DestroyWindow
GetWindow
IsWindowVisible
ShowWindow
SetForegroundWindow
GetWindowRect
IsWindow
GetDialogBaseUnits
DrawMenuBar
GetSystemMenu
EnableMenuItem
SetWindowTextW
SetWindowLongW
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterHotKey
UnregisterHotKey
GetMessagePos
GetMessageTime
PostQuitMessage
CallWindowProcW
AnimateWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
EnableWindow
IsWindowEnabled
GetSystemMetrics
GetMenuItemCount
TrackPopupMenu
GetMenuItemInfoW
UpdateWindow
CreateIconIndirect
GetDC
ReleaseDC
GetUpdateRgn
InvalidateRect
RedrawWindow
ScrollWindow
EnableScrollBar
GetClientRect
SetCursorPos
SetCursor
GetCursorPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
ChildWindowFromPointEx
GetSysColor
FillRect
InflateRect
PtInRect
GetParent
SetParent
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsDialogMessageW
SetScrollInfo
GetScrollInfo
SystemParametersInfoW
CreateDialogParamW
GetDlgItem
IsMenu
keybd_event
GetWindowTextLengthW
HideCaret
ShowCaret
DrawTextW
DrawFocusRect
SetWindowRgn
PostThreadMessageW
LoadImageW
GetProcessDefaultLayout
LoadCursorW
ShowCursor
AdjustWindowRectEx
GetPropW
GetClassInfoW
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
SetMenu
wsprintfW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
MonitorFromPoint
EnumDisplaySettingsW
ChangeDisplaySettingsExW
IsClipboardFormatAvailable
KillTimer
SetTimer
SetCaretPos
DestroyCaret
CreateCaret
SetActiveWindow
MsgWaitForMultipleObjects
FindWindowExW
ChildWindowFromPoint
GetComboBoxInfo
GetDesktopWindow
EndPaint
BeginPaint
GetWindowDC
ValidateRect
GetMessageW
IsRectEmpty
ValidateRgn
GetCaretBlinkTime
GetDoubleClickTime
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetClassNameW
MessageBeep
GetWindowTextW
InsertMenuItemW
SetMenuInfo
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
CheckMenuRadioItem
GetSysColorBrush
SetMenuItemInfoW
GetMenuItemID
GetSubMenu
CheckMenuItem
GetMenuState
DrawFrameControl
DrawEdge
DrawIconEx
UnionRect
PostMessageW
DestroyCursor
OffsetRect
CopyRect
SetRectEmpty
SetRect
DrawStateW
DestroyIcon
GetClipboardFormatNameW
RegisterClipboardFormatW
CreateDialogIndirectParamW

gdi32

EndPage
StartPage
EndDoc
StartDocW
SetAbortProc
EnumFontFamiliesExW
GetSystemPaletteEntries
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
SetViewportOrgEx
CreateDCW
CreateICW
GetTextExtentExPointW
GetCharABCWidthsW
CreateRectRgnIndirect
RectInRegion
PtInRegion
GetRgnBox
EqualRgn
CombineRgn
MoveToEx
LineTo
GetBkColor
SetDIBColorTable
GetDIBColorTable
CreateDIBSection
GetDIBits
CreateDIBitmap
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetTextExtentPoint32W
ExtCreatePen
CreatePen
CreatePatternBrush
CreateHatchBrush
SetWindowOrgEx
SetWindowExtEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
CreatePolygonRgn
ExtTextOutW
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetROP2
StretchDIBits
SetPolyFillMode
SetPixel
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
SelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExtFloodFill
Ellipse
Arc
SetStretchBltMode
StretchBlt
GetWindowExtEx
GetViewportExtEx
GetGraphicsMode
CreateSolidBrush
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmapIndirect
CreateBitmap
BitBlt
GetObjectW
OffsetRgn
GetRegionData
ExtCreateRegion
GetOutlineTextMetricsW
CreateFontIndirectW
SetTextColor
SetBkMode
SetBkColor
GdiFlush
SetBrushOrgEx
GetTextMetricsW
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExcludeClipRect
CreateRectRgn
DeleteObject

winspool.drv

OpenPrinterW
GetPrinterW
DocumentPropertiesW
ClosePrinter

shell32

DragQueryFileW
SHGetFolderPathA
DragQueryPoint
DragFinish
DragAcceptFiles
ExtractIconW
ExtractIconExW
ShellExecuteExW
SHGetFolderPathW
SHGetFileInfoW
ord6
ShellExecuteW
SHGetKnownFolderPath

ole32

OleLockRunning
OleRun
OleSetContainedObject
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleInitialize
RevokeDragDrop
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
OleGetClipboard

oleaut32

SysFreeString
SafeArrayCreate
SafeArrayDestroy
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayAccessData
VariantClear
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
VarBstrFromCy
SafeArrayGetVartype
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantInit
SysAllocString

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetUserNameW
GetUserNameA

msvcp140

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
_Query_perf_counter
_Query_perf_frequency
_Mtx_trylock
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Xtime_get_ticks
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
_Strcoll
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
_Strxfrm
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Xbad_function_call@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$ctype@_W@std@@2V0locale@2@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bios_base@std@@QEBA_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
_Mtx_unlock
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?good@ios_base@std@@QEBA_NXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?uncaught_exception@std@@YA_NXZ
_Thrd_join
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Throw_Cpp_error@std@@YAXH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
?_Syserror_map@std@@YAPEBDH@Z
_Cnd_broadcast
_Cnd_destroy_in_situ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
_Thrd_detach
?_Throw_C_error@std@@YAXH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?swap@?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z

oleacc

LresultFromObject

uxtheme

GetThemeColor
GetCurrentThemeName
SetWindowTheme
GetThemeBackgroundExtent
IsThemePartDefined
GetThemeFont
IsAppThemed
IsThemeActive
GetThemeSysFont
GetThemeSysColor
GetThemeInt
GetThemePartSize
GetThemeMargins
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundContentRect
DrawThemeBackground
CloseThemeData
OpenThemeData

msimg32

GradientFill
AlphaBlend

shlwapi

SHAutoComplete

vcruntime140

memcpy
memmove
memset
strrchr
longjmp
__RTDynamicCast
wcsstr
wcschr
__current_exception
__current_exception_context
__intrinsic_setjmp
__std_type_info_compare
_purecall
__C_specific_handler
__std_exception_destroy
__std_exception_copy
memchr
memcmp
__CxxFrameHandler3
_CxxThrowException
strchr
strstr
__RTtypeid
__std_terminate

