[Guru3D[.]com]-RTSS[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

[Guru3D.com]-RTSS.zip
Size

15.9MB
MD5

6127e45fb3202be5675b1adad947f905
SHA1

7dd8a12158649b37681490a7c5f16b818546b62a
SHA256

e11fe1d98c2ee29a6e052efa804faa363774a09f8636073d0c81a7060de1c09f
SHA512

548e70d9eef6b60b40604e3fc04aa14262ee5d03cc69059618854d84a5b54719dd00fc3de8f778df6487f4b0f4466e7f1abc36386d0f4364e9384678309da3f2
SSDEEP

393216:pVcSvt4A8uRcMjV3Vazy13Efm2Hj/E5glGqX6eDyA:lvSA8uRFjlVaeJWmS/ogQqXcA

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/LangDLL.dll
unpack002/$PLUGINSDIR/LockedList.dll
unpack002/$PLUGINSDIR/LockedList64.dll
unpack002/$PLUGINSDIR/StartMenu.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/$R0
unpack002/Codec/rtvcvfw32.dll
unpack002/RTFC.dll
unpack002/RTMUI.dll
unpack002/RTUI.dll

Files

[Guru3D.com]-RTSS.zip
.zip
RTSSSetup736.exe
.exe windows:4 windows x86 arch:x86

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c2:12:29:5c:f5:60:0f:bd:ed:f8:75:4a:85:76:78:dd:25:df:5a:73
Signer

Actual PE Digest

c2:12:29:5c:f5:60:0f:bd:ed:f8:75:4a:85:76:78:dd:25:df:5a:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GlobalFree
lstrcpynW
lstrcmpW
GlobalAlloc
MulDiv
GetModuleHandleW
lstrcpyW

user32

DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
SetWindowTextW
LoadIconW
ShowWindow
SendMessageW
GetDC

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LockedList.dll
.dll windows:5 windows x86 arch:x86

c26621761683a926589c7f7a96aa5d75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_ReplaceIcon
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathAppendW

kernel32

QueryDosDeviceW
DuplicateHandle
CreateEventW
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
OpenProcess
GlobalAlloc
Sleep
TerminateProcess
GetModuleFileNameW
CreateFileW
lstrcmpW
lstrlenW
GetLastError
GlobalFree
LocalAlloc
GetExitCodeThread
WaitForMultipleObjects
lstrcmpiW
lstrcatW
CloseHandle
GetCurrentProcessId
LocalFree
lstrcpyW
CreateThread
lstrcpynW
SetEvent
LoadLibraryW
TerminateThread
GetProcAddress
ResetEvent
GetVersion

user32

DestroyIcon
SetWindowTextW
CallWindowProcW
SetClipboardData
EnableWindow
MapWindowPoints
SendMessageW
GetSystemMetrics
MessageBoxW
OpenClipboard
CreateWindowExW
IsWindow
CreateDialogParamW
SendMessageTimeoutW
CreatePopupMenu
ShowWindow
GetCursorPos
SetWindowPos
SetWindowLongW
GetDlgItem
EmptyClipboard
GetClassNameW
MoveWindow
GetWindowTextW
AppendMenuW
SetCursorPos
IsDialogMessageW
TranslateMessage
wsprintfW
CharLowerW
GetClientRect
MsgWaitForMultipleObjects
PostMessageW
LoadImageW
TrackPopupMenu
GetMessageW
SetActiveWindow
GetWindowRect
ScreenToClient
CloseClipboard
SetCursor
DestroyWindow
GetWindow
GetWindowThreadProcessId
GetWindowLongW
EnumWindows
DispatchMessageW
PeekMessageW
DestroyMenu

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

ExtractIconExW
ShellExecuteExW

Exports

Exports

AddApplications
AddCaption
AddClass
AddCustom
AddFile
AddFolder
AddModule
CloseProcess
Dialog
EnumProcesses
FindProcess
InitDialog
IsFileLocked
Show
SilentPercentComplete
SilentSearch
SilentWait

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LockedList64.dll
.dll windows:5 windows x64 arch:x64

30682cbcd9e51d263811845cece41fd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetCurrentProcess
lstrcmpW
CloseHandle
GlobalAlloc
lstrcpynW
GlobalFree
lstrcpyW
WaitForSingleObject
GetModuleHandleW
OpenProcess
LoadLibraryW
lstrlenW
GetProcAddress
ResetEvent
CreateEventW
lstrcatW
GetVersion
QueryDosDeviceW

user32

wsprintfW
GetWindow
GetWindowThreadProcessId
GetWindowTextW
EnumWindows
GetWindowLongPtrW
IsWindow
SendMessageW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

CommandLineToArgvW

Exports

Exports

EnumSystemProcesses64W
GetSystemModulesCount64W

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

80469f6834e579db68a646d49780b9d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
FindClose
FindNextFileW
lstrcmpW
GetModuleHandleW
lstrcmpiW
MulDiv
lstrcpynW
GlobalAlloc
lstrcpyW
FindFirstFileW
GlobalFree

user32

GetMessageW
TranslateMessage
PostMessageW
DispatchMessageW
GetDlgItem
GetWindowLongW
CheckDlgButton
ShowWindow
LoadIconW
GetClientRect
MoveWindow
DestroyWindow
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextW
SendMessageW
IsDlgButtonChecked
GetWindowTextW
CreateDialogParamW
SetWindowLongW
wsprintfW
ScreenToClient
IsDialogMessageW
CallWindowProcW

gdi32

GetTextMetricsW
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R0
.dll windows:6 windows x86 arch:x86

738ffe5e32f854da1e1205178a94885a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS735_2022\RTV\Release\rtvcvfw32.pdb

Imports

winmm

DefDriverProc

kernel32

lstrcmpiA
ReadFile
CreateFileW
ReadConsoleW
GetFileSize
OutputDebugStringW
WriteConsoleW
OpenFile
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
DecodePointer
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetCurrentThread
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
HeapReAlloc
CloseHandle

user32

GetDesktopWindow

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

Exports

Exports

Configure
DriverProc

Sections

.text
Size: 719KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codec/rtvcvfw32.dll
.dll windows:6 windows x86 arch:x86

738ffe5e32f854da1e1205178a94885a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS735_2022\RTV\Release\rtvcvfw32.pdb

Imports

winmm

DefDriverProc

kernel32

lstrcmpiA
ReadFile
CreateFileW
ReadConsoleW
GetFileSize
OutputDebugStringW
WriteConsoleW
OpenFile
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
DecodePointer
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetCurrentThread
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetConsoleCtrlHandler
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
HeapReAlloc
CloseHandle

user32

GetDesktopWindow

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

Exports

Exports

Configure
DriverProc

Sections

.text
Size: 719KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopOverlayHost.exe
.exe windows:6 windows x86 arch:x86

bca3bb317990b0d4a50cbfe6c046c5ce

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

45:cf:69:6e:40:83:50:28:49:e4:a0:8b:e1:ed:cd:ba:44:84:d3:81
Signer

Actual PE Digest

45:cf:69:6e:40:83:50:28:49:e4:a0:8b:e1:ed:cd:ba:44:84:d3:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

timeKillEvent
timeSetEvent

d3d9

Direct3DCreate9

opengl32

glViewport
glClearColor
glClear
wglDeleteContext
wglCreateContext
wglMakeCurrent

mfc140

ord10962
ord11343
ord4084
ord3396
ord3395
ord3159
ord6193
ord13677
ord2758
ord12115
ord5938
ord9167
ord6473
ord8713
ord10963
ord6505
ord8997
ord1507
ord4870
ord14048
ord3050
ord1529
ord1526
ord8735
ord14514
ord14512
ord4807
ord14149
ord8705
ord4218
ord6581
ord3924
ord2524
ord4869
ord14291
ord265
ord266
ord2381
ord14571
ord12348
ord14518
ord2376
ord12291
ord6724
ord7407
ord7619
ord7774
ord2407
ord4485
ord9647
ord4493
ord4972
ord4911
ord4896
ord4958
ord5003
ord4926
ord4981
ord4997
ord4938
ord4944
ord4950
ord4932
ord4987
ord4920
ord1772
ord1751
ord1765
ord1739
ord1717
ord12201
ord12205
ord13798
ord3259
ord9213
ord10950
ord6947
ord12163
ord8922
ord14502
ord11881
ord3830
ord12032
ord9096
ord11672
ord11671
ord5631
ord8996
ord10236
ord10238
ord4083
ord10237
ord14699
ord2759
ord8173
ord3295
ord3298
ord13681
ord6195
ord3240
ord3354
ord1044
ord316
ord1109
ord458
ord12526
ord14223
ord8438
ord9165
ord8931
ord14131
ord11838
ord12948
ord2799
ord8420
ord8429
ord8347
ord12806
ord8285
ord5336
ord2484
ord12484
ord12485
ord14509
ord7886
ord14507
ord9353
ord4143
ord4082
ord12888
ord7905
ord2027
ord11927
ord11928
ord14380
ord12474
ord7964
ord14581
ord6322
ord14583
ord6324
ord14582
ord6323
ord3844
ord5894
ord12182
ord12190
ord8180
ord10383
ord12194
ord12162
ord12869
ord5228
ord5528
ord5739
ord9305
ord5504
ord5742
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord365
ord8306
ord5398
ord9332
ord9422
ord10202
ord9166
ord6832
ord4581
ord3933
ord10240
ord12074
ord2344
ord3363
ord14243
ord2241
ord2200
ord7961
ord1469
ord994
ord7618
ord10330
ord1509
ord5401
ord10379
ord10986
ord1389
ord890
ord3825
ord305
ord5898
ord3005
ord300
ord14054
ord7783
ord14421
ord13820
ord10421
ord7459
ord3685
ord3689
ord3688
ord2210
ord1431
ord1000
ord1472
ord6798
ord10207
ord6104
ord5769
ord12111
ord3258
ord3364
ord12067
ord2680
ord5911
ord13628
ord11663
ord6848
ord14508
ord7887
ord10239
ord14510
ord310

kernel32

CreateFileMappingA
GetLastError
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
Sleep
SetEnvironmentVariableA
MapViewOfFile
UnmapViewOfFile
DeleteCriticalSection
MultiByteToWideChar
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
GetModuleHandleW
OutputDebugStringW
LocalFree
LoadLibraryExA
InitializeCriticalSectionEx
GetSystemDirectoryA
FreeLibrary
CloseHandle
GetModuleHandleA
OpenFileMappingA
GetProcAddress
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
LoadLibraryA

user32

FindWindowA
RegisterWindowMessageA
RedrawWindow
GetMonitorInfoA
SetLayeredWindowAttributes
SetCursor
GetAsyncKeyState
CopyRect
MessageBeep
GetSysColor
PostMessageA
GetSubMenu
EnableWindow
InsertMenuA
GetDC
ReleaseDC
PeekMessageA
EnumDisplayMonitors
MonitorFromWindow
EqualRect
SetForegroundWindow
LoadCursorW
DefWindowProcW
RegisterClassW
MessageBoxA
ModifyMenuA
SetCapture
ReleaseCapture
ClientToScreen
GetWindowRect
LoadIconW
LoadCursorA
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
CheckMenuItem
DrawIcon
PtInRect
LoadImageA
LoadMenuW
GetCursorPos
MonitorFromPoint

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers
CreateSolidBrush
GetStockObject
DeleteObject

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecA
PathRenameExtensionA

ole32

CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear
VariantInit

vcruntime140

__CxxFrameHandler3
__std_terminate
_purecall
memset
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
memcpy

api-ms-win-crt-string-l1-1-0

strcpy_s
strcat_s

api-ms-win-crt-runtime-l1-1-0

_c_exit
_invalid_parameter_noinfo
_controlfp_s
_register_thread_local_exe_atexit_callback
_initterm_e
_initterm
_get_narrow_winmain_command_line
_exit
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
exit
_errno

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsscanf
_set_fmode
__p__commode

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopOverlayHostLoader.exe
.exe windows:6 windows x86 arch:x86

0171a9def2d9571fd9e4f19fa6c056ce

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

26:65:07:31:42:6b:e4:65:7d:e0:08:d9:74:6b:62:63:61:6a:97:90
Signer

Actual PE Digest

26:65:07:31:42:6b:e4:65:7d:e0:08:d9:74:6b:62:63:61:6a:97:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA

kernel32

GetModuleHandleW
GetStartupInfoW
GetModuleFileNameA
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter

shell32

ShellExecuteA

vcruntime140

memset
__current_exception_context
__current_exception
_except_handler4_common

api-ms-win-crt-string-l1-1-0

strcat_s

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_cexit
_c_exit
_controlfp_s
terminate
_exit
exit
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe
_initterm
_crt_atexit
_get_narrow_winmain_command_line

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EncoderServer.cfg
EncoderServer.exe
.exe windows:6 windows x86 arch:x86

a0f3ff6e1deda9ba76340276602d9d01

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d7:6a:4d:dc:af:19:dc:80:55:8f:fa:a2:a1:44:9a:49:e4:92:12:86
Signer

Actual PE Digest

d7:6a:4d:dc:af:19:dc:80:55:8f:fa:a2:a1:44:9a:49:e4:92:12:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\RTSS736\EncoderServer\EncoderServer\Release\EncoderServer.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

mfc140

ord11928
ord11927
ord2027
ord7905
ord12888
ord4082
ord4143
ord9353
ord14507
ord7886
ord14509
ord12485
ord12484
ord2484
ord5336
ord8285
ord12806
ord8347
ord8429
ord8420
ord2799
ord12948
ord11838
ord4580
ord8931
ord9165
ord8438
ord14223
ord12526
ord12706
ord366
ord1070
ord6724
ord7406
ord998
ord1471
ord4582
ord7452
ord12870
ord10384
ord12191
ord555
ord1184
ord8468
ord1655
ord2407
ord2344
ord1044
ord11972
ord7961
ord1469
ord994
ord7618
ord10330
ord6195
ord13681
ord3298
ord3295
ord8173
ord14380
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord5894
ord9096
ord12032
ord11881
ord14502
ord8922
ord12163
ord6947
ord10950
ord9213
ord7964
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord4911
ord4972
ord4493
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord11663
ord13628
ord5911
ord2680
ord12067
ord3933
ord3364
ord3363
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord2759
ord12474
ord5769
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord14581
ord6322
ord14583
ord10207
ord6324
ord9166
ord12182
ord12190
ord8180
ord10383
ord12194
ord12162
ord12869
ord5742
ord10202
ord6832
ord266
ord6836
ord305
ord5898
ord3005
ord14582
ord4807
ord316
ord3627
ord1507
ord6323
ord265
ord1529
ord9422
ord3259
ord3844
ord3825
ord3830
ord11672
ord310
ord7619
ord1472
ord1000
ord1509
ord2241
ord14131

kernel32

CloseHandle
OutputDebugStringW
CreateFileMappingA
GetLastError
OpenEventA
MapViewOfFile
UnmapViewOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
CreateEventA
WaitForMultipleObjects
GetPrivateProfileIntA
SetEvent
WaitForSingleObject
CreateMutexA
OpenFile
ReleaseMutex
SetFilePointer
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
WriteFile
_lclose
LoadLibraryA
GetProcAddress
GetModuleFileNameA
ResumeThread
ResetEvent
UnhandledExceptionFilter
FreeLibrary
InitializeCriticalSectionEx
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
SetThreadPriority
GetModuleHandleW
DeleteCriticalSection

user32

FindWindowA
LoadCursorA
EnableWindow
KillTimer
PostMessageA
PeekMessageA
SetTimer

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecA
PathRenameExtensionA

vcruntime140

__CxxFrameHandler3
__std_terminate
memset
_except_handler4_common
__current_exception
__current_exception_context

api-ms-win-crt-string-l1-1-0

_stricmp
strcat_s
strcpy_s

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__stdio_common_vsprintf_s

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_controlfp_s
terminate
_register_thread_local_exe_atexit_callback
_c_exit
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EncoderServer64.exe
.exe windows:6 windows x64 arch:x64

c6d186d15b251b7b6ea3cbaf33e809fa

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:e5:68:bf:0a:95:c8:4b:ab:a4:f5:a0:1b:e5:9a:24:c8:14:1a:87
Signer

Actual PE Digest

43:e5:68:bf:0a:95:c8:4b:ab:a4:f5:a0:1b:e5:9a:24:c8:14:1a:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\RTSS736\EncoderServer\EncoderServer\Release\EncoderServer.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

mfc140

ord14133
ord7619
ord14135
ord12171
ord12170
ord2437
ord5167
ord7989
ord12490
ord8050
ord8131
ord8122
ord2723
ord12631
ord11532
ord13766
ord8627
ord8861
ord8140
ord12212
ord12391
ord365
ord1057
ord6483
ord7152
ord986
ord1449
ord4438
ord7198
ord12553
ord10080
ord11878
ord543
ord1162
ord8170
ord1633
ord2368
ord1032
ord11659
ord7685
ord1447
ord982
ord7363
ord10026
ord5982
ord13331
ord3205
ord3202
ord7881
ord2696
ord14279
ord9933
ord9935
ord9934
ord9932
ord9936
ord5435
ord11365
ord11366
ord9049
ord11719
ord11575
ord14128
ord8618
ord11850
ord3941
ord10644
ord11614
ord2917
ord13438
ord11892
ord11888
ord1695
ord1717
ord1743
ord1729
ord1750
ord4765
ord4832
ord4777
ord4795
ord4789
ord4783
ord4842
ord4826
ord4771
ord4848
ord4803
ord4741
ord4756
ord4817
ord4351
ord9343
ord4343
ord2962
ord14136
ord7620
ord14134
ord6607
ord11357
ord13284
ord5704
ord2627
ord11754
ord3804
ord3271
ord3270
ord3165
ord11798
ord5064
ord5347
ord5536
ord9001
ord5323
ord5566
ord5067
ord5213
ord5049
ord7430
ord7431
ord7420
ord5211
ord7890
ord9903
ord8792
ord4002
ord8862
ord6595
ord3529
ord1485
ord9118
ord3705
ord3710
ord7364
ord1450
ord988
ord12571
ord11615
ord7637
ord316
ord4648
ord265
ord14007
ord12160
ord7688
ord14207
ord6100
ord14209
ord6102
ord14208
ord6101
ord3723
ord5687
ord11869
ord11877
ord7888
ord10079
ord11881
ord11849
ord12552
ord5539
ord9898
ord6591
ord266
ord305
ord1507
ord2004
ord8909
ord310
ord4436
ord5691
ord3166
ord1487
ord6703
ord2310
ord2207
ord13857

kernel32

OutputDebugStringW
GetPrivateProfileIntA
CloseHandle
CreateFileMappingA
GetLastError
OpenEventA
MapViewOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
CreateEventA
WaitForMultipleObjects
ResetEvent
SetEvent
WaitForSingleObject
CreateMutexA
GetModuleFileNameA
ResumeThread
UnmapViewOfFile
OpenFile
ReleaseMutex
SetFilePointer
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
WriteFile
_lclose
LoadLibraryA
GetProcAddress
InitializeSListHead
GetSystemTimeAsFileTime
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetThreadPriority
DeleteCriticalSection
InitializeCriticalSectionEx
FreeLibrary

user32

FindWindowA
SetTimer
EnableWindow
LoadCursorA
PostMessageA
PeekMessageA
KillTimer

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecA
PathRenameExtensionA

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
__std_terminate
__C_specific_handler
memset
__current_exception
__current_exception_context

api-ms-win-crt-string-l1-1-0

_stricmp
strcat_s
strcpy_s

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vsprintf_s
_set_fmode

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

api-ms-win-crt-runtime-l1-1-0

_get_narrow_winmain_command_line
terminate
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_exit
exit
_initterm_e
_initterm
_initialize_onexit_table
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTFC.dll
.dll windows:6 windows x86 arch:x86

3e8d48e95652b98c2e2613040452524c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\RTFCSDK\lib\free\RTFC.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

PathRemoveFileSpecA
SHDeleteKeyA
PathAddBackslashA

kernel32

GetFileSize
ReadFile
OpenFile
CreateFileA
CloseHandle
GetLastError
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
SetFilePointer
WriteFile
WritePrivateProfileStringA
WaitForSingleObject
CreateMutexA
GetCurrentProcessId
GetLocalTime
_lclose
GetVersionExA
GetModuleFileNameA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
LocalFree
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ReleaseMutex
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA

ole32

CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
SetErrorInfo
VariantChangeType
GetErrorInfo
CreateErrorInfo

vcruntime140

memset
__current_exception
__current_exception_context
strchr
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
__std_terminate
strstr
_purecall
_except_handler4_common
memcpy
__CxxFrameHandler3
strrchr
_CxxThrowException

api-ms-win-crt-string-l1-1-0

wcscmp
strcat_s
isdigit
_strnicmp
strlen
_stricmp
strcpy_s
_strupr_s
strpbrk
strncpy_s
_strlwr_s

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s

api-ms-win-crt-stdio-l1-1-0

_sopen_s
fseek
fgets
__stdio_common_vsprintf_s
feof
__stdio_common_vsscanf
fclose
__stdio_common_vsnprintf_s

api-ms-win-crt-math-l1-1-0

pow
_fdopen

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_crt_atexit
_crt_at_quick_exit
_initterm
_initterm_e
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

Exports

Exports

??0CCRC32@@QAE@ABV0@@Z
??0CCRC32@@QAE@XZ
??0CConfigCache@@QAE@ABV0@@Z
??0CConfigCache@@QAE@XZ
??0CFileVersion@@QAE@ABV0@@Z
??0CFileVersion@@QAE@XZ
??0CFormulaLexicalAnalyzer@@QAE@ABV0@@Z
??0CFormulaLexicalAnalyzer@@QAE@XZ
??0CFormulaTranslator@@QAE@ABV0@@Z
??0CFormulaTranslator@@QAE@XZ
??0CFormulaTranslatorVariableProvider@@QAE@ABV0@@Z
??0CFormulaTranslatorVariableProvider@@QAE@XZ
??0CLexicalAnalyzer@@QAE@ABV0@@Z
??0CLexicalAnalyzer@@QAE@XZ
??0CLog@@QAE@ABV0@@Z
??0CLog@@QAE@XZ
??0CMultiString@@QAE@ABV0@@Z
??0CMultiString@@QAE@PBD@Z
??0CMultiString@@QAE@XZ
??0COSVersion@@QAE@ABV0@@Z
??0COSVersion@@QAE@XZ
??0CPtrListLite@@QAE@ABV0@@Z
??0CPtrListLite@@QAE@XZ
??0CPtrStack@@QAE@ABV0@@Z
??0CPtrStack@@QAE@XZ
??0CRegValue@@QAE@ABV0@@Z
??0CRegValue@@QAE@XZ
??0CStringLite@@QAE@ABV0@@Z
??0CStringLite@@QAE@PBD@Z
??0CStringLite@@QAE@PBDH@Z
??0CStringLite@@QAE@XZ
??0CTaskSchedulerInterface@@QAE@ABV0@@Z
??0CTaskSchedulerInterface@@QAE@XZ
??0CTextFile@@QAE@ABV0@@Z
??0CTextFile@@QAE@XZ
??0CTokenString@@QAE@ABV0@@Z
??0CTokenString@@QAE@XZ
??0CWOW64@@QAE@ABV0@@Z
??0CWOW64@@QAE@XZ
??1CCRC32@@UAE@XZ
??1CConfigCache@@UAE@XZ
??1CFileVersion@@UAE@XZ
??1CFormulaLexicalAnalyzer@@UAE@XZ
??1CFormulaTranslator@@UAE@XZ
??1CFormulaTranslatorVariableProvider@@UAE@XZ
??1CLexicalAnalyzer@@UAE@XZ
??1CLog@@UAE@XZ
??1CMultiString@@UAE@XZ
??1COSVersion@@UAE@XZ
??1CPtrListLite@@UAE@XZ
??1CPtrStack@@UAE@XZ
??1CRegValue@@UAE@XZ
??1CStringLite@@UAE@XZ
??1CTaskSchedulerInterface@@UAE@XZ
??1CTextFile@@UAE@XZ
??1CTokenString@@UAE@XZ
??1CWOW64@@UAE@XZ
??4CCRC32@@QAEAAV0@ABV0@@Z
??4CConfigCache@@QAEAAV0@ABV0@@Z
??4CFileVersion@@QAEAAV0@ABV0@@Z
??4CFormulaLexicalAnalyzer@@QAEAAV0@ABV0@@Z
??4CFormulaTranslator@@QAEAAV0@ABV0@@Z
??4CFormulaTranslatorVariableProvider@@QAEAAV0@ABV0@@Z
??4CLexicalAnalyzer@@QAEAAV0@ABV0@@Z
??4CLog@@QAEAAV0@ABV0@@Z
??4CMultiString@@QAEABV0@ABV0@@Z
??4COSVersion@@QAEAAV0@ABV0@@Z
??4CPtrListLite@@QAEAAV0@ABV0@@Z
??4CPtrStack@@QAEAAV0@ABV0@@Z
??4CRegValue@@QAEAAV0@ABV0@@Z
??4CStringLite@@QAEABV0@ABV0@@Z
??4CStringLite@@QAEABV0@D@Z
??4CStringLite@@QAEABV0@PBD@Z
??4CTaskSchedulerInterface@@QAEAAV0@ABV0@@Z
??4CTextFile@@QAEAAV0@ABV0@@Z
??4CTokenString@@QAEAAV0@ABV0@@Z
??4CWOW64@@QAEAAV0@ABV0@@Z
??BCStringLite@@QBEPBDXZ
??H@YA?AVCStringLite@@ABV0@0@Z
??H@YA?AVCStringLite@@ABV0@PBD@Z
??H@YA?AVCStringLite@@PBDABV0@@Z
??YCStringLite@@QAEABV0@ABV0@@Z
??YCStringLite@@QAEABV0@D@Z
??YCStringLite@@QAEABV0@PBD@Z
??_7CCRC32@@6B@
??_7CConfigCache@@6B@
??_7CFileVersion@@6B@
??_7CFormulaLexicalAnalyzer@@6B@
??_7CFormulaTranslator@@6B@
??_7CFormulaTranslatorVariableProvider@@6B@
??_7CLexicalAnalyzer@@6B@
??_7CLog@@6B@
??_7CMultiString@@6B@
??_7COSVersion@@6B@
??_7CPtrListLite@@6B@
??_7CPtrStack@@6B@
??_7CRegValue@@6B@
??_7CStringLite@@6B@
??_7CTaskSchedulerInterface@@6B@
??_7CTextFile@@6B@
??_7CTokenString@@6B@
??_7CWOW64@@6B@
?AddHead@CPtrListLite@@QAEPAUPTR_LIST_NODE@@PAX@Z
?AddIndent@CLog@@QAEKK@Z
?AddTail@CPtrListLite@@QAEPAUPTR_LIST_NODE@@PAX@Z
?AddTask@CTaskSchedulerInterface@@QAEHPBD000@Z
?AddUnhandledLexeme@CLexicalAnalyzer@@QAEXXZ
?AllocLexemeDescData@CLexicalAnalyzer@@QAEXKPAE@Z
?AllocateCopy@CStringLite@@QAEPADXZ
?AllocateCopy@CStringLite@@SAPADPBD@Z
?Analyze@CLexicalAnalyzer@@QAEJPBD@Z
?Append@CLog@@QAEXPBDH@Z
?Append@CMultiString@@QAEXPBD@Z
?AppendCharset@CLexicalAnalyzer@@QAEJD@Z
?AppendCharset@CLexicalAnalyzer@@QAEJDD@Z
?AppendCharset@CLexicalAnalyzer@@QAEJPBD@Z
?AppendHelper@CMultiString@@AAEXPBDK@Z
?AppendJumpTable@CLexicalAnalyzer@@QAEJGGK@Z
?AppendJumpTable@CLexicalAnalyzer@@QAEJGGKD@Z
?AppendJumpTable@CLexicalAnalyzer@@QAEJGGKDD@Z
?AppendJumpTable@CLexicalAnalyzer@@QAEJGGKPBD@Z
?AppendLexemeStr@CLexicalAnalyzer@@QAEXD@Z
?AppendLexemesList@CFormulaLexicalAnalyzer@@AAEJXZ
?AppendMulti@CMultiString@@QAEXPBD@Z
?Calc@CCRC32@@QAEKKPAEK@Z
?Calc@CCRC32@@QAEKKPBD@Z
?Calc@CFormulaTranslator@@QAEJXZ
?CalcAdd@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@0@Z
?CalcDiv@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@0@Z
?CalcMul@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@0@Z
?CalcPow@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@0@Z
?CalcSub@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@0@Z
?CalcUnaryMinus@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@@Z
?Close@CTextFile@@QAEXXZ
?CompareWithWildcard@CStringLite@@QAEHPBDD@Z
?CompareWithWildcard@CStringLite@@SAHPBD0D@Z
?CreateLexemeDesc@CLexicalAnalyzer@@QAEJK@Z
?DeleteBuf@CTokenString@@AAEXXZ
?DeleteKey@CRegValue@@QAEHXZ
?DeleteTask@CTaskSchedulerInterface@@QAEHPBD@Z
?DeleteValue@CRegValue@@QAEHPBD@Z
?DestroyCache@CTextFile@@QAEXXZ
?DestroyLexemeDesc@CLexicalAnalyzer@@QAEXPAULEXEME_DESC@@@Z
?DestroyLexemes@CLexicalAnalyzer@@QAEXXZ
?DestroyOperandsStack@CFormulaTranslator@@QAEXXZ
?DestroySectionsCache@CTextFile@@QAEXXZ
?DestroyThisLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?EnumSections@CTextFile@@QAE?AVCMultiString@@XZ
?Filter@CMultiString@@QAE?AV1@PAV1@0@Z
?Find@CPtrListLite@@QAEPAUPTR_LIST_NODE@@K@Z
?Find@CPtrListLite@@QAEPAUPTR_LIST_NODE@@PAX@Z
?Find@CStringLite@@QBEHPBD@Z
?Find@CStringLite@@QBEHPBDH@Z
?FindNoCase@CStringLite@@QBEHPBD@Z
?FindNoCase@CStringLite@@QBEHPBDH@Z
?Format@CFormulaTranslator@@QAE?AVCStringLite@@XZ
?Format@CStringLite@@QAAXPBDZZ
?Get@CConfigCache@@QAEPAUCONFIG_CACHE_ENTRY@@PBD@Z
?Get@CFileVersion@@SAKPBD@Z
?GetAt@CPtrListLite@@QAEPAXPAUPTR_LIST_NODE@@@Z
?GetCharsetSize@CLexicalAnalyzer@@QAEGXZ
?GetCount@CPtrListLite@@QAEKXZ
?GetErrName@CLexicalAnalyzer@@SA?AVCStringLite@@J@Z
?GetFilename@CLog@@QAEPBDXZ
?GetFirst@CMultiString@@QAEPBDXZ
?GetFltValue@CFormulaTranslator@@AAEMPAUFORMULATRANSLATOR_VALUE_DESC@@@Z
?GetFltValue@CFormulaTranslator@@QAEMXZ
?GetHead@CPtrListLite@@QAEPAUPTR_LIST_NODE@@XZ
?GetHeadLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetHeaderFlags@CLog@@QAEKXZ
?GetIndent@CLog@@QAEKXZ
?GetIntValue@CFormulaTranslator@@AAEJPAUFORMULATRANSLATOR_VALUE_DESC@@@Z
?GetIntValue@CFormulaTranslator@@QAEJXZ
?GetLength@CStringLite@@QBEHXZ
?GetLexemeStr@CLexicalAnalyzer@@QAEPBDXZ
?GetMajorVersion@COSVersion@@QAEKXZ
?GetMinorVersion@COSVersion@@QAEKXZ
?GetNext@CMultiString@@QAEPBDXZ
?GetNext@CPtrListLite@@QAEPAXAAPAUPTR_LIST_NODE@@@Z
?GetNextLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetParam@CTextFile@@SAHHPBDAAVCStringLite@@0H@Z
?GetParams@CTextFile@@SAHHHPBDAAVCStringLite@@0H@Z
?GetParams@CTextFile@@SAHPBDAAVCStringLite@@10H@Z
?GetParams@CTextFile@@SAHPBDAAVCStringLite@@110H@Z
?GetPlatformID@COSVersion@@QAEKXZ
?GetPrev@CPtrListLite@@QAEPAXAAPAUPTR_LIST_NODE@@@Z
?GetPrevLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetPrivateProfileStringA@CConfigCache@@QAEKPBD00PADK0@Z
?GetRange@CTextFile@@SAHPBDAAK1@Z
?GetSamDesired@CRegValue@@QAEKXZ
?GetSeparator@CTokenString@@QAEDXZ
?GetSize@CMultiString@@SAKPBD@Z
?GetStr@CFileVersion@@SA?AVCStringLite@@PBD@Z
?GetStrUni@CFileVersion@@CA?AVCStringLite@@PBD@Z
?GetStrVxd@CFileVersion@@CA?AVCStringLite@@PBD@Z
?GetSystemWow64DirectoryA@CWOW64@@SAIPADI@Z
?GetTail@CPtrListLite@@QAEPAUPTR_LIST_NODE@@XZ
?GetTailLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetThisLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetTimeStamp@CLog@@QAE_JXZ
?GetUnhandledLexeme@CLexicalAnalyzer@@QAEPAULEXEME_DESC@@XZ
?GetValue@CRegValue@@QAE?AVCMultiString@@PBDAAV2@@Z
?GetValue@CRegValue@@QAE?AVCStringLite@@PBD0@Z
?GetValue@CRegValue@@QAEKPBDKK@Z
?GetValue@CTextFile@@SAHPBDAAKK@Z
?GetVxdVersion@CFileVersion@@CAHPADPAKPAX@Z
?GetVxdVersionInfo@CFileVersion@@CAHPADKPAX@Z
?GetVxdVersionInfoSize@CFileVersion@@CAKPAD@Z
?Home@CTextFile@@QAEXXZ
?Init@CFormulaLexicalAnalyzer@@QAEXXZ
?Init@CMultiString@@QAEXPBD@Z
?Init@CTaskSchedulerInterface@@QAEHXZ
?InitJumpTable@CLexicalAnalyzer@@QAEJG@Z
?InitLexemePriority@CFormulaTranslator@@AAEKPAULEXEME_DESC@@@Z
?InitMulti@CMultiString@@QAEXPBD@Z
?InitTable@CCRC32@@QAEXXZ
?IsConstFltLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsConstIntLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsConstLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsEmpty@CMultiString@@QAEHXZ
?IsEmpty@CPtrListLite@@QAEHXZ
?IsEmpty@CStringLite@@QBEHXZ
?IsFltValue@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@@Z
?IsFltValue@CFormulaTranslator@@QAEHXZ
?IsInRange@CTextFile@@SAHKPBD@Z
?IsIntValue@CFormulaTranslator@@AAEHPAUFORMULATRANSLATOR_VALUE_DESC@@@Z
?IsIntValue@CFormulaTranslator@@QAEHXZ
?IsOperationBracketLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsOperationCloseBracketLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsOperationLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsOperationOpenBracketLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsTaskExist@CTaskSchedulerInterface@@QAEHPBD@Z
?IsVarLexeme@CFormulaLexicalAnalyzer@@QAEHPAULEXEME_DESC@@@Z
?IsWindows2000@COSVersion@@QAEHXZ
?IsWindows2000OrLater@COSVersion@@QAEHXZ
?IsWindows7@COSVersion@@QAEHXZ
?IsWindows7OrLater@COSVersion@@QAEHXZ
?IsWindows95@COSVersion@@QAEHXZ
?IsWindows98@COSVersion@@QAEHXZ
?IsWindows98OrLater@COSVersion@@QAEHXZ
?IsWindows9x@COSVersion@@QAEHXZ
?IsWindowsME@COSVersion@@QAEHXZ
?IsWindowsNT4@COSVersion@@QAEHXZ
?IsWindowsNT4OrLater@COSVersion@@QAEHXZ
?IsWindowsNT@COSVersion@@QAEHXZ
?IsWindowsVista@COSVersion@@QAEHXZ
?IsWindowsVistaOrLater@COSVersion@@QAEHXZ
?IsWindowsXP64OrLater@COSVersion@@QAEHXZ
?IsWindowsXP@COSVersion@@QAEHXZ
?IsWindowsXPOrLater@COSVersion@@QAEHXZ
?IsWow64Process@CWOW64@@SAHPAXPAH@Z
?KillTable@CCRC32@@QAEXXZ
?Left@CStringLite@@QBE?AV1@H@Z
?MakeLower@CStringLite@@QAEXXZ
?MakeUpper@CStringLite@@QAEXXZ
?MarkReachabilityHelper@CLexicalAnalyzer@@AAEXPAEG@Z
?Mid@CStringLite@@QBE?AV1@HH@Z
?OnStateChange@CFormulaLexicalAnalyzer@@EAEJGGD@Z
?Open@CTextFile@@QAEHPBD@Z
?Peek@CPtrStack@@QAEPAXXZ
?Pop@CPtrStack@@QAEPAXXZ
?PostAnalyze@CFormulaLexicalAnalyzer@@EAEJH@Z
?PreAnalyze@CFormulaLexicalAnalyzer@@EAEJXZ
?Precache@CTextFile@@QAEXPBD@Z
?Precache@CTextFile@@QAEXXZ
?PrecacheSections@CTextFile@@QAEXXZ
?Push@CPtrStack@@QAEXPAX@Z
?PushVal@CFormulaTranslator@@AAEXKJ@Z
?PushVar@CFormulaTranslator@@AAEHPBD@Z
?QueryValue@CRegValue@@QAEHPBDAAKK@Z
?QueryValueEx@CRegValue@@QAEHPBDPAEAAK2@Z
?ReadSection@CTextFile@@UAEHPBDAAVCStringLite@@@Z
?ReadSectionParam@CTextFile@@UAE?AVCStringLite@@PBD00@Z
?ReadSectionParam@CTextFile@@UAEHPBD0AAVCStringLite@@@Z
?ReadString@CTextFile@@QAEHAAVCStringLite@@@Z
?RemoveAll@CPtrListLite@@QAEXXZ
?RemoveAt@CPtrListLite@@QAEXPAUPTR_LIST_NODE@@@Z
?Replace@CStringLite@@QAEHPBD0@Z
?ResetLexemeStr@CLexicalAnalyzer@@QAEXXZ
?Right@CStringLite@@QBE?AV1@H@Z
?SetFilename@CLog@@QAEXPBD@Z
?SetHeaderFlags@CLog@@QAEXK@Z
?SetIndent@CLog@@QAEXK@Z
?SetLexemeStr@CLexicalAnalyzer@@QAEXD@Z
?SetRegistryKey@CRegValue@@QAEXPAUHKEY__@@PBD@Z
?SetSamDesired@CRegValue@@QAEXK@Z
?SetValue@CRegValue@@QAEHPBD0@Z
?SetValue@CRegValue@@QAEHPBDKK@Z
?SetValueEx@CRegValue@@QAEHPBDPAEKK@Z
?SetVariableProvider@CFormulaTranslator@@QAEXPAVCFormulaTranslatorVariableProvider@@@Z
?Sort@CPtrListLite@@QAEXHP6AHPAUPTR_LIST_NODE@@0@Z@Z
?SortLexemesHelper@CFormulaTranslator@@CAHPAUPTR_LIST_NODE@@0@Z
?StrToDWORD@CFileVersion@@SAKPBD@Z
?StripComments@CTextFile@@QAEHAAVCStringLite@@@Z
?SubIndent@CLog@@QAEKK@Z
?SwapWithNext@CPtrListLite@@QAEXPAUPTR_LIST_NODE@@@Z
?SwapWithPrev@CPtrListLite@@QAEXPAUPTR_LIST_NODE@@@Z
?Translate@CFormulaTranslator@@QAEJPBD@Z
?TrimLeft@CStringLite@@QAEXD@Z
?TrimLeft@CStringLite@@QAEXPBD@Z
?TrimLeft@CStringLite@@QAEXXZ
?TrimRight@CStringLite@@QAEXD@Z
?TrimRight@CStringLite@@QAEXPBD@Z
?TrimRight@CStringLite@@QAEXXZ
?Uninit@CConfigCache@@QAEXXZ
?Uninit@CMultiString@@QAEXXZ
?Uninit@CTaskSchedulerInterface@@QAEXXZ
?UninitCharset@CLexicalAnalyzer@@QAEXXZ
?UninitJumpTable@CLexicalAnalyzer@@QAEXXZ
?ValidateJumpTable@CLexicalAnalyzer@@QAEJXZ
?Wow64DisableWow64FsRedirection@CWOW64@@SAHPAPAX@Z
?Wow64RevertWow64FsRedirection@CWOW64@@SAHPAX@Z
?WritePrivateProfileStringA@CConfigCache@@QAEHPBD000@Z
?g_hRTFCDLL@@3PAUHINSTANCE__@@A
?helper_AppendBuf@CStringLite@@IAEXD@Z
?helper_AppendBuf@CStringLite@@IAEXPBD@Z
?helper_FreeBuf@CStringLite@@IAEXXZ
?helper_InitBuf@CStringLite@@IAEXD@Z
?helper_InitBuf@CStringLite@@IAEXPBD@Z
?helper_InitBuf@CStringLite@@IAEXPBDH@Z
?strtok@CTokenString@@QAEPADPBD0@Z
?strtokex@CTokenString@@QAEPADPBD0@Z