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
_set_new_mode
_callnewh
calloc

api-ms-win-crt-stdio-l1-1-0

setvbuf
_get_osfhandle
_fileno
ungetc
fsetpos
fread
fwrite
_get_stream_buffer_pointers
__stdio_common_vfwprintf
fgetc
fclose
_wsopen_dispatch
ftell
_wfopen_s
fputs
_open_osfhandle
__stdio_common_vswprintf_s
fflush
fputc
__stdio_common_vswscanf
fseek
fopen_s
__stdio_common_vsprintf
_close
__stdio_common_vsscanf
_ftelli64
ferror
fgetpos
feof
clearerr
_wfopen
_commit
_read
_write
__stdio_common_vsprintf_s
__stdio_common_vswprintf_p
__stdio_common_vswprintf
__p__commode
_lseeki64
__stdio_common_vfprintf
__acrt_iob_func
_fseeki64
_set_fmode
_telli64

api-ms-win-crt-runtime-l1-1-0

_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
_cexit
terminate
_invalid_parameter_noinfo_noreturn
_beginthreadex
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_c_exit
_initterm_e
exit
_errno
_getpid
set_terminate
abort
_register_thread_local_exe_atexit_callback
__p___argc
strerror
__p___wargv
_exit

api-ms-win-crt-string-l1-1-0

iswalpha
iswspace
towupper
towlower
tolower
iswdigit
wcscpy_s
toupper
_strdup
wcspbrk
wcscat_s
_wcsicmp
isdigit
isprint
strncpy
isspace
strcpy_s
strcat_s
strncpy_s
strcmp
iswprint
iswxdigit
wcsncpy
iswalnum
strncmp

api-ms-win-crt-convert-l1-1-0

_wcstoi64
wcstoul
atol
_wcstoui64
strtod
strtoll
strtoull
wcstol
atoi
_wcstod_l
strtoul
atof
strtol
_strtoi64
wcstod
_wtoi
_wtol

api-ms-win-crt-filesystem-l1-1-0

_wrmdir
_wmkdir
_wrename
_wremove
_lock_file
_wstat64
_unlock_file
_waccess_s
_mkdir
_fullpath
_access
_wstat64i32

api-ms-win-crt-math-l1-1-0

tanf
__setusermatherr
floorf
sin
floor
ceilf
lround
acosf
fmodf
log10
_dclass
sqrt
ceil
fmod
_fdopen
atan2
cosf
pow
sinf
cos
roundf
round
atan2f
lroundf
sqrtf

api-ms-win-crt-locale-l1-1-0

_free_locale
setlocale
_create_locale
_configthreadlocale

api-ms-win-crt-utility-l1-1-0

qsort
rand_s
bsearch
srand
rand

api-ms-win-crt-environment-l1-1-0

_wdupenv_s
_wgetenv
getenv
_wgetcwd

api-ms-win-crt-time-l1-1-0

_localtime64
_tzset
_get_timezone
_time64
_gmtime64
_mktime64
strftime
_localtime64_s
wcsftime

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

avutil-56

av_get_bytes_per_sample
av_sample_fmt_is_planar
av_frame_alloc
av_frame_free
av_dict_set
av_dict_get
av_get_channel_layout_string
av_vlog
av_strerror
av_log
av_log_set_flags
av_free
av_mallocz

avformat-58

av_guess_format
av_write_trailer
av_match_ext
avformat_new_stream
avio_open
avformat_write_header
avformat_alloc_output_context2
av_interleaved_write_frame
avio_closep
avformat_close_input
avformat_find_stream_info
av_read_frame
av_seek_frame
avformat_open_input
avformat_free_context

avcodec-58

avcodec_send_packet
avcodec_receive_packet
avcodec_send_frame
avcodec_free_context
avcodec_alloc_context3
avcodec_close
avcodec_open2
avcodec_receive_frame
avcodec_parameters_to_context
avcodec_parameters_copy
av_packet_unref
avcodec_find_decoder
avcodec_find_encoder