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTMUI.dll
.dll windows:6 windows x86 arch:x86

43e8d250d4c3553f3fb27a3edbaa43aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\RTMUISDK\lib\free\RTMUI.pdb

Imports

shlwapi

PathRemoveFileSpecA

rtfc

?GetParam@CTextFile@@SAHHPBDAAVCStringLite@@0H@Z
?Calc@CCRC32@@QAEKKPBD@Z
??0CStringLite@@QAE@XZ
??1CCRC32@@UAE@XZ
??0CCRC32@@QAE@XZ
??1CStringLite@@UAE@XZ

mfc140

ord9167
ord2758
ord13677
ord6193
ord12074
ord7459
ord6581
ord3924
ord2524
ord4218
ord8705
ord2210
ord13855
ord13856
ord12984
ord13854
ord11850
ord7346
ord917
ord914
ord916
ord6354
ord13644
ord8934
ord11182
ord10969
ord8999
ord11280
ord10519
ord11117
ord11877
ord11880
ord11878
ord11879
ord6283
ord1406
ord10948
ord12159
ord7592
ord4870
ord2759
ord13681
ord6195
ord7347
ord922
ord2680
ord3232
ord6222
ord4100
ord10447
ord1409
ord12160
ord2592
ord9210
ord3049
ord9182
ord14702
ord7593
ord1692
ord14334
ord14328
ord12372
ord974
ord13883
ord13199
ord1447
ord6569
ord554
ord8467
ord1654
ord12541
ord6153
ord1183
ord5398
ord10963
ord7637
ord2022
ord3897
ord485
ord2263
ord2370
ord8188
ord8426
ord4869
ord5930
ord8732
ord14054
ord7783
ord14048
ord5858
ord9166
ord12163
ord6821
ord983
ord3256
ord3361
ord1458
ord7611
ord11343
ord12067
ord12115
ord3363
ord3364
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord4841
ord3230
ord2241
ord14571
ord12348
ord14518
ord12291
ord2894
ord4796
ord11917
ord1446
ord14592
ord973
ord4807
ord12706
ord2986
ord5898
ord1696
ord1529
ord1526
ord1044
ord310
ord300
ord305
ord316
ord3005
ord6724
ord2387
ord10421
ord4084
ord458
ord3395
ord3396
ord3159
ord460
ord7076
ord3298
ord3295
ord10207
ord8173
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord12032
ord3830
ord3825
ord11881
ord14502
ord8922
ord6947
ord10950
ord9213
ord3259
ord13798
ord12205
ord2376
ord2381
ord2383
ord266
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord1109
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord3933
ord4911
ord4972
ord4493
ord5769
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord11663
ord12969
ord2860
ord8997
ord13628
ord5911
ord2251
ord5401
ord1509
ord1507
ord924

kernel32

GetCurrentThreadId
GetLocalTime
FreeLibrary
LoadLibraryA
GetPrivateProfileIntA
EnterCriticalSection
MultiByteToWideChar
RaiseException
OutputDebugStringW
WideCharToMultiByte
GetACP
GetPrivateProfileStringA
LeaveCriticalSection
LoadResource
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetProcAddress
GetModuleFileNameA
FindResourceA
LockResource
GetLastError

user32

DestroyIcon
LoadImageA
EnableWindow
InvalidateRect
GetClientRect
LoadMenuW
SendMessageA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetWindowRect
GetWindow
IsWindow
IsWindowVisible
GetDlgCtrlID
GetCursorPos
ClientToScreen
ScreenToClient
PtInRect
GetClassNameA
MapDialogRect
GetSystemMetrics
GetMenuState
GetSubMenu
GetMenuItemID
ModifyMenuA
GetDC
ReleaseDC
GetWindowLongA
GetParent
MonitorFromPoint
UnregisterClassA
WindowFromPoint

gdi32

GetDeviceCaps

oleaut32

SysFreeString

vcruntime140

strstr
__CxxFrameHandler3
__std_terminate
memset
__current_exception
__current_exception_context
_except_handler4_common
__std_type_info_destroy_list
memmove

api-ms-win-crt-string-l1-1-0

_stricmp
strcpy_s

api-ms-win-crt-heap-l1-1-0

free
calloc
_recalloc

api-ms-win-crt-filesystem-l1-1-0

_findnext64i32
_findfirst64i32
_access
_findclose

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
terminate
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo
_errno
_execute_onexit_table

Exports

Exports

??0?$CList@PAULANGUAGE_DESC@@PAU1@@@QAE@H@Z
??0?$CList@PAULOCALIZED_STRING@@PAU1@@@QAE@H@Z
??0?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAE@H@Z
??0CLocalizationManager@@QAE@XZ
??0CLocalizedDialog@@IAE@XZ
??0CLocalizedDialog@@QAE@IPAVCWnd@@@Z
??0CLocalizedMenu@@QAE@XZ
??0CLocalizedPropertyPage@@QAE@II@Z
??0CLocalizedPropertyPage@@QAE@PBDI@Z
??0CLocalizedPropertyPage@@QAE@XZ
??0CLocalizedPropertySheet@@QAE@IPAVCWnd@@I@Z
??0CLocalizedPropertySheet@@QAE@PBDPAVCWnd@@I@Z
??0CLocalizedStringDifferenceList@@QAE@XZ
??0CLocalizedStringList@@QAE@XZ
??0CLocalizedTooltip@@QAE@XZ
??0CToolTipCtrlEx@@QAE@XZ
??1?$CList@PAULANGUAGE_DESC@@PAU1@@@UAE@XZ
??1?$CList@PAULOCALIZED_STRING@@PAU1@@@UAE@XZ
??1?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@UAE@XZ
??1CLocalizationManager@@UAE@XZ
??1CLocalizedDialog@@MAE@XZ
??1CLocalizedMenu@@UAE@XZ
??1CLocalizedPropertyPage@@UAE@XZ
??1CLocalizedPropertySheet@@UAE@XZ
??1CLocalizedStringDifferenceList@@UAE@XZ
??1CLocalizedStringList@@UAE@XZ
??1CLocalizedTooltip@@UAE@XZ
??1CToolTipCtrlEx@@UAE@XZ
??_7?$CList@PAULANGUAGE_DESC@@PAU1@@@6B@
??_7?$CList@PAULOCALIZED_STRING@@PAU1@@@6B@
??_7?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@6B@
??_7CLocalizationManager@@6B@
??_7CLocalizedDialog@@6B@
??_7CLocalizedMenu@@6B@
??_7CLocalizedPropertyPage@@6B@
??_7CLocalizedPropertySheet@@6B@
??_7CLocalizedStringDifferenceList@@6B@
??_7CLocalizedStringList@@6B@
??_7CLocalizedTooltip@@6B@
??_7CToolTipCtrlEx@@6B@
??_F?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXXZ
??_F?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXXZ
??_F?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXXZ
?ANSIToUTF8@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDI@Z
?ANSIToUTF8@CLocalizationManager@@QAEXAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?Add@CLocalizedStringDifferenceList@@QAEXPBDPAULOCALIZED_STRING@@@Z
?Add@CLocalizedStringList@@QAEHPBDJJ0IKJJ@Z
?AddHead@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAU__POSITION@@PAULANGUAGE_DESC@@@Z
?AddHead@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXPAV1@@Z
?AddHead@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAU__POSITION@@PAULOCALIZED_STRING@@@Z
?AddHead@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXPAV1@@Z
?AddHead@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAU__POSITION@@PAULOCALIZED_STRING_DIFFERENCE@@@Z
?AddHead@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXPAV1@@Z
?AddLanguageDesc@CLocalizationManager@@QAEXPBD@Z
?AddTail@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAU__POSITION@@PAULANGUAGE_DESC@@@Z
?AddTail@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXPAV1@@Z
?AddTail@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAU__POSITION@@PAULOCALIZED_STRING@@@Z
?AddTail@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXPAV1@@Z
?AddTail@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAU__POSITION@@PAULOCALIZED_STRING_DIFFERENCE@@@Z
?AddTail@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXPAV1@@Z
?AllocateLocalizedTooltip@CLocalizationManager@@QAEPAVCLocalizedTooltip@@XZ
?AppendLog@CLocalizationManager@@QAEXV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@H0HK@Z
?AreTooltipsEnabled@CLocalizationManager@@QAEHXZ
?Compare@CLocalizationManager@@QAEXPBD@Z
?CompareFileSystem@CLocalizationManager@@QAEXPBD0K@Z
?CompareFileSystemHelper@CLocalizationManager@@QAEXPBD00KPAK@Z
?CreateObject@CLocalizedDialog@@SGPAVCObject@@XZ
?CreateObject@CLocalizedPropertyPage@@SGPAVCObject@@XZ
?DefWindowProcA@CLocalizedDialog@@MAEJIIJ@Z
?DefWindowProcA@CLocalizedPropertyPage@@MAEJIIJ@Z
?DefWindowProcA@CLocalizedPropertySheet@@MAEJIIJ@Z
?Destroy@CLocalizedStringDifferenceList@@QAEXXZ
?Destroy@CLocalizedStringList@@QAEXXZ
?DoDataExchange@CLocalizedDialog@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CLocalizedPropertyPage@@MAEXPAVCDataExchange@@@Z
?Enable@CLocalizedTooltip@@QAEXH@Z
?EnableScroll@CLocalizedPropertyPage@@QAEXH@Z
?EnableScroll@CLocalizedPropertySheet@@QAEXH@Z
?EnableTooltips@CLocalizationManager@@QAEXH@Z
?Find@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEPAU__POSITION@@PAULANGUAGE_DESC@@PAU2@@Z
?Find@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEPAU__POSITION@@PAULOCALIZED_STRING@@PAU2@@Z
?Find@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEPAU__POSITION@@PAULOCALIZED_STRING_DIFFERENCE@@PAU2@@Z
?Find@CLocalizationManager@@QAEPAULANGUAGE_DESC@@PBD@Z
?FindIndex@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEPAU__POSITION@@H@Z
?FreeNode@?$CList@PAULANGUAGE_DESC@@PAU1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@PAULOCALIZED_STRING@@PAU1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@IAEXPAUCNode@1@@Z
?Get@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDAAJ10I@Z
?Get@CLocalizedStringList@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AAJ1PBDI11@Z
?GetAllocateLocalizedTooltip@CLocalizationManager@@QAEP6APAVCLocalizedTooltip@@XZXZ
?GetAt@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@PAU__POSITION@@@Z
?GetAt@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEABQAULANGUAGE_DESC@@PAU__POSITION@@@Z
?GetAt@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEAAPAULOCALIZED_STRING@@PAU__POSITION@@@Z
?GetAt@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEABQAULOCALIZED_STRING@@PAU__POSITION@@@Z
?GetAt@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEAAPAULOCALIZED_STRING_DIFFERENCE@@PAU__POSITION@@@Z
?GetAt@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEABQAULOCALIZED_STRING_DIFFERENCE@@PAU__POSITION@@@Z
?GetCodepage@CLocalizationManager@@QAEIXZ
?GetCount@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEHXZ
?GetCount@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEHXZ
?GetCount@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEHXZ
?GetCreator@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetCreatorEmail@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetCreatorICQ@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetDebugFlags@CLocalizationManager@@QAEKXZ
?GetDpi@@YAIPAUHWND__@@@Z
?GetFolder@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetHead@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@XZ
?GetHead@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEABQAULANGUAGE_DESC@@XZ
?GetHead@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEAAPAULOCALIZED_STRING@@XZ
?GetHead@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEABQAULOCALIZED_STRING@@XZ
?GetHead@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEAAPAULOCALIZED_STRING_DIFFERENCE@@XZ
?GetHead@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEABQAULOCALIZED_STRING_DIFFERENCE@@XZ
?GetHeadPosition@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEPAU__POSITION@@XZ
?GetHeadPosition@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEPAU__POSITION@@XZ
?GetHeadPosition@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEPAU__POSITION@@XZ
?GetHelpFilePath@CLocalizedTooltip@@UAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?GetID@CLocalizationManager@@QAEPBDXZ
?GetLabel@CLocalizedPropertyPage@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetLanguage@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?GetMessageMap@CLocalizedDialog@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CLocalizedPropertyPage@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CLocalizedPropertySheet@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CToolTipCtrlEx@@MBEPBUAFX_MSGMAP@@XZ
?GetNext@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@AAPAU__POSITION@@@Z
?GetNext@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEABQAULANGUAGE_DESC@@AAPAU__POSITION@@@Z
?GetNext@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEAAPAULOCALIZED_STRING@@AAPAU__POSITION@@@Z
?GetNext@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEABQAULOCALIZED_STRING@@AAPAU__POSITION@@@Z
?GetNext@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEAAPAULOCALIZED_STRING_DIFFERENCE@@AAPAU__POSITION@@@Z
?GetNext@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEABQAULOCALIZED_STRING_DIFFERENCE@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEABQAULANGUAGE_DESC@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEAAPAULOCALIZED_STRING@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEABQAULOCALIZED_STRING@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEAAPAULOCALIZED_STRING_DIFFERENCE@@AAPAU__POSITION@@@Z
?GetPrev@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEABQAULOCALIZED_STRING_DIFFERENCE@@AAPAU__POSITION@@@Z
?GetResourceFilePath@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD0@Z
?GetRuntimeClass@CLocalizedDialog@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CLocalizedPropertyPage@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CLocalizedPropertySheet@@UBEPAUCRuntimeClass@@XZ
?GetSize@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEHXZ
?GetSize@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEHXZ
?GetSize@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEHXZ
?GetTail@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@XZ
?GetTail@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEABQAULANGUAGE_DESC@@XZ
?GetTail@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEAAPAULOCALIZED_STRING@@XZ
?GetTail@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEABQAULOCALIZED_STRING@@XZ
?GetTail@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEAAPAULOCALIZED_STRING_DIFFERENCE@@XZ
?GetTail@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEABQAULOCALIZED_STRING_DIFFERENCE@@XZ
?GetTailPosition@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEPAU__POSITION@@XZ
?GetTailPosition@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEPAU__POSITION@@XZ
?GetTailPosition@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEPAU__POSITION@@XZ
?GetTemplateName@CLocalizedDialog@@QAEPBDXZ
?GetThisClass@CLocalizedDialog@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CLocalizedPropertyPage@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CLocalizedPropertySheet@@SGPAUCRuntimeClass@@XZ
?GetThisMessageMap@CLocalizedDialog@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CLocalizedPropertyPage@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CLocalizedPropertySheet@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CToolTipCtrlEx@@KGPBUAFX_MSGMAP@@XZ
?GetTooltipID@CLocalizedTooltip@@UAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@HH@Z
?Init@CLocalizationManager@@QAEXPBD0K@Z
?Init@CLocalizedTooltip@@QAEXPAVCWnd@@@Z
?InitToolTipText@CLocalizedTooltip@@QAEXHH@Z
?InsertAfter@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULANGUAGE_DESC@@@Z
?InsertAfter@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULOCALIZED_STRING@@@Z
?InsertAfter@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULOCALIZED_STRING_DIFFERENCE@@@Z
?InsertBefore@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULANGUAGE_DESC@@@Z
?InsertBefore@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULOCALIZED_STRING@@@Z
?InsertBefore@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAU__POSITION@@PAU2@PAULOCALIZED_STRING_DIFFERENCE@@@Z
?IsEmpty@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEHXZ
?IsEmpty@?$CList@PAULOCALIZED_STRING@@PAU1@@@QBEHXZ
?IsEmpty@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QBEHXZ
?IsInitialized@CLocalizationManager@@QAEHXZ
?LoadMenuA@CLocalizedMenu@@QAEHI@Z
?LoadStringA@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@I@Z
?LoadStringA@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?LoadStringA@@YAHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AAJ1PBDI@Z
?LoadTooltip@CLocalizedTooltip@@UAEXPBD@Z
?Localize@@YAXPAVCMenu@@@Z
?Localize@@YAXPAVCWnd@@@Z
?LockSetModified@CLocalizedPropertyPage@@QAEXH@Z
?NewNode@?$CList@PAULANGUAGE_DESC@@PAU1@@@IAEPAUCNode@1@PAU21@0@Z
?NewNode@?$CList@PAULOCALIZED_STRING@@PAU1@@@IAEPAUCNode@1@PAU21@0@Z
?NewNode@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@IAEPAUCNode@1@PAU21@0@Z
?OnAdjustHeight@CLocalizedPropertySheet@@UAEXXZ
?OnCreate@CLocalizedPropertyPage@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDpiChange@CLocalizedPropertyPage@@UAEXXZ
?OnGetMinMaxInfo@CLocalizedPropertySheet@@IAEXPAUtagMINMAXINFO@@@Z
?OnInitDialog@CLocalizedDialog@@MAEHXZ
?OnInitDialog@CLocalizedPropertyPage@@MAEHXZ
?OnInitDialog@CLocalizedPropertySheet@@MAEHXZ
?OnMouseMove@CLocalizedDialog@@IAEXIVCPoint@@@Z
?OnMouseMove@CLocalizedPropertyPage@@IAEXIVCPoint@@@Z
?OnMouseMove@CLocalizedTooltip@@QAEXIVCPoint@@@Z
?OnPreTranslateMessage@CLocalizedTooltip@@QAEXPAUtagMSG@@@Z
?OnSize@CLocalizedPropertyPage@@IAEXIHH@Z
?OnSize@CLocalizedPropertySheet@@IAEXIHH@Z
?OnToolTipText@CLocalizedDialog@@IAEHIPAUtagNMHDR@@PAJ@Z
?OnToolTipText@CLocalizedPropertyPage@@IAEHIPAUtagNMHDR@@PAJ@Z
?OnToolTipText@CLocalizedTooltip@@QAEHIPAUtagNMHDR@@PAJ@Z
?OnVScroll@CLocalizedPropertyPage@@IAEXIIPAVCScrollBar@@@Z
?OnWindowFromPoint@CToolTipCtrlEx@@IAEJIJ@Z
?PostLoadTooltip@CLocalizedTooltip@@UAEXPBD@Z
?PreTranslateMessage@CLocalizedDialog@@MAEHPAUtagMSG@@@Z
?PreTranslateMessage@CLocalizedPropertyPage@@MAEHPAUtagMSG@@@Z
?PrepareTooltips@CLocalizedTooltip@@QAEXXZ
?RedrawChild@CLocalizedDialog@@QAEXI@Z
?RemoveAll@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXXZ
?RemoveAll@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXXZ
?RemoveAll@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXXZ
?RemoveAt@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXPAU__POSITION@@@Z
?RemoveAt@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXPAU__POSITION@@@Z
?RemoveAt@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXPAU__POSITION@@@Z
?RemoveHead@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAULANGUAGE_DESC@@XZ
?RemoveHead@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAULOCALIZED_STRING@@XZ
?RemoveHead@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAULOCALIZED_STRING_DIFFERENCE@@XZ
?RemoveTail@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEPAULANGUAGE_DESC@@XZ
?RemoveTail@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEPAULOCALIZED_STRING@@XZ
?RemoveTail@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEPAULOCALIZED_STRING_DIFFERENCE@@XZ
?RepositionChildren@CLocalizedPropertySheet@@QAEXHH@Z
?ResetScrollbars@CLocalizedPropertyPage@@QAEXXZ
?Save@CLocalizedStringDifferenceList@@QAEXPAVCStringArray@@@Z
?Serialize@?$CList@PAULANGUAGE_DESC@@PAU1@@@UAEXAAVCArchive@@@Z
?Serialize@?$CList@PAULOCALIZED_STRING@@PAU1@@@UAEXAAVCArchive@@@Z
?Serialize@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@UAEXAAVCArchive@@@Z
?SetAllocateLocalizedTooltip@CLocalizationManager@@QAEXP6APAVCLocalizedTooltip@@XZ@Z
?SetAt@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEXPAU__POSITION@@PAULANGUAGE_DESC@@@Z
?SetAt@?$CList@PAULOCALIZED_STRING@@PAU1@@@QAEXPAU__POSITION@@PAULOCALIZED_STRING@@@Z
?SetAt@?$CList@PAULOCALIZED_STRING_DIFFERENCE@@PAU1@@@QAEXPAU__POSITION@@PAULOCALIZED_STRING_DIFFERENCE@@@Z
?SetDpiAware@@YAHK@Z
?SetModifiedLockable@CLocalizedPropertyPage@@QAEXH@Z
?SetTargetWnd@CToolTipCtrlEx@@QAEXPAVCWnd@@@Z
?SetupScrollbars@CLocalizedPropertyPage@@QAEXXZ
?UTF8ToANSI@CLocalizationManager@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDI@Z
?UTF8ToANSI@CLocalizationManager@@QAEXAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?Uninit@CLocalizationManager@@QAEXXZ
?_GetBaseClass@CLocalizedDialog@@KGPAUCRuntimeClass@@XZ
?_GetBaseClass@CLocalizedPropertyPage@@KGPAUCRuntimeClass@@XZ
?_GetBaseClass@CLocalizedPropertySheet@@KGPAUCRuntimeClass@@XZ
?_GetDpiForMonitor@@YAIPAUHMONITOR__@@@Z
?_GetDpiForWindow@@YAIPAUHWND__@@@Z
?_GetSystemMetricsForDpi@@YAHHI@Z
?classCLocalizedDialog@CLocalizedDialog@@2UCRuntimeClass@@B
?classCLocalizedPropertyPage@CLocalizedPropertyPage@@2UCRuntimeClass@@B
?classCLocalizedPropertySheet@CLocalizedPropertySheet@@2UCRuntimeClass@@B
?g_dwDpiAware@@3KA
?g_localizationManager@@3VCLocalizationManager@@A

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTSS.dat
RTSS.exe
.exe windows:6 windows x86 arch:x86

6e60f5092dcac0a12de08cbf6e1e3fcd

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5d:aa:74:56:fb:71:d4:06:aa:ee:89:0e:9d:fe:2e:26:6b:06:f4:50
Signer

Actual PE Digest

5d:aa:74:56:fb:71:d4:06:aa:ee:89:0e:9d:fe:2e:26:6b:06:f4:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\RTSS736\RTSS\Release\RTSS.pdb

Imports

dinput8

DirectInput8Create

shlwapi

PathIsRelativeA
PathRenameExtensionA
PathRemoveFileSpecA
PathStripPathA

rtfc

?AddTask@CTaskSchedulerInterface@@QAEHPBD000@Z
?Uninit@CTaskSchedulerInterface@@QAEXXZ
?Init@CTaskSchedulerInterface@@QAEHXZ
??H@YA?AVCStringLite@@PBDABV0@@Z
??YCStringLite@@QAEABV0@ABV0@@Z
??YCStringLite@@QAEABV0@PBD@Z
??1CFileVersion@@UAE@XZ
??0CFileVersion@@QAE@XZ
?GetStr@CFileVersion@@SA?AVCStringLite@@PBD@Z
?DeleteValue@CRegValue@@QAEHPBD@Z
?GetValue@CRegValue@@QAE?AVCStringLite@@PBD0@Z
?GetValue@CTextFile@@SAHPBDAAKK@Z
?IsWow64Process@CWOW64@@SAHPAXPAH@Z
?ReadSection@CTextFile@@UAEHPBDAAVCStringLite@@@Z
?ReadSectionParam@CTextFile@@UAE?AVCStringLite@@PBD00@Z
??1CTextFile@@UAE@XZ
??0CTextFile@@QAE@XZ
?Precache@CTextFile@@QAEXPBD@Z
?DeleteTask@CTaskSchedulerInterface@@QAEHPBD@Z
?GetParam@CTextFile@@SAHHPBDAAVCStringLite@@0H@Z
??4CStringLite@@QAEABV0@PBD@Z
??1CRegValue@@UAE@XZ
??0CRegValue@@QAE@XZ
?SetValue@CRegValue@@QAEHPBD0@Z
?SetRegistryKey@CRegValue@@QAEXPAUHKEY__@@PBD@Z
??1CTokenString@@UAE@XZ
??0CTokenString@@QAE@XZ
?strtok@CTokenString@@QAEPADPBD0@Z
?IsWindowsVistaOrLater@COSVersion@@QAEHXZ
?ReadSectionParam@CTextFile@@UAEHPBD0AAVCStringLite@@@Z
?IsEmpty@CStringLite@@QBEHXZ
??H@YA?AVCStringLite@@ABV0@PBD@Z
??0CStringLite@@QAE@PBD@Z
??0CStringLite@@QAE@XZ
??1COSVersion@@UAE@XZ
?IsWindows9x@COSVersion@@QAEHXZ
??1CStringLite@@UAE@XZ
?IsTaskExist@CTaskSchedulerInterface@@QAEHPBD@Z
??1CTaskSchedulerInterface@@UAE@XZ
??0CTaskSchedulerInterface@@QAE@XZ
??0CStringLite@@QAE@PBDH@Z
??0COSVersion@@QAE@XZ