iphlpapi

GetAdaptersInfo

Exports

Exports

?aescriptsGetLicLibVersion@@YAHAEAY0IA@D@Z
?aescriptsSaveLicenseToFileEx@@YAHPEBD0QEAD1AEAUaescriptsLicenseData@@@Z
aescriptsAddBlockedSerial
aescriptsCheckOveruse
aescriptsConfigure
aescriptsDropLicenseFromLicenseServer
aescriptsGetLicLibVersion
aescriptsGetLicenseDataFromFile
aescriptsGetLicenseServerConfig
aescriptsGetMachineId
aescriptsInitLicenseData
aescriptsLoadLicenseFromFile
aescriptsRequestLicenseFromLicenseServer
aescriptsSaveLicenseToFile
aescriptsValidateLicense
cJSON_AddArrayToObject
cJSON_AddBoolToObject
cJSON_AddFalseToObject
cJSON_AddItemReferenceToArray
cJSON_AddItemReferenceToObject
cJSON_AddItemToArray
cJSON_AddItemToObject
cJSON_AddItemToObjectCS
cJSON_AddNullToObject
cJSON_AddNumberToObject
cJSON_AddObjectToObject
cJSON_AddRawToObject
cJSON_AddStringToArray
cJSON_AddStringToObject
cJSON_AddTrueToObject
cJSON_Compare
cJSON_CreateArray
cJSON_CreateArrayReference
cJSON_CreateBool
cJSON_CreateDoubleArray
cJSON_CreateFalse
cJSON_CreateFloatArray
cJSON_CreateIntArray
cJSON_CreateNull
cJSON_CreateNumber
cJSON_CreateObject
cJSON_CreateObjectReference
cJSON_CreateRaw
cJSON_CreateString
cJSON_CreateStringArray
cJSON_CreateStringReference
cJSON_CreateTrue
cJSON_Delete
cJSON_DeleteItemFromArray
cJSON_DeleteItemFromObject
cJSON_DeleteItemFromObjectCaseSensitive
cJSON_DetachItemFromArray
cJSON_DetachItemFromObject
cJSON_DetachItemFromObjectCaseSensitive
cJSON_DetachItemViaPointer
cJSON_Duplicate
cJSON_GetArrayItem
cJSON_GetArraySize
cJSON_GetErrorPtr
cJSON_GetNumberValue
cJSON_GetObjectItem
cJSON_GetObjectItemCaseSensitive
cJSON_GetStringValue
cJSON_HasObjectItem
cJSON_InitHooks
cJSON_InsertItemInArray
cJSON_IsArray
cJSON_IsBool
cJSON_IsFalse
cJSON_IsInvalid
cJSON_IsNull
cJSON_IsNumber
cJSON_IsObject
cJSON_IsRaw
cJSON_IsString
cJSON_IsTrue
cJSON_Minify
cJSON_Parse
cJSON_ParseWithLength
cJSON_ParseWithLengthOpts
cJSON_ParseWithOpts
cJSON_Print
cJSON_PrintBuffered
cJSON_PrintPreallocated
cJSON_PrintUnformatted
cJSON_ReplaceItemInArray
cJSON_ReplaceItemInObject
cJSON_ReplaceItemInObjectCaseSensitive
cJSON_ReplaceItemViaPointer
cJSON_SetNumberHelper
cJSON_SetValuestring
cJSON_Version
cJSON_free
cJSON_malloc

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/REDR3D-x64.dll
.dll windows:6 windows x64 arch:x64

163f24ee95c87facea4ad793087d26bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemInfo
FindClose
FindFirstFileA
GetLastError
CreateFileA
CreateFileW
GetDiskFreeSpaceA
GetFileSizeEx
GetFullPathNameA
ReadFile
SetFilePointer
WriteFile
CloseHandle
MultiByteToWideChar
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
WideCharToMultiByte
ReleaseMutex
CreateMutexA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
CreateEventA
Sleep
GetModuleHandleA
GetProcAddress
GetCurrentProcess
ResetEvent
CreateThread
GetCurrentThread
GetCurrentThreadId
TerminateThread
SetThreadAffinityMask
WaitForMultipleObjects
GetOverlappedResult
DeviceIoControl
CancelIo
OutputDebugStringA
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
OutputDebugStringW
LCMapStringW
CompareStringW
GetTimeFormatW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
EncodePointer
DecodePointer
HeapFree
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapAlloc
ExitThread
LoadLibraryExW
GetSystemTimeAsFileTime
GetCommandLineA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
IsProcessorFeaturePresent
HeapSize
IsDebuggerPresent
GetProcessHeap
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
HeapReAlloc
HeapQueryInformation
CreateDirectoryW
GetTimeZoneInformation
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetDateFormatW
SetEndOfFile