rtui

?CreateTimer@CSkinnedWnd@@QAEKK@Z
?OnKillFocus@CSkinnedSlider@@UAEXXZ
?GetIndicatorValue@CSkinnedSlider@@UAEMK@Z
?HitTest@CSkinnedSlider@@UAEHVCPoint@@K@Z
?GetClassNameA@CSkinnedSlider@@UAE?AVCStringLite@@XZ
?OnLButtonDown@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnKeyDown@CSkinnedSlider@@UAEXIII@Z
?OnKeyUp@CSkinnedSlider@@UAEXIII@Z
?Draw@CSkinnedSlider@@UAEXPAVCDIB@@0@Z
??1CSkinnedSlider@@UAE@XZ
??0CSkinnedSlider@@QAE@XZ
?GetPos@CSkinnedSlider@@QAEJXZ
?SetPos@CSkinnedSlider@@QAEXJ@Z
?SetRange@CSkinnedSlider@@QAEHJJ@Z
?OnCreate@CSkinnedSlider@@UAEHPAVCSkin@@PBDK1K@Z
?SetPage@CSkinnedSlider@@QAEXK@Z
?SetTimerPeriod@CSkinnedControl@@QAEXK@Z
?PauseTimer@CSkinnedControl@@QAEXH@Z
?IsKeyboardFocusCaptured@CSkinnedControl@@UAEHXZ
?OnKillKeyboardFocus@CSkinnedControl@@UAEXXZ
?OnKillFocus@CSkinnedButton@@UAEXXZ
?SetVisible@CSkinnedControl@@UAEHH@Z
?OnTimer@CSkinnedButton@@UAEXXZ
?HitTest@CSkinnedButton@@UAEHVCPoint@@K@Z
?GetClassNameA@CSkinnedButton@@UAE?AVCStringLite@@XZ
?OnLButtonDown@CSkinnedButton@@UAEXVCPoint@@@Z
?SortControls@CSkinnedWnd@@QAEXXZ
?IsKeyboardFocusCaptured@CSkinnedWnd@@QAEHXZ
?OnLButtonUp@CSkinnedButton@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedButton@@UAEXVCPoint@@@Z
?RemoveControl@CSkinnedWnd@@QAEHPAVCSkinnedControl@@@Z
?OnKeyDown@CSkinnedButton@@UAEXIII@Z
?OnKeyUp@CSkinnedControl@@UAEXIII@Z
?CreateAdditionalControls@CSkinnedWnd@@QAEHPAVCSkin@@PBDKHH@Z
?Draw@CSkinnedButton@@UAEXPAVCDIB@@0@Z
?OnCreate@CSkinnedButton@@UAEHPAVCSkin@@PBDK1K@Z
?OverrideDIBPressed@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBPressedHottrack@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBHottrack@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIB@CSkinnedButton@@QAEXPAVCDIB@@@Z
?IsCaptured@CSkinnedWnd@@QAEHXZ
?EnableRedraw@CSkinnedWnd@@QAEXH@Z
?IsRedrawEnabled@CSkinnedWnd@@QAEHXZ
?LockUpdateDIB@CSkinnedWnd@@QAEXH@Z
?Redraw@CSkinnedControl@@QAEXXZ
?UpdateDIB@CSkinnedWnd@@UAEHXZ
?UpdateDIB@CSkinnedWnd@@UAEHPAVCDC@@VCRect@@@Z
?OnReadDefaultControlDesc@CSkinnedWnd@@UAEHPAVCSkin@@PBD1K1AAVCStringLite@@@Z
?OnReadControlDesc@CSkinnedWnd@@UAEHPAVCSkin@@PBD1K1AAVCStringLite@@@Z
?SetLayout@CSkinnedWnd@@UAEHK@Z
?OnMoveWindow@CSkinnedWnd@@UAEXVCPoint@@@Z
??1CSkinnedPlaceholder@@UAE@XZ
??0CSkinnedPlaceholder@@QAE@XZ
?GetParam@CSkinnedPlaceholder@@QAEHHAAVCStringLite@@@Z
??1CSkinnedText@@UAE@XZ
??0CSkinnedText@@QAE@XZ
?GetText@CSkinnedText@@QAE?AVCStringLite@@XZ
?SetText@CSkinnedText@@QAEXPBD@Z
?SetEditMode@CSkinnedText@@QAEHH@Z
?SetEditMask@CSkinnedText@@QAEXPBD@Z
?SetEditTextLen@CSkinnedText@@QAEHH@Z
?SetEditCursor@CSkinnedText@@QAEDD@Z
?SetEditAnimationFrames@CSkinnedText@@QAEKK@Z
?IsHorizontal@CSkinnedSlider@@QAEHXZ
?GetThisMessageMap@CSkinnedWnd@@KGPBUAFX_MSGMAP@@XZ
?OnDestroy@CSkinnedWnd@@IAEXXZ
?OnTimer@CSkinnedWnd@@IAEXI@Z
?OnKeyDown@CSkinnedWnd@@IAEXIII@Z
?OnLButtonUp@CSkinnedWnd@@IAEXIVCPoint@@@Z
?OnMouseMove@CSkinnedWnd@@IAEXIVCPoint@@@Z
?OnLButtonDown@CSkinnedWnd@@IAEXIVCPoint@@@Z
??1CSkinnedWnd@@UAE@XZ
?Create@CSkinnedWnd@@UAEHPAVCSkin@@PBDK@Z
?GetLayeredWindowAlpha@CSkinnedWnd@@QAEKXZ
?AddControl@CSkinnedWnd@@QAEHPAVCSkinnedControl@@H@Z
?RedrawControls@CSkinnedWnd@@QAEXXZ
?Swap@CSkinnedWnd@@QAEHHPBD@Z
?GetIndicatorValue@CSkinnedControl@@UAEMK@Z
??0CDIBWnd@@QAE@XZ
??1CDIBWnd@@UAE@XZ
?GetThisMessageMap@CDIBWnd@@KGPBUAFX_MSGMAP@@XZ
?UpdateDIB@CDIBWnd@@UAEHXZ
?UpdateDIB@CDIBWnd@@UAEHPAVCDC@@VCRect@@@Z
?DefWindowProcA@CDIBWnd@@UAEJIIJ@Z
?ConvertHSLToRGB@CDIB@@QAEXPAK00000@Z
?ConvertRGBToHSL@CDIB@@QAEXPAK00000@Z
?NotifyParent@CSkinnedControl@@UAEXKK@Z
?Bar@CDIB@@QAEHJJJJJ@Z
?Create@CDIB@@QAEHJJGK@Z
?GetWidth@CDIB@@QAEJXZ
?GetWidthB@CDIB@@QAEJXZ
?GetHeight@CDIB@@QAEJXZ
?GetImage@CDIB@@QAEPAEXZ
??0CDIB@@QAE@XZ
??1CDIB@@UAE@XZ
?Create@CDIBWnd@@QAEHKABUtagRECT@@PAVCWnd@@I@Z
?AttachDIB@CDIBWnd@@QAEHPAVCDIB@@@Z
?ClipInt@CValueClipper@@SAHHHH@Z
?GetPixel@CDIB@@QAEHHHAAK@Z
?CreateBitmap@CDIB@@QAEPAUHBITMAP__@@PAVCDC@@@Z
?GetRect@CDIB@@QAEXPAVCRect@@@Z
?LoadImageA@CDIB@@QAEHPAD@Z
?IsSupportedFormat@CSkin@@QAEHXZ
?ReadHeaderSectionParam@CSkin@@QAEHPBD0AAVCStringLite@@@Z
?Load@CSkin@@QAEHPAVCMemFile@@@Z
?SetPath@CSkin@@QAEHPBD@Z
?Compile@CSkin@@QAEHPBDK@Z
?Decompile@CSkin@@QAEHPBDK@Z
??0CSkin@@QAE@XZ
??1CSkin@@UAE@XZ
?SetAsyncScaling@CDIBWnd@@QAEXK@Z
?SetScalingMode@CDIBWnd@@QAEXK@Z
?SetScaleFactor@CSkinnedWnd@@QAEXK@Z
?Destroy@CSkinnedWnd@@QAEXH@Z
?SetLayeredWindowMode@CSkinnedWnd@@QAEXK@Z
?SetLayeredWindowAlpha@CSkinnedWnd@@QAEXK@Z
?GetSizeB@CDIB@@QAEKXZ
?AlphaBlt@CDIB@@QAEHPAV1@0JJJJJJK@Z
?Create@CMMTimer@@QAEHIIKPAUHWND__@@IIJ@Z
?Kill@CMMTimer@@QAEXH@Z
?IsActive@CMMTimer@@QAEHXZ
?EatMessages@CMMTimer@@QAEHXZ
??0CMMTimer@@QAE@XZ
??1CMMTimer@@UAE@XZ
?Blt@CDIB@@QAEHPAV1@JJJJJJ@Z
?ConvertToTrueColor@CDIB@@QAEHXZ
?DestroyDIB@CDIB@@QAEHXZ
?GetName@CSkinnedControl@@QAEPBDXZ
?HitTest@CSkinnedWnd@@QAEPAVCSkinnedControl@@VCPoint@@K@Z
?LoadPAK@CDIB@@QAEHPAVCSZArray@@PBD@Z
?MapBitmapName@CSkin@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?IsNative@CSkin@@QAEHXZ
?GetPAK@CSkin@@QAEPAVCSZArray@@XZ
?UpdateLayeredWindowAttributes@CSkinnedWnd@@QAEXXZ
?UpdateLayeredWindow@CSkinnedWnd@@QAEXXZ
?GetLayeredWindowMode@CSkinnedWnd@@QAEKXZ
?SaveDIB@CDIB@@QAEHPAD@Z
?Uninit@CSkin@@QAEXXZ
?IsVisible@CSkinnedControl@@QAEHXZ
?Create@CSkinnedControl@@QAEHPAVCSkin@@PBDK1KH@Z
?SetID@CSkinnedControl@@QAEXK@Z
?GetID@CSkinnedControl@@QAEKXZ
?Enable@CSkinnedControl@@QAEHH@Z
?IsEnabled@CSkinnedControl@@QAEHXZ
?GetControlRect@CSkinnedControl@@QAE?AVCRect@@XZ
?SetState@CSkinnedButton@@QAEXK@Z
?SetNextState@CSkinnedButton@@QAEKXZ
?SetSpin@CSkinnedButton@@QAEXH@Z
?SetCheckbox@CSkinnedButton@@QAEXH@Z
?Press@CSkinnedButton@@QAEXH@Z
?IsPressed@CSkinnedButton@@QAEHXZ
??0CSkinnedButton@@QAE@XZ
??1CSkinnedButton@@UAE@XZ
?GetDC@CLayeredWindowDC@@QAEPAUHDC__@@XZ
?DeleteDC@CLayeredWindowDC@@QAEXXZ
??0CSkinnedWnd@@QAE@XZ
?DefWindowProcA@CSkinnedWnd@@MAEJIIJ@Z
?ClientToSkin@CSkinnedWnd@@QAE?AVCPoint@@V2@@Z
?SkinToClient@CSkinnedWnd@@QAEHH@Z
?SkinToClient@CSkinnedWnd@@QAE?AVCRect@@V2@@Z
?GetScaleFactor@CSkinnedWnd@@QAEKXZ
?GetControlByName@CSkinnedWnd@@QAEPAVCSkinnedControl@@PBD@Z

rtmui

?GetHelpFilePath@CLocalizedTooltip@@UAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?EnableTooltips@CLocalizationManager@@QAEXH@Z
?Init@CLocalizedTooltip@@QAEXPAVCWnd@@@Z
?PrepareTooltips@CLocalizedTooltip@@QAEXXZ
?OnPreTranslateMessage@CLocalizedTooltip@@QAEXPAUtagMSG@@@Z
?OnMouseMove@CLocalizedTooltip@@QAEXIVCPoint@@@Z
?OnToolTipText@CLocalizedTooltip@@QAEHIPAUtagNMHDR@@PAJ@Z
?GetNext@?$CList@PAULANGUAGE_DESC@@PAU1@@@QAEAAPAULANGUAGE_DESC@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@PAULANGUAGE_DESC@@PAU1@@@QBEPAU__POSITION@@XZ
?OnInitDialog@CLocalizedPropertyPage@@MAEHXZ
??1CLocalizedTooltip@@UAE@XZ
??0CLocalizedTooltip@@QAE@XZ
?LoadTooltip@CLocalizedTooltip@@UAEXPBD@Z
?GetTooltipID@CLocalizedTooltip@@UAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@HH@Z
?DefWindowProcA@CLocalizedPropertySheet@@MAEJIIJ@Z
?OnAdjustHeight@CLocalizedPropertySheet@@UAEXXZ
?GetThisMessageMap@CLocalizedPropertySheet@@KGPBUAFX_MSGMAP@@XZ
?OnInitDialog@CLocalizedPropertySheet@@MAEHXZ
??1CLocalizedPropertySheet@@UAE@XZ
?EnableScroll@CLocalizedPropertySheet@@QAEXH@Z
??0CLocalizedPropertySheet@@QAE@PBDPAVCWnd@@I@Z
??0CLocalizedPropertySheet@@QAE@IPAVCWnd@@I@Z
?GetThisClass@CLocalizedPropertySheet@@SGPAUCRuntimeClass@@XZ
??1CLocalizedMenu@@UAE@XZ
??0CLocalizedMenu@@QAE@XZ
?LoadMenuA@CLocalizedMenu@@QAEHI@Z
?GetThisClass@CLocalizedDialog@@SGPAUCRuntimeClass@@XZ
??0CLocalizedDialog@@QAE@IPAVCWnd@@@Z
??1CLocalizedDialog@@MAE@XZ
?DoDataExchange@CLocalizedDialog@@MAEXPAVCDataExchange@@@Z
?OnInitDialog@CLocalizedDialog@@MAEHXZ
?GetThisMessageMap@CLocalizedDialog@@KGPBUAFX_MSGMAP@@XZ
?LoadStringA@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@I@Z
?DefWindowProcA@CLocalizedDialog@@MAEJIIJ@Z
?PreTranslateMessage@CLocalizedDialog@@MAEHPAUtagMSG@@@Z
?Init@CLocalizationManager@@QAEXPBD0K@Z
?g_localizationManager@@3VCLocalizationManager@@A
?SetAllocateLocalizedTooltip@CLocalizationManager@@QAEXP6APAVCLocalizedTooltip@@XZ@Z
?Compare@CLocalizationManager@@QAEXPBD@Z
?Find@CLocalizationManager@@QAEPAULANGUAGE_DESC@@PBD@Z
?SetDpiAware@@YAHK@Z
?Localize@@YAXPAVCMenu@@@Z
?Localize@@YAXPAVCWnd@@@Z
?LoadStringA@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?GetThisClass@CLocalizedPropertyPage@@SGPAUCRuntimeClass@@XZ
??0CLocalizedPropertyPage@@QAE@II@Z
??1CLocalizedPropertyPage@@UAE@XZ
?DoDataExchange@CLocalizedPropertyPage@@MAEXPAVCDataExchange@@@Z
?g_dwDpiAware@@3KA
?GetThisMessageMap@CLocalizedPropertyPage@@KGPBUAFX_MSGMAP@@XZ
?OnDpiChange@CLocalizedPropertyPage@@UAEXXZ
?DefWindowProcA@CLocalizedPropertyPage@@MAEJIIJ@Z
?PreTranslateMessage@CLocalizedPropertyPage@@MAEHPAUtagMSG@@@Z
?GetDpi@@YAIPAUHWND__@@@Z

msimg32

GradientFill

mfc140

ord6283
ord10948
ord12706
ord2394
ord321
ord2560
ord4490
ord12821
ord8776
ord2326
ord3230
ord4841
ord2004
ord6533
ord4639
ord14291
ord3232
ord13165
ord4444
ord4100
ord1922
ord12160
ord2592
ord9210
ord3049
ord9182
ord4868
ord2344
ord13644
ord6472
ord3143
ord3332
ord5785
ord8030
ord1069
ord12529
ord6581
ord3924
ord2524
ord4218
ord8705
ord2860
ord11339
ord10421
ord1109
ord12115
ord6996
ord2251
ord2210
ord6473
ord10962
ord8996
ord5938
ord6200
ord501
ord1141
ord4085
ord5561
ord5568
ord509
ord4086
ord11928
ord998
ord7406
ord5742
ord7452
ord10202
ord1507
ord266
ord265
ord7619
ord1472
ord6836
ord1431
ord13820
ord3354
ord3240
ord6798
ord4476
ord6104
ord3830
ord10379
ord14421
ord13475
ord14149
ord12969
ord7783
ord5401
ord1000
ord3799
ord4807
ord6195
ord13681
ord2759
ord3825
ord12163
ord4870
ord7407
ord9166
ord8031
ord11927
ord5648
ord5792
ord13584
ord13574
ord12074
ord6193
ord13677
ord2758
ord9167
ord8997
ord10963
ord11343
ord4084
ord3395
ord3396
ord3159
ord3298
ord3295
ord10207
ord8173
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord12032
ord11881
ord14502
ord8922
ord6947
ord10950
ord9213
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord14380
ord12474
ord7964
ord14581
ord6322
ord14583
ord6324
ord14582
ord6323
ord993
ord11879
ord2986
ord5898
ord305
ord3005
ord14238
ord9088
ord1177
ord2751
ord14487
ord3866
ord2989
ord8704
ord4215
ord3184
ord6562
ord9332
ord5398
ord13230
ord3946
ord12863
ord8679
ord4656
ord1693
ord1529
ord3627
ord1169
ord3861
ord6553
ord2241
ord12162
ord6946
ord5826
ord13582
ord5814
ord2298
ord11850
ord9422
ord3177
ord540
ord13011
ord8326
ord8770
ord13003
ord13966
ord13234
ord13028
ord13027
ord6785
ord6460
ord358
ord6463
ord898
ord6768
ord3874
ord2520
ord4866
ord6540
ord13198
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord4911
ord4972
ord4493
ord5769
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord11663
ord13628
ord5911
ord14054
ord2680
ord12067
ord3933
ord3363
ord3364
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord3689
ord1448
ord4715
ord12555
ord2003
ord975
ord14571
ord1696
ord1044
ord316
ord12348
ord14518
ord12291
ord6724
ord2376
ord2383
ord13101
ord1447
ord13199
ord974
ord6810
ord8322
ord14328
ord1692
ord1526
ord310
ord300
ord5960
ord7475
ord9089
ord1178
ord4216
ord6563
ord1389
ord890
ord11878
ord11880
ord11877
ord11117
ord10519
ord11280
ord1106
ord8999
ord10969
ord4640
ord11182
ord8934
ord6354
ord9085
ord1068
ord3864
ord13904
ord2988
ord3856
ord450
ord2518
ord8703
ord4213
ord4865
ord3142
ord6471
ord4468
ord3685
ord3688
ord3808
ord3798
ord3796
ord4869
ord3844
ord1140
ord2880
ord1471
ord14520
ord12294
ord5862
ord11907
ord5894
ord500
ord2387
ord12870
ord366
ord2200
ord8429
ord7618
ord1468
ord8347
ord12190
ord10383
ord12869
ord12806
ord4580
ord8285
ord5336
ord10330
ord2484
ord12485
ord12484
ord14509
ord7886
ord12182
ord12191
ord14507
ord9353
ord4143
ord4582
ord8180
ord4082
ord12888
ord7905
ord11972
ord6831
ord10384
ord2027
ord8026
ord12194
ord2381
ord1509
ord1070
ord7855
ord2407

kernel32

RaiseException
OutputDebugStringW
EnterCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
ExitProcess
_lclose
OpenFile
WriteFile
ReadFile
GetFileSize
WritePrivateProfileStringA
GetLocalTime
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
MultiByteToWideChar
LocalFree
GetModuleHandleA
GetVersionExA
OpenProcess
DeleteFileA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
EnumResourceNamesA
EnumResourceTypesA
FindResourceA
SizeofResource
LockResource
LoadResource
GetModuleFileNameA
GetCurrentProcess
CreateFileMappingA
Sleep
GetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetSystemDirectoryA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ResetEvent
CloseHandle
ResumeThread
lstrlenA
lstrcatA
lstrcpyA
SetThreadPriority
SwitchToThread
CreateEventA
WaitForSingleObject
SetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryA
GetProcAddress
FreeLibrary
OpenFileMappingA
UnmapViewOfFile
MapViewOfFile
LeaveCriticalSection

user32

SendMessageA
EnableWindow
GetClientRect
GetWindowLongA
SetWindowLongA
SetCapture
ReleaseCapture
OffsetRect
GetParent
GetWindowRect
PostMessageA
IsWindowVisible
GetActiveWindow
GetForegroundWindow
GetDC
ReleaseDC
IsRectEmpty
GetAsyncKeyState
GetCapture
SetTimer
KillTimer
DrawTextA
InvalidateRgn
RedrawWindow
SetCursor
GetCursorPos
ScreenToClient
WindowFromPoint
FillRect
CopyRect
PtInRect
DestroyIcon
LoadImageA
RegisterWindowMessageA
BroadcastSystemMessageA
SetForegroundWindow
FindWindowA
ExitWindowsEx
GetSystemMetrics
MessageBoxA
EndDeferWindowPos
GetDesktopWindow
UnregisterClassA
EnumDisplayMonitors
MonitorFromWindow
EnumDisplayDevicesA
GetWindow
GetWindowThreadProcessId
AdjustWindowRectEx
SetWindowRgn
InsertMenuA
CheckMenuItem
CreatePopupMenu
LoadMenuW
IsIconic
SystemParametersInfoA
DeferWindowPos
BeginDeferWindowPos
IsWindow
SendMessageTimeoutA
LoadCursorA
GetUpdateRect
SetMenuInfo
GetMenuInfo
GetSubMenu
GetMonitorInfoA
MonitorFromPoint
GetSysColor

gdi32

SelectObject
DeleteObject
GetBitmapBits
StretchBlt
TextOutA
GetTextMetricsA
SetTextColor
SetBkColor
GetTextCharacterExtra
GetDIBits
GetCharABCWidthsA
GetCharWidth32A
DeleteDC
GetObjectA
SetBitmapBits
CreateCompatibleDC
SetStretchBltMode
StretchDIBits
CreatePen
CreateFontA
CreateSolidBrush
GetTextExtentPoint32A
GetCurrentObject
CreateRectRgn
CreateCompatibleBitmap
CombineRgn
BitBlt

advapi32

OpenProcessToken
RegEnumValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
ConvertStringSidToSidA
SetEntriesInAclA
GetNamedSecurityInfoA
SetNamedSecurityInfoA
RegDeleteValueA