shell32

SHGetFolderPathW

ole32

CoCreateGuid

Exports

Exports

R3D_AAA
R3D_AAB
R3D_AAC
R3D_AAD
R3D_AAE
R3D_AAF
R3D_AAG
R3D_AAH
R3D_AAI
R3D_AAJ
R3D_AAK
R3D_AAL
R3D_AAM
R3D_AAN
R3D_AAO
R3D_AAP
R3D_AAQ
R3D_AAR
R3D_AAS
R3D_AAT
R3D_AAU
R3D_AAV
R3D_AAW
R3D_AAX
R3D_AAY
R3D_AAZ
R3D_ABA
R3D_ABB
R3D_ABC
R3D_ABD
R3D_ABE
R3D_ABF
R3D_ABG
R3D_ABH
R3D_ABI
R3D_ABJ
R3D_ABK
R3D_ABL
R3D_ABM
R3D_ABN
R3D_ABO
R3D_ABP
R3D_ABQ
R3D_ABR
R3D_ABS
R3D_ABT
R3D_ABU
R3D_ABV
R3D_ABW
R3D_ABX
R3D_ABY
R3D_ABZ
R3D_ACA
R3D_ACB
R3D_ACC
R3D_ACD
R3D_ACE
R3D_ACF
R3D_ACG
R3D_ACH
R3D_ACI
R3D_ACJ
R3D_ACK
R3D_ACL
R3D_ACM
R3D_ACN
R3D_ACO
R3D_ACP
R3D_ACQ
R3D_ACR
R3D_ACS
R3D_ACT
R3D_ACU
R3D_ACV
R3D_ACW
R3D_ACX
R3D_ACY
R3D_ACZ
R3D_ADA
R3D_ADB
R3D_ADC
R3D_ADD
R3D_ADE
R3D_BAA
R3D_BAB
R3D_BAC
R3D_BAD
R3D_BAE
R3D_BAF
R3D_BAG
R3D_BAH
R3D_BAI
R3D_BAJ
R3D_BAK
R3D_BAL
R3D_BAM
R3D_CAA
R3D_CAB
R3D_CAC
R3D_CAD
R3D_CAE
R3D_CAF
R3D_CAG
R3D_CAH
R3D_CAI
R3D_CAJ
R3D_CGA
R3D_CGB
R3D_CGC
R3D_CGD
R3D_CGE
R3D_CGF
R3D_CGG
R3D_CGH
R3D_CGI
R3D_DAA
R3D_DAB
R3D_DAC
R3D_DAD
R3D_DAD2
R3D_DAE
R3D_DAF
R3D_DAG
R3D_DAH
R3D_DAI
R3D_DAJ
R3D_DAK
R3D_DAL
R3D_DAM
R3D_DAN
R3D_DAO
R3D_DAP
R3D_DAQ
R3D_EAA
R3D_EAB
R3D_EAC
R3D_FAA
R3D_FAB
R3D_FAC
R3D_FAD
R3D_FAE
R3D_FAF
R3D_FAH
R3D_GAA
R3D_GAB
R3D_GAC
R3D_GAD
R3D_GAE
R3D_GAF
R3D_HAA
R3D_HAB
R3D_HAC
R3D_HAD
R3D_HAE
R3D_HAF
R3D_HAG
R3D_HAH
R3D_HAI
R3D_IAA
R3D_IAB
R3D_IAC
R3D_IAD
R3D_ICA
R3D_ICB
R3D_ICC
R3D_ICD
R3D_JAA
R3D_JAB
R3D_JAC
R3D_JAD
R3D_SAA
R3D_SAB
R3D_SAC
R3D_SAD
R3D_SAE
R3D_SAF
R3D_SAG
R3D_SAH
R3D_SAI
RED_IMPORTS
RED_LIB_BUILD_NAME
RED_LIB_FINALIZE
RED_LIB_ID
RED_LIB_INITIALIZE
RED_LIB_MAJOR_VERSION
RED_LIB_MINOR_VERSION
RED_LIB_PATCH_VERSION
RED_MINIMUM_MAJOR_VERSION
RED_MINIMUM_MINOR_VERSION
RED_MINIMUM_PATCH_VERSION
RED_REDIRECT
RED_STATICLIB_BUILD_NAME
RED_STATICLIB_MAJOR_VERSION
RED_STATICLIB_MINOR_VERSION
RED_STATICLIB_PATCH_VERSION

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/avcodec-58.dll
.dll windows:6 windows x64 arch:x64

109a384b193284635e54af5de2df1604

Code Sign

35:a3:21:fe:01:53:f1:4c
Certificate

Issuer

CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US

Not Before

24/11/2021, 20:09

Not After

25/11/2026, 20:09

Subject

CN=Developer ID Application: AESCRIPTS\, INC. (YL6UJ9V949),OU=YL6UJ9V949,O=AESCRIPTS\, INC.,C=US,0.9.2342.19200300.100.1.1=#130a594c36554a3956393439

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a5:7c:e6:0f:fa:90:b8:e1:3e:a8:20:61:2b:9f:a9:4d:cb:4b:59:ae:1b:f4:d0:41:12:e0:ad:64:e7:55:7f:93
Signer

Actual PE Digest

a5:7c:e6:0f:fa:90:b8:e1:3e:a8:20:61:2b:9f:a9:4d:cb:4b:59:ae:1b:f4:d0:41:12:e0:ad:64:e7:55:7f:93

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

avutil-56

av_reallocp_array
av_rescale
av_log_once
av_color_primaries_name
av_color_transfer_name
av_color_space_name
av_buffer_get_ref_count
av_realloc_array
av_fast_mallocz
av_display_rotation_set
av_display_matrix_flip
av_buffer_replace
av_frame_new_side_data_from_buf
av_stereo3d_create_side_data
av_timecode_get_smpte
av_timecode_make_smpte_tc_string2
av_video_enc_params_create_side_data
av_reallocp
av_memcpy_backptr
av_mastering_display_metadata_create_side_data
av_content_light_metadata_create_side_data
av_md5_alloc
av_md5_init
av_md5_update
av_md5_final
av_get_pix_fmt_loss
av_find_best_pix_fmt_of_2
av_image_fill_max_pixsteps
av_cpu_count
av_frame_make_writable
av_fourcc_make_string
av_frame_set_qp_table
av_stereo3d_alloc
av_div_q
av_d2q
av_timecode_make_mpeg_tc_string
av_buffer_make_writable
av_memdup
av_opt_set_defaults2
av_opt_set
av_rescale_q_rnd
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free
av_get_media_type_string
av_log_get_level
av_strlcat
av_strlcatf
av_match_list
av_get_sample_fmt_name
av_get_planar_sample_fmt
av_get_colorspace_name
av_color_range_name
av_chroma_location_name
av_opt_set_dict
av_get_cpu_flags
av_image_check_size
av_opt_copy
av_samples_fill_arrays
av_dict_free
av_fast_malloc
av_fifo_drain
av_fifo_realloc2
av_fifo_generic_write
av_fifo_space
av_fifo_size
av_fifo_freep
av_fifo_alloc_array
av_crc
av_crc_get_table
av_get_picture_type_char
av_frame_get_buffer
av_frame_ref
av_samples_set_silence
av_reduce
av_get_channel_layout_nb_channels
av_image_check_sar
av_image_check_size2
av_image_fill_plane_sizes
av_image_fill_linesizes
av_get_pix_fmt_name
av_pix_fmt_desc_get
av_hwframe_get_buffer
av_hwframe_ctx_alloc
av_frame_apply_cropping
av_frame_new_side_data
av_frame_copy_props
av_frame_copy
av_frame_is_writable
av_frame_move_ref
av_frame_free
av_frame_alloc
av_samples_copy
av_samples_get_buffer_size
av_sample_fmt_is_planar
av_buffer_pool_get
av_buffer_pool_uninit
av_buffer_pool_init
av_buffer_allocz
av_bprint_clear
avpriv_set_systematic_pal2
av_mul_q
avpriv_emms_asm
av_strerror
av_pix_fmt_count_planes
av_pix_fmt_get_chroma_sub_sample
av_bprint_finalize
av_bprintf
av_bprint_init
av_strtok
av_opt_set_dict2
av_opt_free
av_dynarray_add_nofree
av_strdup
av_opt_next
av_opt_set_from_string
av_realloc_f
av_image_copy_to_buffer
av_image_get_buffer_size
av_image_fill_arrays
av_image_copy
av_fifo_generic_read
av_get_bytes_per_sample
av_image_alloc
av_buffer_is_writable
av_buffer_unref
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_buffer_alloc
av_dict_set
av_dict_get
av_realloc
av_malloc_array
av_dict_copy
av_opt_set_defaults
av_fast_realloc
av_rescale_q
av_frame_get_side_data
av_buffer_realloc
av_get_channel_layout_string
av_mallocz_array
av_frame_unref
avpriv_request_sample
av_freep
av_free
av_mallocz
av_malloc
avpriv_float_dsp_alloc
av_default_item_name
avpriv_report_missing_feature
av_gcd
av_log

kernel32

IsProcessorFeaturePresent
InitOnceBeginInitialize
InitOnceComplete
WaitForSingleObjectEx
MultiByteToWideChar
CloseHandle
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset
memmove
strstr
strchr
memcmp

api-ms-win-crt-runtime-l1-1-0

abort
_beginthreadex
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_errno

api-ms-win-crt-math-l1-1-0

log2f
ceilf
roundf
cbrtf
_fdopen
logf
powf
sqrtf
sqrt
hypot
atan2f
atanf
cos
cosf
sin
sinf
exp2
exp2f
exp
pow
lrintf
cbrt
tan
lrint
expf

api-ms-win-crt-stdio-l1-1-0

_sopen
_wsopen
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-string-l1-1-0

strcmp
strncmp

api-ms-win-crt-convert-l1-1-0

atoi
strtol

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_next
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_get_chroma_intra_matrix
av_codec_get_codec_descriptor
av_codec_get_codec_properties
av_codec_get_lowres
av_codec_get_max_lowres
av_codec_get_pkt_timebase
av_codec_get_seek_preroll
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_codec_next
av_codec_set_chroma_intra_matrix
av_codec_set_codec_descriptor
av_codec_set_lowres
av_codec_set_pkt_timebase
av_codec_set_seek_preroll
av_copy_packet
av_copy_packet_side_data
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dirac_parse_sequence_header
av_dup_packet
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fopen_utf8
av_free_packet
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_lockmgr_register
av_mdct_calc
av_mdct_end
av_mdct_init
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_merge_side_data
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_split_side_data
av_packet_unpack_dictionary
av_packet_unref
av_parser_change
av_parser_close
av_parser_init
av_parser_iterate
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_qsv_alloc_context
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video2
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt2
avcodec_find_best_pix_fmt_of_2
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults3
avcodec_get_frame_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_pix_fmt_loss
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_register
avcodec_register_all
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpicture_alloc
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_align_put_bits
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_copy_bits
avpriv_dnxhd_get_frame_size
avpriv_dnxhd_get_hr_frame_size
avpriv_dnxhd_get_interlaced
avpriv_exif_decode_ifd
avpriv_find_pix_fmt
avpriv_find_start_code
avpriv_get_raw_pix_fmt_tags
avpriv_h264_has_num_reorder_frames
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_get_config2
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_packet_list_free
avpriv_packet_list_get
avpriv_packet_list_put
avpriv_pix_fmt_bps_avi
avpriv_pix_fmt_bps_mov
avpriv_split_xiph_headers
avpriv_toupper4
avsubtitle_free

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/avformat-58.dll
.dll windows:6 windows x64 arch:x64

f996051a07e59059b75eb75fb66953ef

Code Sign

35:a3:21:fe:01:53:f1:4c
Certificate

Issuer

CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US

Not Before

24/11/2021, 20:09

Not After

25/11/2026, 20:09

Subject

CN=Developer ID Application: AESCRIPTS\, INC. (YL6UJ9V949),OU=YL6UJ9V949,O=AESCRIPTS\, INC.,C=US,0.9.2342.19200300.100.1.1=#130a594c36554a3956393439

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:d0:bf:ba:7c:49:b4:6f:9a:ea:c8:40:5d:31:34:1a:ae:4d:5f:b2:d5:08:33:b2:39:a9:e8:f7:a7:00:9f:82
Signer