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_DrawEx
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_ReplaceIcon
ord17
ImageList_BeginDrag

oleaut32

SysFreeString

wininet

InternetErrorDlg
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetSetOptionA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile

vcruntime140

memmove
__std_type_info_destroy_list
__current_exception_context
__current_exception
_except_handler4_common
_setjmp3
longjmp
__RTDynamicCast
strstr
__std_terminate
__CxxFrameHandler3
memcpy
memset

api-ms-win-crt-filesystem-l1-1-0

_splitpath_s
_access
_fullpath
_mkdir
_findfirst32
_findnext32
_findclose
remove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fwrite
fflush
ferror
fread
fopen
__stdio_common_vsprintf_s
__acrt_iob_func
_set_fmode
__p__commode
fclose
__stdio_common_vsscanf

api-ms-win-crt-string-l1-1-0

_stricmp
wcscmp
strlen
strcat_s
strcmp
strcpy_s
_strnicmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_c_exit
_invalid_parameter_noinfo
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
terminate
_set_app_type
_seh_filter_exe
_cexit
_crt_at_quick_exit
_controlfp_s
_execute_onexit_table
_register_onexit_function
_crt_atexit
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
strerror
_errno
abort

api-ms-win-crt-time-l1-1-0

_mktime64
strftime
_time32
_time64
_localtime64_s
_gmtime64

api-ms-win-crt-utility-l1-1-0

labs
abs

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode
_recalloc

api-ms-win-crt-math-l1-1-0

modf
floor
_libm_sse2_pow_precise
_except1
__setusermatherr
frexp

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-locale-l1-1-0

_setmbcp
_configthreadlocale

Exports

Exports

GetColorPreview
GetHostAppID
GetHostAppProperty
GetHostAppVersion
LocalizeMenu
LocalizeStr
LocalizeWnd
PickColor
PickColorEx

Sections

.text
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RTSSHooks.dll.copy
.dll windows:6 windows x86 arch:x86

e83d7819fef9782d0379c0ef195add4d

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:1b:f5:09:fb:9d:32:8d:f0:bf:8a:c8:a4:8a:ef:77:af:5e:66:26
Signer

Actual PE Digest

63:1b:f5:09:fb:9d:32:8d:f0:bf:8a:c8:a4:8a:ef:77:af:5e:66:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\RTSSHooks\Release\RTSSHooks.pdb

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA

shlwapi

PathRemoveExtensionA
PathRenameExtensionA
StrStrIA
PathIsRelativeA
PathStripPathA
PathMatchSpecA
PathRemoveFileSpecA
PathAddBackslashA

winmm

timeKillEvent
timeSetEvent

kernel32

CreateMutexA
SwitchToThread
CreateRemoteThread
OpenProcess
GetTickCount
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GetFileSize
ReadFile
OpenFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetVersionExA
CreateEventA
GetCurrentProcessId
SetEvent
ResetEvent
OpenEventA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
SetFilePointer
WriteFile
OutputDebugStringA
GetCurrentThreadId
GetLocalTime
_lclose
GetEnvironmentVariableA
CreateFileA
DuplicateHandle
GetLastError
SetNamedPipeHandleState
Sleep
GetCurrentProcess
GetWindowsDirectoryA
CreateFileMappingA
WaitNamedPipeA
SetWaitableTimer
CreateWaitableTimerA
GetExitCodeProcess
InterlockedCompareExchange
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
SuspendThread
GetCurrentThread
VirtualProtectEx
VirtualQueryEx
SetLastError
LoadLibraryExW
WaitForSingleObject
GetModuleHandleW
DeleteFileA
GetPrivateProfileStringA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
LocalAlloc
GetSystemDirectoryW
GetFileAttributesW
CreateFileW
lstrcmpA
LocalFree
FileTimeToSystemTime
GetModuleFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpW
ExpandEnvironmentStringsW
GetFullPathNameW
OutputDebugStringW
CreateProcessW
CreateProcessA
RaiseException
GetSystemInfo
InterlockedPushEntrySList
GetFileSizeEx
SetConsoleCtrlHandler
DeleteFileW
FlushFileBuffers
DecodePointer
RtlUnwind
ReadConsoleW
SetEndOfFile
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
CreateDirectoryW
WideCharToMultiByte
GetTimeZoneInformation
GetFileAttributesExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
MultiByteToWideChar
GetStdHandle
HeapAlloc
HeapFree
GetModuleHandleExW
GetFileType
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileExW
FindClose
TlsFree
ReleaseMutex
CloseHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetStringTypeW
HeapSize
HeapReAlloc
InterlockedFlushSList
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
LoadLibraryExA
WriteConsoleW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
TlsSetValue

user32

CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
MessageBeep
GetForegroundWindow
DestroyWindow
CreateWindowExA
RegisterClassA
PostMessageA
SendMessageTimeoutA
SendMessageA
DrawIcon
IsRectEmpty
OffsetRect
FindWindowA
IntersectRect
GetActiveWindow
GetClientRect
WindowFromDC
GetMonitorInfoA
MonitorFromWindow
GetWindowThreadProcessId
GetClassNameA
FindWindowExA
GetDC
ReleaseDC
GetCursorPos
LoadCursorA
GetIconInfo
EnumDisplaySettingsA
GetAsyncKeyState
FillRect
RegisterWindowMessageA
SubtractRect

gdi32

TextOutA
GetTextMetricsA
SetTextColor
SetBkColor
GetTextExtentPoint32A
GetTextCharacterExtra
GetCharABCWidthsA
GetCharWidth32A
CreateSolidBrush
CreateFontA
CreateCompatibleBitmap
GetDeviceGammaRamp
SelectObject
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateBitmap
BitBlt
GetStockObject

Exports

Exports

BeginRecord
CleanupPreview
CopyFontTexture
DeleteProfile
DesktopVideoCapture
EndRecord
EnumProfiles
GetFlags
GetFnOffsetCacheErr
GetFontTextureWidth
GetPreviewStats
GetProfileProperty
InitFnOffsetCache
InitPreview
InjectProcess
InstallRTSSHook
IsCaptureInProgress
IsValidFnOffsetCache
LatencyMarker
LoadProfile
PTTEvent
RenderPreviewBeginD3D9
RenderPreviewEnd
ResetProfile
SaveProfile
ScreenCapture
SetFlags
SetProfileProperty
UninstallRTSSHook
UpdateProfiles
ValidateRuntimes
VideoCapture
VideoCaptureEx
_RTSSCBTProc@12
_RTSSRemoteProc@4

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 51.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTSSHooks64.dll.copy
.dll windows:6 windows x64 arch:x64

6d77a01efa80176a594537b8b0b5c816

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3f:6c:4a:e0:ef:d0:c4:8b:a7:27:72:1f:04:5e:04:6b:50:f2:7b:ff
Signer

Actual PE Digest

3f:6c:4a:e0:ef:d0:c4:8b:a7:27:72:1f:04:5e:04:6b:50:f2:7b:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\RTSSHooks\Release\RTSSHooks.pdb

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA

shlwapi

PathRemoveExtensionA
PathRenameExtensionA
StrStrIA
PathIsRelativeA
PathStripPathA
PathMatchSpecA
PathRemoveFileSpecA
PathAddBackslashA

winmm

timeKillEvent
timeSetEvent

kernel32

CreateMutexA
SwitchToThread
CreateRemoteThread
OpenProcess
GetTickCount
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GetFileSize
ReadFile
OpenFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
FreeLibrary
GetVersionExA
CreateEventA
GetCurrentProcessId
SetEvent
ResetEvent
OpenEventA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
SetFilePointer
WriteFile
OutputDebugStringA
GetCurrentThreadId
GetLocalTime
_lclose
GetEnvironmentVariableA
CreateFileA
DuplicateHandle
GetLastError
SetNamedPipeHandleState
Sleep
GetCurrentProcess
GetWindowsDirectoryA
CreateFileMappingA
WaitNamedPipeA
SetWaitableTimer
CreateWaitableTimerA
GetExitCodeProcess
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
SuspendThread
GetCurrentThread
VirtualProtectEx
VirtualQueryEx
WaitForSingleObject
LoadLibraryExW
LoadLibraryExA
GetModuleHandleW
DeleteFileA
GetPrivateProfileStringA
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalAlloc
GetSystemDirectoryW
GetFileAttributesW
CreateFileW
lstrcmpA
LocalFree
FileTimeToSystemTime
GetModuleFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetFullPathNameW
OutputDebugStringW
CreateProcessW
CreateProcessA
RaiseException
GetSystemInfo
DeleteCriticalSection
GetFileSizeEx
SetConsoleCtrlHandler
DeleteFileW
FlushFileBuffers
ReadConsoleW
SetEndOfFile
SetStdHandle
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
CreateDirectoryW
WideCharToMultiByte
RtlUnwind
GetTimeZoneInformation
GetFileAttributesExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
MultiByteToWideChar
GetStdHandle
HeapAlloc
HeapFree
GetModuleHandleExW
GetFileType
SystemTimeToTzSpecificLocalTime
FindNextFileW
ReleaseMutex
CloseHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetStringTypeW
HeapSize
HeapReAlloc
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FindClose
SetLastError
WriteConsoleW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
FindFirstFileExW

user32

CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
MessageBeep
GetForegroundWindow
DestroyWindow
CreateWindowExA
RegisterClassA
PostMessageA
SendMessageTimeoutA
SendMessageA
DrawIcon
OffsetRect
SubtractRect
IsRectEmpty
GetActiveWindow
GetClientRect
WindowFromDC
FindWindowA
GetMonitorInfoA
MonitorFromWindow
GetWindowThreadProcessId
GetClassNameA
FindWindowExA
GetDC
ReleaseDC
GetCursorPos
LoadCursorA
GetIconInfo
EnumDisplaySettingsA
GetAsyncKeyState
FillRect
RegisterWindowMessageA
IntersectRect

gdi32

TextOutA
GetTextMetricsA
SetTextColor
SetBkColor
GetTextExtentPoint32A
GetTextCharacterExtra
GetCharABCWidthsA
GetCharWidth32A
CreateSolidBrush
CreateFontA
CreateCompatibleBitmap
GetDeviceGammaRamp
SelectObject
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateBitmap
BitBlt
GetStockObject

Exports

Exports

BeginRecord
CleanupPreview
CopyFontTexture
DeleteProfile
DesktopVideoCapture
EndRecord
EnumProfiles
GetFlags
GetFnOffsetCacheErr
GetFontTextureWidth
GetPreviewStats
GetProfileProperty
InitFnOffsetCache
InitPreview
InjectProcess
InstallRTSSHook
IsCaptureInProgress
IsValidFnOffsetCache
LatencyMarker
LoadProfile
PTTEvent
RTSSCBTProc
RTSSRemoteProc
RenderPreviewBeginD3D9
RenderPreviewEnd
ResetProfile
SaveProfile
ScreenCapture
SetFlags
SetProfileProperty
UninstallRTSSHook
UpdateProfiles
ValidateRuntimes
VideoCapture
VideoCaptureEx

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 51.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTSSHooksLoader.exe
.exe windows:6 windows x86 arch:x86

7e02abc564a4ae51a7e08111cf0aa154

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c9:48:8f:c3:3e:4e:0b:63:26:67:fb:0c:f8:df:b4:24:d9:b7:bd:1d
Signer

Actual PE Digest

c9:48:8f:c3:3e:4e:0b:63:26:67:fb:0c:f8:df:b4:24:d9:b7:bd:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\RTSS736\RTSSHooksLoader\RTSSHooksLoader\Release\RTSSHooksLoader.pdb

Imports

psapi

EnumProcesses

mfc140

ord14582
ord6324
ord14583
ord6322
ord14581
ord7964
ord12474
ord14380
ord11928
ord11927
ord2027
ord7905
ord12888
ord4082
ord4143
ord9353
ord14507
ord7886
ord14509
ord12485
ord12484
ord2484
ord5631
ord8285
ord12806
ord8347
ord8429
ord8420
ord2799
ord12948
ord11838
ord14131
ord8931
ord9165
ord8438
ord14223
ord12526
ord366
ord1070
ord1529
ord6724
ord265
ord266
ord2241
ord11671
ord11672
ord9096
ord12032
ord11881
ord14502
ord8922
ord12163
ord6947
ord6323
ord9213
ord3259
ord13798
ord12205
ord5894
ord1717
ord1739
ord1765
ord12194
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord4911
ord4972
ord4493
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord11663
ord13628
ord5911
ord2680
ord12067
ord3933
ord3364
ord3363
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5769
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord10950
ord3844
ord10207
ord9166
ord6836
ord7783
ord316
ord4870
ord1044
ord12182
ord12190
ord8180
ord12201
ord12162
ord12869
ord310
ord5742
ord10202
ord6832
ord4580
ord2344
ord11972
ord7961
ord305
ord5898
ord3005
ord300
ord10236
ord1469
ord994
ord7618
ord10330
ord6195
ord13681
ord3298
ord9422
ord3825
ord3295
ord8173
ord2759
ord14699
ord10237
ord3830
ord10383
ord7619
ord10238
ord1472
ord10239
ord1751
ord10240
ord1000
ord1509
ord5336
ord2407

kernel32

OpenProcess
GetModuleHandleA
CloseHandle
GetModuleFileNameA
CreateFileMappingA
GetLastError
InitializeCriticalSectionEx
OutputDebugStringW
DeleteCriticalSection
GetPrivateProfileStringA
GetProcAddress
GetSystemTimeAsFileTime
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
InitializeSListHead
LoadLibraryA
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess

user32

FindWindowA
RegisterWindowMessageA
EnableWindow
SendMessageTimeoutA
LoadCursorA
PostMessageA
GetDesktopWindow
GetWindowThreadProcessId
GetWindow

comctl32

InitCommonControlsEx

shlwapi

PathStripPathA
PathRemoveFileSpecA

vcruntime140

memset
__current_exception
__current_exception_context
_except_handler4_common
__CxxFrameHandler3

api-ms-win-crt-string-l1-1-0

strpbrk
strcpy_s
_stricmp
strcat_s

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-runtime-l1-1-0

_get_narrow_winmain_command_line
_controlfp_s
terminate
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_exit
exit
_initterm_e
_initterm
_initialize_onexit_table
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTSSHooksLoader64.exe
.exe windows:6 windows x64 arch:x64

da0e0fffa770290df3b503f45fd36b48

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cb:19:8e:7c:ea:40:58:06:67:bd:05:c5:f6:5d:57:20:06:98:de:e1
Signer

Actual PE Digest

cb:19:8e:7c:ea:40:58:06:67:bd:05:c5:f6:5d:57:20:06:98:de:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\RTSS736\RTSSHooksLoader\RTSSHooksLoader\Release\RTSSHooksLoader.pdb

Imports

psapi

EnumProcesses

mfc140

ord2004
ord7637
ord12571
ord3941
ord4002
ord9049
ord14133
ord7619
ord14135
ord12171
ord12170
ord2437
ord5167
ord7989
ord12490
ord8050
ord8131
ord8122
ord11365
ord12631
ord11532
ord13766
ord8627
ord8861
ord8140
ord13857
ord12212
ord365
ord1057
ord1507
ord6483
ord265
ord266
ord2368
ord11366
ord8792
ord11719
ord11575
ord14128
ord8618
ord11850
ord6703
ord10644
ord8909
ord3166
ord13438
ord11892
ord11888
ord1695
ord1717
ord1743
ord1729
ord1750
ord11614
ord4832
ord4777
ord5982
ord4789
ord4783
ord4842
ord4826
ord4771
ord5687
ord4803
ord4741
ord4756
ord4817
ord4351
ord9343
ord4343
ord2962
ord14136
ord14007
ord14134
ord6607
ord11357
ord13284
ord5704
ord2627
ord11754
ord3804
ord3271
ord3270
ord3165
ord11798
ord5064
ord5347
ord5536
ord9001
ord5323
ord5566
ord5067
ord5213
ord5049
ord7430
ord7431
ord7420
ord5211
ord7890
ord9903
ord8862
ord6595
ord7519
ord316
ord4715
ord1032
ord4765
ord11615
ord13331
ord310
ord9118
ord3705
ord3710
ord7364
ord1450
ord3205
ord3202
ord12160
ord7881
ord7688
ord14207
ord6100
ord14209
ord6102
ord2696
ord14279
ord11869
ord11877
ord7888
ord10079
ord11881
ord11849
ord12552
ord5539
ord9898
ord6591
ord4436
ord2310
ord11659
ord7685
ord305
ord5691
ord2917
ord14208
ord300
ord9933
ord9935
ord6101
ord1447
ord982
ord7363
ord9934
ord7620
ord9932
ord3723
ord9936
ord4848
ord10026
ord4795
ord988
ord1487
ord5435
ord2207
ord2723

kernel32

OpenProcess
GetModuleHandleA
CloseHandle
GetModuleFileNameA
CreateFileMappingA
OutputDebugStringW
InitializeCriticalSectionEx
GetProcAddress
GetLastError
SetUnhandledExceptionFilter
DeleteCriticalSection
GetPrivateProfileStringA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
LoadLibraryA
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

user32

FindWindowA
EnableWindow
SendMessageTimeoutA
GetDesktopWindow
LoadCursorA
PostMessageA
GetWindowThreadProcessId
RegisterWindowMessageA
GetWindow

comctl32

InitCommonControlsEx

shlwapi

PathStripPathA
PathRemoveFileSpecA

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__current_exception_context
__C_specific_handler
memset
memcpy

api-ms-win-crt-string-l1-1-0

strpbrk
strcpy_s
_stricmp
strcat_s

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-runtime-l1-1-0

terminate
_register_thread_local_exe_atexit_callback
_c_exit
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_setmbcp
_configthreadlocale

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RTUI.dll
.dll windows:6 windows x86 arch:x86