Actual PE Digest

f3:d0:bf:ba:7c:49:b4:6f:9a:ea:c8:40:5d:31:34:1a:ae:4d:5f:b2:d5:08:33:b2:39:a9:e8:f7:a7:00:9f:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

avcodec-58

av_get_exact_bits_per_sample
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_packet_list_put
avcodec_receive_frame
avpriv_packet_list_get
avpriv_packet_list_free
avpriv_get_raw_pix_fmt_tags
av_parser_init
av_parser_parse2
avcodec_is_open
avpriv_h264_has_num_reorder_frames
av_parser_close
avcodec_send_packet
av_bitstream_filter_filter
avcodec_decode_subtitle2
avsubtitle_free
avcodec_close
avcodec_open2
av_codec_is_decoder
avcodec_find_decoder_by_name
avcodec_find_decoder
av_codec_iterate
av_bsf_free
av_bsf_init
av_bsf_alloc
av_bsf_get_by_name
av_grow_packet
av_packet_alloc
avpriv_dnxhd_get_interlaced
avpriv_dnxhd_get_hr_frame_size
avpriv_dnxhd_get_frame_size
av_shrink_packet
avcodec_get_type
av_get_audio_frame_duration
avcodec_parameters_from_context
avcodec_descriptor_get
av_bsf_receive_packet
av_bsf_send_packet
av_packet_rescale_ts
av_packet_make_refcounted
av_packet_copy_props
av_packet_move_ref
avpriv_ac3_parse_header
av_get_audio_frame_duration2
avpriv_pix_fmt_bps_mov
avpriv_toupper4
av_packet_ref
av_packet_get_side_data
avcodec_parameters_free
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_get_name
avpriv_ac3_channel_layout_tab
av_get_bits_per_sample
av_packet_add_side_data
av_new_packet
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config2
avcodec_string
avcodec_parameters_to_context
avcodec_free_context
avcodec_alloc_context3
avpriv_pix_fmt_bps_avi
avpriv_find_pix_fmt
av_init_packet
av_packet_free
avpriv_find_start_code
avpriv_exif_decode_ifd
av_packet_unref
av_packet_new_side_data
avcodec_pix_fmt_to_codec_tag

avutil-56

av_buffer_create
av_buffer_ref
av_frame_free
av_opt_set_dict2
av_pix_fmt_desc_get
av_calloc
av_timegm
av_get_random_seed
av_timecode_get_smpte_from_framenum
av_gcd
av_opt_flag_is_set
av_opt_get_int
av_strndup
av_dynarray_add
av_compare_mod
av_add_stable
av_opt_set_from_string
av_opt_next
av_opt_set_dict_val
av_opt_get_dict_val
av_opt_ptr
av_parse_time
av_gettime
av_buffer_default_free
av_frame_alloc
av_pix_fmt_get_chroma_sub_sample
av_compare_ts
av_rescale_q_rnd
av_log_once
av_aes_ctr_increment_iv
av_aes_ctr_set_random_iv
av_aes_ctr_get_iv
avpriv_get_gamma_from_trc
av_timecode_check_frame_rate
av_timecode_init_from_string
av_rescale_rnd
av_content_light_metadata_alloc
av_mastering_display_metadata_alloc
av_encryption_init_info_add_side_data
av_encryption_init_info_get_side_data
av_encryption_init_info_free
av_encryption_init_info_alloc
av_encryption_info_add_side_data
av_encryption_info_free
av_encryption_info_clone
av_encryption_info_alloc
av_dovi_alloc
av_timecode_make_string
av_stereo3d_alloc
av_spherical_alloc
av_sha_final
av_sha_update
av_sha_init
av_sha_alloc
av_color_space_name
av_color_transfer_name
av_color_primaries_name
av_aes_ctr_set_full_iv
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_init
av_aes_ctr_alloc
av_aes_crypt
av_aes_init
av_aes_alloc
av_strlcatf
av_strlcat
av_stristr
avpriv_dict_set_timestamp
av_d2q
av_fast_realloc
av_realloc_array
av_realloc
av_malloc_array
av_get_channel_layout_nb_channels
av_buffer_alloc
av_dynarray_add_nofree
av_fast_malloc
av_dict_free
av_dict_copy
av_bprint_chars
av_bprintf
av_strncasecmp
av_dict_set_int
av_reallocp_array
av_opt_get
av_match_name
av_timecode_make_smpte_tc_string2
av_stereo3d_type_name
av_spherical_projection_name
av_spherical_tile_bounds
av_display_rotation_get
av_dict_count
av_get_picture_type_char
av_get_channel_name
av_crc
av_crc_get_table
av_bprint_finalize
av_bprint_append_data
av_vbprintf
av_bprint_init
av_usleep
av_gettime_relative
av_opt_copy
av_opt_set
av_opt_set_dict
av_opt_free
av_opt_set_defaults
av_strdup
av_strerror
av_match_list
av_strlcpy
av_strstart
av_get_pix_fmt_name
av_asprintf
avpriv_report_missing_feature
av_mul_q
av_reduce
av_realloc_f
av_get_media_type_string
av_buffer_unref
av_strcasecmp
av_fourcc_make_string
avpriv_request_sample
av_rescale_q
av_rescale
av_div_q
av_dict_set
av_dict_get
av_freep
av_reallocp
av_mallocz_array
av_default_item_name
av_free
av_mallocz
av_log
av_malloc
av_timecode_init

ws2_32

WSAStartup
WSACleanup

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
MultiByteToWideChar
MoveFileExW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitOnceBeginInitialize
InitOnceComplete
MoveFileExA

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
strstr
strrchr
memset
memmove
strchr
memcmp
memcpy

api-ms-win-crt-runtime-l1-1-0

abort
_initterm
_configure_narrow_argv
_errno
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_cexit
_execute_onexit_table