1736c20c278ca344fece9599e128765d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\RTUISDK\lib\free\RTUI.pdb

Imports

shlwapi

PathRemoveFileSpecA
PathFileExistsA
PathStripPathA
PathIsRelativeA

winmm

timeSetEvent
timeKillEvent

rtfc

?GetCount@CPtrListLite@@QAEKXZ
?Sort@CPtrListLite@@QAEXHP6AHPAUPTR_LIST_NODE@@0@Z@Z
?GetTail@CPtrListLite@@QAEPAUPTR_LIST_NODE@@XZ
??YCStringLite@@QAEABV0@PBD@Z
?Left@CStringLite@@QBE?AV1@H@Z
??YCStringLite@@QAEABV0@D@Z
?GetParams@CTextFile@@SAHHHPBDAAVCStringLite@@0H@Z
?IsEmpty@CStringLite@@QBEHXZ
??0CTextFile@@QAE@XZ
?GetParams@CTextFile@@SAHPBDAAVCStringLite@@10H@Z
?GetParam@CTextFile@@SAHHPBDAAVCStringLite@@0H@Z
?ReadSection@CTextFile@@UAEHPBDAAVCStringLite@@@Z
?ReadString@CTextFile@@QAEHAAVCStringLite@@@Z
?Home@CTextFile@@QAEXXZ
?DestroyCache@CTextFile@@QAEXXZ
?PrecacheSections@CTextFile@@QAEXXZ
?Precache@CTextFile@@QAEXPBD@Z
?Open@CTextFile@@QAEHPBD@Z
?Format@CStringLite@@QAAXPBDZZ
?GetLength@CStringLite@@QBEHXZ
??H@YA?AVCStringLite@@ABV0@PBD@Z
??H@YA?AVCStringLite@@ABV0@0@Z
??YCStringLite@@QAEABV0@ABV0@@Z
??0CStringLite@@QAE@PBDH@Z
?RemoveAt@CPtrListLite@@QAEXPAUPTR_LIST_NODE@@@Z
?GetValue@CTextFile@@SAHPBDAAKK@Z
??1CTokenString@@UAE@XZ
??0CTokenString@@QAE@XZ
?strtok@CTokenString@@QAEPADPBD0@Z
??4CTextFile@@QAEAAV0@ABV0@@Z
??0CTextFile@@QAE@ABV0@@Z
??1CTextFile@@UAE@XZ
??4CPtrListLite@@QAEAAV0@ABV0@@Z
??0CPtrListLite@@QAE@ABV0@@Z
??1CPtrListLite@@UAE@XZ
??0CPtrListLite@@QAE@XZ
?RemoveAll@CPtrListLite@@QAEXXZ
?GetHead@CPtrListLite@@QAEPAUPTR_LIST_NODE@@XZ
?AddTail@CPtrListLite@@QAEPAUPTR_LIST_NODE@@PAX@Z
??1CStringLite@@UAE@XZ
??4CStringLite@@QAEABV0@ABV0@@Z
??4CStringLite@@QAEABV0@PBD@Z
??0CStringLite@@QAE@ABV0@@Z
??0CStringLite@@QAE@XZ
??1CCRC32@@UAE@XZ
??0CCRC32@@QAE@XZ
?Calc@CCRC32@@QAEKKPAEK@Z
??0CStringLite@@QAE@PBD@Z

mfc140

ord13628
ord5911
ord2680
ord12067
ord3933
ord3363
ord3364
ord3258
ord12111
ord1000
ord6836
ord5228
ord5528
ord5739
ord9305
ord5504
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord12194
ord1389
ord890
ord4865
ord12529
ord321
ord12162
ord12870
ord998
ord7406
ord5742
ord7452
ord10202
ord3627
ord2344
ord7619
ord6195
ord13681
ord3298
ord3295
ord10207
ord8173
ord2759
ord2387
ord11663
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord12032
ord3830
ord2394
ord1526
ord300
ord14508
ord4866
ord1140
ord2880
ord14520
ord12294
ord5862
ord12989
ord11907
ord500
ord4807
ord1044
ord316
ord6724
ord1509
ord266
ord265
ord2383
ord3825
ord11881
ord14502
ord8922
ord12163
ord6947
ord9422
ord10950
ord9213
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord7887
ord14699
ord2748
ord14510
ord3050
ord4485
ord9647
ord5769
ord4493
ord4972
ord4911
ord4896
ord8713
ord13475
ord14048
ord4870
ord4958
ord5003
ord4926
ord8735
ord4981
ord4997
ord2298
ord4639
ord6533
ord4938
ord3874
ord2520
ord6540
ord1751
ord568
ord4944
ord4950
ord4932
ord11917
ord4987
ord4920
ord1446
ord14592
ord973
ord5898
ord1696
ord310
ord305
ord3005
ord2370
ord2263
ord485
ord2241
ord1529
ord3844
ord1471
ord5894
ord1772
ord6848
ord12182
ord1507
ord12191
ord10384
ord4582
ord1472
ord8180
ord9166
ord1765
ord1192

kernel32

CreateProcessA
GetModuleFileNameA
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
ExitProcess
OutputDebugStringA
SetLastError
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
CloseHandle
GetModuleHandleW
LoadLibraryW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetFullPathNameA
GetLastError
WaitForMultipleObjects
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
GetTickCount
ResumeThread
LeaveCriticalSection
SetThreadPriority
GetPrivateProfileStringA
OutputDebugStringW
RaiseException
EnterCriticalSection
GetPrivateProfileIntA
FindResourceA
LockResource
GetModuleHandleA
LoadResource

user32

GetDC
ReleaseDC
RegisterWindowMessageA
PostMessageA
EnableWindow
GetUpdateRect
RedrawWindow
GetClientRect
CopyRect
LoadCursorA
PeekMessageA
GetCursorPos
ScreenToClient
IntersectRect
UnionRect
PtInRect
UnregisterClassA
EqualRect
ClientToScreen
GetWindowRect
LockWindowUpdate
SetWindowRgn
ReleaseCapture
SetCapture
GetFocus
SetLayeredWindowAttributes
UpdateLayeredWindow
IsWindow
SendMessageA

gdi32

GetDeviceCaps
CreateBitmap
CreateCompatibleDC
CreateDIBitmap
CreatePalette
CreateRectRgn
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
SelectObject
StretchBlt
StretchDIBits
SetStretchBltMode
SetDIBits
CreateFontA
BitBlt
CombineRgn

oleaut32

SysFreeString

vcruntime140

__CxxFrameHandler3
longjmp
_setjmp3
memcpy
memset
__std_terminate
_purecall
__RTDynamicCast
strchr
__current_exception
__current_exception_context
_except_handler4_common
__std_type_info_destroy_list
memmove

api-ms-win-crt-string-l1-1-0

strcpy_s
strcat_s
_stricmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_mkdir
_splitpath_s
remove
_stat64i32

api-ms-win-crt-stdio-l1-1-0

fread
_fseeki64
__stdio_common_vfprintf
__acrt_iob_func
fopen_s
ferror
fopen
__stdio_common_vsscanf
fflush
freopen_s
fclose
_ftelli64
fwrite

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_recalloc

api-ms-win-crt-time-l1-1-0

_utime64
_gmtime64
_time64
_mktime64
_localtime64_s

api-ms-win-crt-convert-l1-1-0

wcstombs_s
atof

api-ms-win-crt-math-l1-1-0

modf
floor
_except1
frexp
_libm_sse2_pow_precise

api-ms-win-crt-runtime-l1-1-0

abort
strerror
_errno
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo
terminate