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
_write
_read
_close
__stdio_common_vfprintf
_lseeki64
_wsopen
_sopen
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strspn
strcspn
strncmp
strcmp

api-ms-win-crt-math-l1-1-0

hypot
lrintf
ceil
llrint
lrint
_fdopen

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-time-l1-1-0

_gmtime64
strftime
_localtime64

api-ms-win-crt-filesystem-l1-1-0

_wstat64
_fstat64
_stat64

api-ms-win-crt-convert-l1-1-0

atoi
strtod
strtoll
strtol

Exports

Exports

av_add_index_entry
av_append_packet
av_apply_bitstream_filters
av_codec_get_id
av_codec_get_tag
av_codec_get_tag2
av_demuxer_iterate
av_demuxer_open
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_fmt_ctx_get_duration_estimation_method
av_fopen_utf8
av_format_ffversion
av_format_get_audio_codec
av_format_get_control_message_cb
av_format_get_data_codec
av_format_get_metadata_header_padding
av_format_get_opaque
av_format_get_open_cb
av_format_get_probe_score
av_format_get_subtitle_codec
av_format_get_video_codec
av_format_inject_global_side_data
av_format_set_audio_codec
av_format_set_control_message_cb
av_format_set_data_codec
av_format_set_metadata_header_padding
av_format_set_opaque
av_format_set_open_cb
av_format_set_subtitle_codec
av_format_set_video_codec
av_get_frame_filename
av_get_frame_filename2
av_get_output_timestamp
av_get_packet
av_guess_codec
av_guess_format
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleaved_write_frame
av_interleaved_write_uncoded_frame
av_match_ext
av_muxer_iterate
av_new_program
av_oformat_next
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_buffer2
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_program_add_stream_index
av_read_frame
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_sdp_create
av_seek_frame
av_stream_add_side_data
av_stream_get_codec_timebase
av_stream_get_end_pts
av_stream_get_parser
av_stream_get_r_frame_rate
av_stream_get_recommended_encoder_configuration
av_stream_get_side_data
av_stream_new_side_data
av_stream_set_r_frame_rate
av_stream_set_recommended_encoder_configuration
av_url_split
av_write_frame
av_write_trailer
av_write_uncoded_frame
av_write_uncoded_frame_query
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_flush
avformat_free_context
avformat_get_class
avformat_get_mov_audio_tags
avformat_get_mov_video_tags
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_init_output
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_transfer_internal_stream_timing_info
avformat_version
avformat_write_header
avio_accept
avio_alloc_context
avio_check
avio_close
avio_close_dir
avio_close_dyn_buf
avio_closep
avio_context_free
avio_enum_protocols
avio_feof
avio_find_protocol_name
avio_flush
avio_free_directory_entry
avio_get_dyn_buf
avio_get_str
avio_get_str16be
avio_get_str16le
avio_handshake
avio_open
avio_open2
avio_open_dir
avio_open_dyn_buf
avio_pause
avio_print_string_array
avio_printf
avio_protocol_get_class
avio_put_str
avio_put_str16be
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_read_dir
avio_read_partial
avio_read_to_bprint
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avio_write_marker
avpriv_io_delete
avpriv_io_move
avpriv_new_chapter
avpriv_register_devices
avpriv_set_pts_info

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/ProcessUtils/avutil-56.dll
.dll windows:6 windows x64 arch:x64

d520f1446fe7668d3937dfc2fe5efd01

Code Sign

35:a3:21:fe:01:53:f1:4c
Certificate

Issuer

CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US

Not Before

24/11/2021, 20:09

Not After

25/11/2026, 20:09

Subject

CN=Developer ID Application: AESCRIPTS\, INC. (YL6UJ9V949),OU=YL6UJ9V949,O=AESCRIPTS\, INC.,C=US,0.9.2342.19200300.100.1.1=#130a594c36554a3956393439

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5f:26:f1:ab:29:01:17:73:8c:7f:50:7f:43:31:4d:b5:c2:7c:03:8c:55:ae:df:bd:d4:7b:f4:5b:06:e2:92:2b
Signer

Actual PE Digest

5f:26:f1:ab:29:01:17:73:8c:7f:50:7f:43:31:4d:b5:c2:7c:03:8c:55:ae:df:bd:d4:7b:f4:5b:06:e2:92:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

GetDesktopWindow

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGenRandom

kernel32

LoadLibraryExA
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentProcess
GetProcessAffinityMask
InitOnceBeginInitialize
InitOnceComplete
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
MultiByteToWideChar
ReleaseMutex
WaitForSingleObjectEx
CreateMutexA
GetSystemDirectoryW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
LoadLibraryExW
LoadLibraryA
FreeLibrary
GetStdHandle
GetConsoleMode
WriteConsoleW
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WakeAllConditionVariable
Sleep
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter

vcruntime140

__std_type_info_destroy_list
strstr
memcpy
memchr
memset
strchr
strrchr
memcmp
wcsrchr
__C_specific_handler
memmove

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
abort
_cexit
_initterm
_errno
_beginthreadex

api-ms-win-crt-math-l1-1-0

frexp
pow
log
log10
sqrt
fmod
hypot
atan2
cos
sin
acos
asin
atan
_fdopen
exp
fabs
sinh
tan
tanh
exp2
round
trunc
scalbn
copysign
ceil
floor
lrintf
cosh
llrint

api-ms-win-crt-stdio-l1-1-0

_tempnam
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vfprintf
fputs
__acrt_iob_func
_get_osfhandle
_sopen
_isatty
_wsopen
_close

api-ms-win-crt-string-l1-1-0

strspn
strncmp
strcspn

api-ms-win-crt-time-l1-1-0

clock
_mktime64
_localtime64
_gmtime64
strftime

api-ms-win-crt-convert-l1-1-0

atoi
strtoll
strtod
strtol
strtoul

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-heap-l1-1-0

_aligned_free
_aligned_malloc
_aligned_realloc
free

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

bsearch

Exports

Exports

av_add_i
av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_append_path_component
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_buffer_get_opaque
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_layout_extract_channel
av_chroma_location_from_name
av_chroma_location_name
av_cmp_i
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_cpu_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_default_get_category
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynamic_hdr_plus_create_side_data
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_count_func
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc_array
av_fifo_drain
av_fifo_free
av_fifo_freep
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_best_effort_timestamp
av_frame_get_buffer
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_color_range
av_frame_get_colorspace
av_frame_get_decode_error_flags
av_frame_get_metadata
av_frame_get_pkt_duration
av_frame_get_pkt_pos
av_frame_get_pkt_size
av_frame_get_plane_buffer
av_frame_get_qp_table
av_frame_get_sample_rate
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_set_best_effort_timestamp
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_color_range
av_frame_set_colorspace
av_frame_set_decode_error_flags
av_frame_set_metadata
av_frame_set_pkt_duration
av_frame_set_pkt_pos
av_frame_set_pkt_size
av_frame_set_qp_table
av_frame_set_sample_rate
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_gcd_q
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_colorspace_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_extended_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create_derived_opts
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int2i
av_int_list_length_for_size
av_lfg_init
av_lfg_init_from_data
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_once
av_log_set_callback
av_log_set_flags
av_log_set_level
av_malloc
av_malloc_array
av_mallocz
av_mallocz_array
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_memdup
av_mod_i
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_nearer_q
av_opt_child_class_iterate
av_opt_child_class_next
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_channel_layout
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_channel_layout
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_cpu_flags
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_pixelutils_get_sad_fn
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_read_image_line
av_read_image_line2
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_ripemd_alloc
av_ripemd_final
av_ripemd_init
av_ripemd_size
av_ripemd_update
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_cpu_flags_mask
av_set_options_string
av_sha512_alloc
av_sha512_final
av_sha512_init
av_sha512_size
av_sha512_update
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_shr_i
av_small_strptime
av_spherical_alloc
av_spherical_from_name
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_stereo3d_from_name
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod
av_strtok
av_sub_i
av_sub_q
av_tea_alloc
av_tea_crypt
av_tea_init
av_tea_size
av_tempfile
av_thread_message_flush
av_thread_message_queue_alloc
av_thread_message_queue_free
av_thread_message_queue_nb_elems
av_thread_message_queue_recv
av_thread_message_queue_send
av_thread_message_queue_set_err_recv
av_thread_message_queue_set_err_send
av_thread_message_queue_set_free_func
av_timecode_adjust_ntsc_framenum2
av_timecode_check_frame_rate
av_timecode_get_smpte
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string
av_timecode_make_smpte_tc_string2
av_timecode_make_string
av_timegm

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/css/styles.css
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/css/stylesReorderableList.css
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/cssCommon/jquery-ui.min.css
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/cssCommon/styles.css
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/font/SIL Open Font License.txt
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/font/SourceSansPro-Light.otf
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/font/SourceSansPro-Regular.otf
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/font/SourceSansPro-Semibold.otf
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/AnalyseProjectUI.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/FilterOptions.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/MediaProcessOptions.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/PlumePackDocumentation.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/ToolboxTab.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/TransformOptions.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/html/WarpTab.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/PlumePack_Schema_CutTrackItemOption_png8.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/akFavicon.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/akNotification.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/akOptions.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/iconFile.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/iconFolder.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/iconMulticam.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/iconTimeline.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/ppLogo.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/images/videoicon.png
.png
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/index.html
.html
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/js/PlumePack_Panel_Main.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/jsx/entry.jsx
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/CEPEngine_extensions.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/CSInterface.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/iniParsing.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/jquery-1.12.1.min.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/jquery-ui.min.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/lib/json2.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/mimetype
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/.package-lock.json
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/LICENSE
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/README.md
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/adm-zip.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/headers/entryHeader.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/headers/index.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/headers/mainHeader.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/methods/deflater.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/methods/index.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/methods/inflater.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/package.json
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/constants.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/errors.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/fattr.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/fileSystem.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/index.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/util/utils.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/zipEntry.js
.js
$PROGRAMFILES/Common Files/Adobe/CEP/extensions/com.autokroma.plumepackpanel/node_modules/adm-zip/zipFile.js
.js
$TEMP/dll_not_found_error_means_you_need_to_install_vcredist.exe
.exe windows:6 windows x64 arch:x64

959754d23cd7c366f8efc45e6a194a7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?uncaught_exceptions@std@@YAHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
memcpy
__std_terminate
__current_exception_context
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
terminate
_initialize_onexit_table
_register_onexit_function
_c_exit
_cexit
__p___wargv
_seh_filter_exe
_exit
exit
_initterm_e
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_set_app_type
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

RtlCaptureContext
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
IsProcessorFeaturePresent

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 84KB

.rsrc Size: 309KB - Virtual size: 309KB

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 104B

.reloc Size: 1024B - Virtual size: 636B

ebc2d915841be8afc8fa1ee9f6850960

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 628B

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 602B

.data Size: 512B - Virtual size: 28B

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 352B

4206f53b565f3ea1e98ef118d5ff73be

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 84KB

.rsrc
Size: 309KB - Virtual size: 309KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 628B

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 602B

.data
Size: 512B - Virtual size: 28B

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 352B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:b4:51:34:7f:bb:59:0a:44:ad:c1:9a:ac:19:54:c5
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

b4:1f:67:47:42:24:3d:bd:a5:40:f2:58:88:45:d4:b7:6c:22:01:dc:74:94:68:f9:09:6a:93:32:6f:16:7a:9c
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 440KB - Virtual size: 439KB

.data
Size: 13KB - Virtual size: 22KB

.pdata
Size: 48KB - Virtual size: 48KB

_RDATA
Size: 1024B - Virtual size: 556B

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 6KB - Virtual size: 5KB

35:a3:21:fe:01:53:f1:4c
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

b2:f6:4d:f7:8c:34:f0:3c:6f:44:2a:79:6f:e8:d0:c3:9e:45:65:b6:62:ab:0c:c0:72:7e:0b:31:ee:a6:6c:de
Signer