Exports

Exports

??0CDIB@@QAE@XZ
??0CDIBCache@@QAE@ABV0@@Z
??0CDIBCache@@QAE@XZ
??0CDIBDC@@QAE@XZ
??0CDIBWnd@@QAE@XZ
??0CDIBWndThread@@IAE@XZ
??0CDIBWndThread@@QAE@PAVCDIBWnd@@@Z
??0CLauncherThread@@IAE@XZ
??0CLauncherThread@@QAE@PAVCWnd@@PAVCLauncherThreadOwner@@PBDK@Z
??0CLauncherThreadOwner@@QAE@ABV0@@Z
??0CLauncherThreadOwner@@QAE@XZ
??0CLayeredWindowDC@@QAE@ABV0@@Z
??0CLayeredWindowDC@@QAE@XZ
??0CMMTimer@@QAE@ABV0@@Z
??0CMMTimer@@QAE@XZ
??0CSkin@@QAE@ABV0@@Z
??0CSkin@@QAE@XZ
??0CSkinnedButton@@QAE@ABV0@@Z
??0CSkinnedButton@@QAE@XZ
??0CSkinnedControl@@QAE@ABV0@@Z
??0CSkinnedControl@@QAE@XZ
??0CSkinnedIndicator@@QAE@XZ
??0CSkinnedIndicatorSource@@QAE@ABV0@@Z
??0CSkinnedIndicatorSource@@QAE@XZ
??0CSkinnedPlaceholder@@QAE@ABV0@@Z
??0CSkinnedPlaceholder@@QAE@XZ
??0CSkinnedSite@@QAE@ABV0@@Z
??0CSkinnedSite@@QAE@XZ
??0CSkinnedSlider@@QAE@ABV0@@Z
??0CSkinnedSlider@@QAE@XZ
??0CSkinnedText@@QAE@XZ
??0CSkinnedWnd@@QAE@XZ
??0CValueClipper@@QAE@ABV0@@Z
??0CValueClipper@@QAE@XZ
??1CDIB@@UAE@XZ
??1CDIBCache@@UAE@XZ
??1CDIBDC@@UAE@XZ
??1CDIBWnd@@UAE@XZ
??1CDIBWndThread@@MAE@XZ
??1CLauncherThread@@UAE@XZ
??1CLauncherThreadOwner@@UAE@XZ
??1CLayeredWindowDC@@UAE@XZ
??1CMMTimer@@UAE@XZ
??1CSkin@@UAE@XZ
??1CSkinnedButton@@UAE@XZ
??1CSkinnedControl@@UAE@XZ
??1CSkinnedIndicator@@UAE@XZ
??1CSkinnedIndicatorSource@@UAE@XZ
??1CSkinnedPlaceholder@@UAE@XZ
??1CSkinnedSite@@UAE@XZ
??1CSkinnedSlider@@UAE@XZ
??1CSkinnedText@@UAE@XZ
??1CSkinnedWnd@@UAE@XZ
??1CValueClipper@@UAE@XZ
??4CDIBCache@@QAEAAV0@ABV0@@Z
??4CLauncherThreadOwner@@QAEAAV0@ABV0@@Z
??4CLayeredWindowDC@@QAEAAV0@ABV0@@Z
??4CMMTimer@@QAEAAV0@ABV0@@Z
??4CSkin@@QAEAAV0@ABV0@@Z
??4CSkinnedButton@@QAEAAV0@ABV0@@Z
??4CSkinnedControl@@QAEAAV0@ABV0@@Z
??4CSkinnedIndicatorSource@@QAEAAV0@ABV0@@Z
??4CSkinnedPlaceholder@@QAEAAV0@ABV0@@Z
??4CSkinnedSite@@QAEAAV0@ABV0@@Z
??4CSkinnedSlider@@QAEAAV0@ABV0@@Z
??4CValueClipper@@QAEAAV0@ABV0@@Z
??_7CDIB@@6B@
??_7CDIBCache@@6B@
??_7CDIBDC@@6B@
??_7CDIBWnd@@6B@
??_7CDIBWndThread@@6B@
??_7CLauncherThread@@6B@
??_7CLauncherThreadOwner@@6B@
??_7CLayeredWindowDC@@6B@
??_7CMMTimer@@6B@
??_7CSkin@@6B@
??_7CSkinnedButton@@6B@
??_7CSkinnedControl@@6B@
??_7CSkinnedIndicator@@6B@
??_7CSkinnedIndicatorSource@@6B@
??_7CSkinnedPlaceholder@@6B@
??_7CSkinnedSite@@6B@
??_7CSkinnedSlider@@6B@
??_7CSkinnedText@@6B@
??_7CSkinnedWnd@@6B@
??_7CValueClipper@@6B@
?AddControl@CSkinnedWnd@@QAEHPAVCSkinnedControl@@H@Z
?AddDIB@CDIBCache@@QAEPAVCDIB@@PBDPAVCSkin@@0@Z
?AddDIB@CDIBCache@@QAEXPBDPAVCDIB@@K@Z
?AddDirtyRect@CSkinnedWnd@@QAEXPAVCRect@@@Z
?AlphaBlt@CDIB@@QAEHPAV1@0JJJJJJK@Z
?Animate@CSkinnedButton@@QAEHXZ
?Animate@CSkinnedIndicator@@QAEHXZ
?Animate@CSkinnedText@@QAEXXZ
?AppendPAK@CDIB@@QAEHPAVCSZArray@@PBDH@Z
?ApplyBitmapEffect@CSkin@@QAEHPBDPAVCDIB@@@Z
?AsyncPrepare@CDIBWnd@@QAEXXZ
?AsyncPresent@CDIBWnd@@QAEXXZ
?AsyncUpdate@CDIBWndThread@@QAEXXZ
?AsyncUpdateBackbuffer@CDIBWnd@@QAEXKK@Z
?Attach@CDIB@@QAEHPAV1@H@Z
?AttachDIB@CDIBWnd@@QAEHPAVCDIB@@@Z
?Bar@CDIB@@QAEHJJJJJ@Z
?BeginRedrawDirtyControls@CSkinnedWnd@@QAEXXZ
?Blt@CDIB@@QAEHPAV1@JJJJJJ@Z
?Blur9Tap@CDIB@@QAEHXZ
?CalcIndicatorValue@CSkinnedIndicatorSource@@UAEMM@Z
?CalcTimerPeriod@CSkinnedWnd@@QAEKXZ
?Capture@CDIB@@QAEHPAVCDC@@KK@Z
?CaptureDesktop@CDIB@@QAEHVCRect@@@Z
?ChangeRgn@CSkinnedWnd@@QAEXXZ
?ClientToSkin@CSkinnedWnd@@QAE?AVCPoint@@V2@@Z
?ClientToSkin@CSkinnedWnd@@QAE?AVCRect@@V2@@Z
?ClientToSkin@CSkinnedWnd@@QAEHH@Z
?ClipDWORD@CValueClipper@@SAKKKK@Z
?ClipFloat@CValueClipper@@SAMMMM@Z
?ClipInt@CValueClipper@@SAHHHH@Z
?ClipLong@CValueClipper@@SAJJJJ@Z
?ColorKeyBlt@CDIB@@QAEHPAV1@JJJJJJK@Z
?Compile@CSkin@@QAEHPBDK@Z
?CompressToPNG@CDIB@@QAEXXZ
?ConvertHSLToRGB@CDIB@@QAEXPAK00000@Z
?ConvertRGBToHSL@CDIB@@QAEXPAK00000@Z
?ConvertTo256Color@CDIB@@QAEHXZ
?ConvertTo256ColorHelper@CDIB@@KAHPBX0@Z
?ConvertToAlpha@CDIB@@QAEHXZ
?ConvertToGreyscale@CDIB@@QAEHXZ
?ConvertToHiColor@CDIB@@QAEHH@Z
?ConvertToTrueColor@CDIB@@QAEHXZ
?CopyCompressed@CDIB@@QAEXKPAEK@Z
?CopyDIB@CDIB@@QAEHPAV1@@Z
?Create@CDIB@@QAEHJJGK@Z
?Create@CDIBWnd@@QAEHKABUtagRECT@@PAVCWnd@@I@Z
?Create@CMMTimer@@QAEHIIKP6AXK@Z@Z
?Create@CMMTimer@@QAEHIIKPAUHWND__@@IIJ@Z
?Create@CSkinnedControl@@QAEHPAVCSkin@@PBDK1KH@Z
?Create@CSkinnedWnd@@UAEHPAVCSkin@@PBDK@Z
?CreateAdditionalButtons@CSkinnedWnd@@QAEHPAVCSkin@@PBDKHH@Z
?CreateAdditionalControls@CSkinnedWnd@@QAEHPAVCSkin@@PBDKHH@Z
?CreateAdditionalIndicator@CSkinnedWnd@@QAEHPAVCSkin@@PBDK11HH@Z
?CreateAdditionalIndicators@CSkinnedWnd@@QAEHPAVCSkin@@PBDKHH@Z
?CreateBitmap@CDIB@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?CreateBitmap@CDIB@@QAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateDCA@CDIBDC@@QAEXXZ
?CreateDCA@CLayeredWindowDC@@QAEXPAVCDIB@@0KKK@Z
?CreateDCA@CSkinnedIndicator@@QAEXK@Z
?CreateFontA@CSkinnedText@@QAEHPAVCSkin@@PBD@Z
?CreateObject@CDIBWndThread@@SGPAVCObject@@XZ
?CreateObject@CLauncherThread@@SGPAVCObject@@XZ
?CreatePAK@CDIB@@SAJPBD0@Z
?CreatePalette@CDIB@@QAEPAUHPALETTE__@@XZ
?CreateRgn@CDIB@@QAEPAUHRGN__@@KK@Z
?CreateThread@CDIBWnd@@QAEXXZ
?CreateTimer@CSkinnedWnd@@QAEKK@Z
?Decompile@CSkin@@QAEHPBDK@Z
?DefWindowProcA@CDIBWnd@@UAEJIIJ@Z
?DefWindowProcA@CSkinnedWnd@@MAEJIIJ@Z
?DeleteDC@CDIBDC@@QAEXXZ
?DeleteDC@CLayeredWindowDC@@QAEXXZ
?Destroy@CDIBWndThread@@QAEXXZ
?Destroy@CSkinnedWnd@@QAEXH@Z
?DestroyAdditionalControls@CSkinnedWnd@@QAEXXZ
?DestroyCompressed@CDIB@@QAEXXZ
?DestroyDIB@CDIB@@QAEHXZ
?DestroyDirtyRects@CSkinnedWnd@@QAEXXZ
?DestroyImage@CDIB@@QAEHXZ
?DestroyPalette@CDIB@@QAEHXZ
?DestroyThread@CDIBWnd@@QAEXXZ
?DetachDIB@CDIBWnd@@QAEXXZ
?DisplayMessage@CSkinnedWnd@@UAEHPBDK@Z
?DoEdit@CSkinnedText@@QAEXXZ
?Draw@CSkinnedButton@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedIndicator@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedIndicatorSource@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedPlaceholder@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedSite@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedSlider@@UAEXPAVCDIB@@0@Z
?Draw@CSkinnedText@@UAEXPAVCDIB@@0@Z
?Dump@CDIBCache@@QAEXPBD@Z
?DumpCache@CSkinnedWnd@@QAEXPBD@Z
?EatMessages@CMMTimer@@QAEHXZ
?Emboss@CDIB@@QAEHEEEE@Z
?Enable@CSkinnedControl@@QAEHH@Z
?EnableAnimtation@CSkinnedIndicator@@QAEXH@Z
?EnableClickPos@CSkinnedSlider@@QAEXH@Z
?EnableRedraw@CSkinnedWnd@@QAEXH@Z
?EnableRedrawControls@CSkinnedWnd@@QAEXH@Z
?EncryptDecryptHeader@CSkin@@QAEXPAEK0K@Z
?EncryptDecryptHeader@CSkin@@QAEXPAVCSZArray@@@Z
?EndEdit@CSkinnedText@@QAEXH@Z
?EndRedrawDirtyControls@CSkinnedWnd@@QAEXXZ
?ExitInstance@CDIBWndThread@@UAEHXZ
?ExitInstance@CLauncherThread@@UAEHXZ
?ExtractAlpha@CDIB@@QAEHXZ
?FastCopyDIB@CDIB@@QAEHPAV1@@Z
?FastResizeA8R8G8B8@CDIB@@SAXPAEKKK0KKK@Z
?FastResizeR8G8B8@CDIB@@SAXPAEKKK0KKK@Z
?FastResizeR8G8B8@CDIB@@SAXPAEKKK0KKKK@Z
?FillBitmapInfoHeader@CDIB@@QAEXPAUtagBITMAPINFOHEADER@@@Z
?FindDIB@CDIBCache@@QAEPAVCDIB@@PBD@Z
?FixSize@CSkinnedControl@@QAEXPAVCDIB@@0@Z
?FixSizes@CSkinnedSite@@QAEXXZ
?FlushDC@CDIBDC@@QAEXXZ
?FlushDIB@CDIBDC@@QAEXXZ
?GetAdditionalError@CSkin@@QAEPBDXZ
?GetAlpha@CSkinnedControl@@QAEKXZ
?GetAlphaPath@CSkinnedSlider@@QAE?AVCPoint@@V2@@Z
?GetAnimationFrame@CSkinnedButton@@QAEKXZ
?GetAnimationFrames@CSkinnedButton@@QAEKXZ
?GetAsyncScaling@CDIBWnd@@QAEKXZ
?GetBackbuffer@CDIBWnd@@QAEHXZ
?GetBaseColorKey@CSkinnedWnd@@QAEHAAK@Z
?GetBgndRect@CSkinnedSlider@@AAE?AVCRect@@XZ
?GetBitmap@CLayeredWindowDC@@QAEPAUHBITMAP__@@XZ
?GetBitmapFilenameWithEffects@CSkin@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBDPAH@Z
?GetBltHitCount@CDIB@@QAEJPAV1@JJJJJJJJ@Z
?GetCapturedControl@CSkinnedWnd@@QAEPAVCSkinnedControl@@XZ
?GetClassNameA@CSkinnedButton@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedIndicator@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedIndicatorSource@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedPlaceholder@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedSite@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedSlider@@UAE?AVCStringLite@@XZ
?GetClassNameA@CSkinnedText@@UAE?AVCStringLite@@XZ
?GetCommonParamsNum@CSkinnedControl@@SAKK@Z
?GetCompatibilityFlags@CSkinnedWnd@@QAEKXZ
?GetControlByID@CSkinnedWnd@@QAEPAVCSkinnedControl@@K@Z
?GetControlByName@CSkinnedWnd@@QAEPAVCSkinnedControl@@PBD@Z
?GetControlRect@CSkinnedControl@@QAE?AVCRect@@XZ
?GetControlRectInvalidated@CSkinnedControl@@QAE?AVCRect@@XZ
?GetControlRectRelative@CSkinnedControl@@QAE?AVCRect@@XZ
?GetDC@CDIBDC@@QAEPAUHDC__@@XZ
?GetDC@CLayeredWindowDC@@QAEPAUHDC__@@XZ
?GetDC@CSkinnedIndicator@@QAEPAVCDIBDC@@H@Z
?GetDIB@CSkinnedButton@@AAEPAVCDIB@@XZ
?GetDIB@CSkinnedIndicator@@QAEPAVCDIB@@XZ
?GetDIB@CSkinnedSlider@@AAEPAVCDIB@@XZ
?GetDIBAlpha@CSkinnedButton@@AAEPAVCDIB@@XZ
?GetDIBAlpha@CSkinnedIndicator@@QAEPAVCDIB@@XZ
?GetDIBAlpha@CSkinnedSlider@@AAEPAVCDIB@@XZ
?GetDIBAlphaBeforeClick@CSkinnedButton@@AAEPAVCDIB@@XZ
?GetDIBCache@CSkinnedControl@@QAEPAVCDIBCache@@XZ
?GetDepth@CDIB@@QAEGXZ
?GetDragRect@CSkinnedSlider@@AAE?AVCRect@@XZ
?GetEditAnimationFrames@CSkinnedText@@QAEKXZ
?GetEditCursor@CSkinnedText@@QAEDXZ
?GetEditMask@CSkinnedText@@QAEPBDXZ
?GetEditTextLen@CSkinnedText@@QAEHXZ
?GetFileType@CDIB@@QAEKPBD@Z
?GetFormat@CSkin@@QAEKXZ
?GetHeaderBitmapsSectionName@CSkin@@QAEPBDXZ
?GetHeaderGlobalSectionName@CSkin@@QAEPBDXZ
?GetHeight@CDIB@@QAEJXZ
?GetHost@CSkin@@QAEPBDXZ
?GetHottrackControl@CSkinnedWnd@@QAEPAVCSkinnedControl@@XZ
?GetID@CSkinnedControl@@QAEKXZ
?GetImage@CDIB@@QAEPAEXZ
?GetIndicatorValue@CSkinnedControl@@UAEMK@Z
?GetIndicatorValue@CSkinnedIndicatorSource@@UAEMK@Z
?GetIndicatorValue@CSkinnedSlider@@UAEMK@Z
?GetKeyboardFocus@CSkinnedWnd@@QAEPAVCSkinnedControl@@XZ
?GetLastError@CDIB@@QAEHXZ
?GetLauncherThread@CLauncherThreadOwner@@QAEPAVCLauncherThread@@XZ
?GetLayeredWindowAlpha@CSkinnedWnd@@QAEKXZ
?GetLayeredWindowMode@CSkinnedWnd@@QAEKXZ
?GetLayout@CSkinnedWnd@@QAEKXZ
?GetMMTimerMode@CMMTimer@@QAEKXZ
?GetMessageMap@CDIBWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDIBWndThread@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CLauncherThread@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CSkinnedWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetName@CSkinnedControl@@QAEPBDXZ
?GetName@CSkinnedWnd@@QAEPBDXZ
?GetNearestColor@CDIB@@QAEHPAUtagPALETTEENTRY@@@Z
?GetNearestColor@CDIB@@SAHPAUtagPALETTEENTRY@@H0@Z
?GetOwner@CDIB@@QAEPAVCDIBWnd@@XZ
?GetPAK@CSkin@@QAEPAVCSZArray@@XZ
?GetPage@CSkinnedSlider@@QAEKXZ
?GetPalette@CDIB@@QAEPAUtagPALETTEENTRY@@XZ
?GetPaletteSize@CDIB@@QAEHXZ
?GetParam@CSkinnedIndicator@@QAEHHAAVCStringLite@@@Z
?GetParam@CSkinnedPlaceholder@@QAEHHAAVCStringLite@@@Z
?GetParams@CSkinnedIndicator@@QAEPBDXZ
?GetParams@CSkinnedPlaceholder@@QAEPBDXZ
?GetPeriod@CMMTimer@@QAEIXZ
?GetPixel@CDIB@@QAEHHHAAK@Z
?GetPoint@CSkinnedSlider@@QAE?AVCPoint@@XZ
?GetPos@CSkinnedSlider@@QAEJXZ
?GetRGBDifference@CDIB@@SAHPAUtagPALETTEENTRY@@0@Z
?GetRect@CDIB@@QAEXPAVCRect@@@Z
?GetReplace@CSkinnedText@@QAEEE@Z
?GetRuntimeClass@CDIBWndThread@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CLauncherThread@@UBEPAUCRuntimeClass@@XZ
?GetSSAAHeight@CDIBDC@@QAEKXZ
?GetSSAAWidth@CDIBDC@@QAEKXZ
?GetScaleFactor@CSkinnedWnd@@QAEKXZ
?GetScalingMode@CDIBWnd@@QAEKXZ
?GetSite@CSkinnedControl@@QAEPAVCSkinnedSite@@XZ
?GetSize@CDIB@@QAEKXZ
?GetSizeB@CDIB@@QAEKXZ
?GetSourceControl@CSkinnedIndicator@@QAEPAVCSkinnedControl@@XZ
?GetState@CSkinnedButton@@QAEKXZ
?GetStates@CSkinnedButton@@QAEKXZ
?GetStrFilter@CDIB@@SAPADXZ
?GetText@CSkinnedText@@QAE?AVCStringLite@@XZ
?GetThisClass@CDIBWndThread@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CLauncherThread@@SGPAUCRuntimeClass@@XZ
?GetThisMessageMap@CDIBWnd@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CDIBWndThread@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CLauncherThread@@KGPBUAFX_MSGMAP@@XZ
?GetThisMessageMap@CSkinnedWnd@@KGPBUAFX_MSGMAP@@XZ
?GetThread@CDIBWnd@@QAEPAVCDIBWndThread@@XZ
?GetTimerPeriod@CSkinnedControl@@QAEKXZ
?GetTimerRes@CSkinnedWnd@@QAEHXZ
?GetWidth@CDIB@@QAEJXZ
?GetWidthB@CDIB@@QAEJXZ
?GetWnd@CSkin@@QAEPAVCSkinnedWnd@@XZ
?GetWnd@CSkinnedControl@@QAEPAVCSkinnedWnd@@XZ
?GetZOrder@CSkinnedControl@@QAEKXZ
?HitTest@CSkinnedButton@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedControl@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedPlaceholder@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedSite@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedSlider@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedText@@UAEHVCPoint@@K@Z
?HitTest@CSkinnedWnd@@QAEPAVCSkinnedControl@@VCPoint@@K@Z
?HitTestBase@CSkinnedWnd@@QAEHVCPoint@@K@Z
?InitDivLookup@CDIB@@QAEXXZ
?InitHeaderType@CSkin@@QAEHK@Z
?InitInstance@CDIBWndThread@@UAEHXZ
?InitInstance@CLauncherThread@@UAEHXZ
?InitResize@CDIB@@SAXPAK00000KKKKKKK@Z
?Invalidate@CSkinnedControl@@QAEXH@Z
?IsActive@CMMTimer@@QAEHXZ
?IsAlphaPath@CSkinnedSlider@@QAEHXZ
?IsAnimationEnabled@CSkinnedIndicator@@QAEHXZ
?IsBlind@CSkinnedIndicator@@QAEHXZ
?IsCaptured@CSkinnedControl@@QAEHXZ
?IsCaptured@CSkinnedWnd@@QAEHXZ
?IsCheckbox@CSkinnedButton@@QAEHXZ
?IsCmdLine@CSkinnedButton@@QAEHXZ
?IsCompressed@CDIB@@QAEHXZ
?IsEditMode@CSkinnedText@@QAEHXZ
?IsEditing@CSkinnedText@@QAEHXZ
?IsEnabled@CSkinnedControl@@QAEHXZ
?IsGDI@CSkinnedText@@QAEHXZ
?IsHorizontal@CSkinnedIndicator@@QAEHXZ
?IsHorizontal@CSkinnedSlider@@QAEHXZ
?IsHottrack@CSkinnedControl@@QAEHXZ
?IsIdle@CDIBWndThread@@QAEHXZ
?IsIntersected@CSkinnedControl@@QAEHPAVCRect@@@Z
?IsInverted@CSkinnedIndicator@@QAEHXZ
?IsKeyboardFocusCaptured@CSkinnedControl@@UAEHXZ
?IsKeyboardFocusCaptured@CSkinnedText@@UAEHXZ
?IsKeyboardFocusCaptured@CSkinnedWnd@@QAEHXZ
?IsNative@CSkin@@QAEHXZ
?IsPressed@CSkinnedButton@@QAEHXZ
?IsRedrawControlsEnabled@CSkinnedWnd@@QAEHXZ
?IsRedrawEnabled@CSkinnedWnd@@QAEHXZ
?IsSmooth@CSkinnedIndicator@@QAEHXZ
?IsSpin@CSkinnedButton@@QAEHXZ
?IsSupportedFormat@CSkin@@IAEHK@Z
?IsSupportedFormat@CSkin@@QAEHXZ
?IsTimerPaused@CSkinnedControl@@QAEHXZ
?IsUSFHeader@CSkin@@QAEHXZ
?IsUXFHeader@CSkin@@QAEHXZ
?IsValidChar@CSkinnedText@@QAEHE@Z
?IsVisible@CSkinnedControl@@QAEHXZ
?Kill@CDIBWndThread@@QAEXXZ
?Kill@CLauncherThread@@QAEXXZ
?Kill@CMMTimer@@QAEXH@Z
?KillDivLookup@CDIB@@QAEXXZ
?LaunchApplication@CLauncherThread@@QAEHPBDK@Z
?Line@CDIB@@QAEHJJJJJ@Z
?Load@CSkin@@QAEHPAVCMemFile@@@Z
?LoadDIB@CDIB@@QAEHHPAUHINSTANCE__@@@Z
?LoadDIB@CDIB@@QAEHPAD@Z
?LoadDIB@CDIB@@QAEHPBDPAUHINSTANCE__@@@Z
?LoadGIF@CDIB@@QAEHPAD@Z
?LoadImageA@CDIB@@QAEHPAD@Z
?LoadJPEG@CDIB@@QAEHPAD@Z
?LoadPAK@CDIB@@QAEHPAVCSZArray@@PBD@Z
?LoadPAK@CDIB@@QAEHPBD0@Z
?LoadPCX@CDIB@@QAEHPAD@Z
?LoadPNG@CDIB@@QAEHPAD@Z
?LoadPNG@CDIB@@QAEHPAEK@Z
?LockUpdateDIB@CSkinnedWnd@@QAEXH@Z
?LockUpdateLayeredWindow@CSkinnedWnd@@QAEXH@Z
?MapBitmapName@CSkin@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PBD@Z
?NotifyParent@CSkinnedControl@@UAEXKK@Z
?OnAsyncUpdate@CDIBWnd@@QAEXXZ
?OnCreate@CDIBWnd@@QAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CSkinnedButton@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedIndicator@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedIndicatorSource@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedPlaceholder@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedSite@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedSlider@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreate@CSkinnedText@@UAEHPAVCSkin@@PBDK1K@Z
?OnCreateCommon@CSkinnedControl@@IAEHKPBDAAK11K@Z
?OnDestroy@CDIBWnd@@IAEXXZ
?OnDestroy@CSkinnedWnd@@IAEXXZ
?OnKeyDown@CSkinnedButton@@UAEXIII@Z
?OnKeyDown@CSkinnedControl@@UAEXIII@Z
?OnKeyDown@CSkinnedPlaceholder@@UAEXIII@Z
?OnKeyDown@CSkinnedSlider@@UAEXIII@Z
?OnKeyDown@CSkinnedText@@UAEXIII@Z
?OnKeyDown@CSkinnedWnd@@IAEXIII@Z
?OnKeyUp@CSkinnedControl@@UAEXIII@Z
?OnKeyUp@CSkinnedSlider@@UAEXIII@Z
?OnKeyUp@CSkinnedWnd@@IAEXIII@Z
?OnKillFocus@CSkinnedButton@@UAEXXZ
?OnKillFocus@CSkinnedControl@@UAEXXZ
?OnKillFocus@CSkinnedSlider@@UAEXXZ
?OnKillFocus@CSkinnedText@@UAEXXZ
?OnKillFocus@CSkinnedWnd@@IAEXPAVCWnd@@@Z
?OnKillKeyboardFocus@CSkinnedControl@@UAEXXZ
?OnKillKeyboardFocus@CSkinnedText@@UAEXXZ
?OnLButtonDown@CSkinnedButton@@UAEXVCPoint@@@Z
?OnLButtonDown@CSkinnedControl@@UAEXVCPoint@@@Z
?OnLButtonDown@CSkinnedPlaceholder@@UAEXVCPoint@@@Z
?OnLButtonDown@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnLButtonDown@CSkinnedText@@UAEXVCPoint@@@Z
?OnLButtonDown@CSkinnedWnd@@IAEXIVCPoint@@@Z
?OnLButtonUp@CSkinnedButton@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedControl@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedPlaceholder@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedText@@UAEXVCPoint@@@Z
?OnLButtonUp@CSkinnedWnd@@IAEXIVCPoint@@@Z
?OnMouseMove@CSkinnedButton@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedControl@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedPlaceholder@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedSlider@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedText@@UAEXVCPoint@@@Z
?OnMouseMove@CSkinnedWnd@@IAEXIVCPoint@@@Z
?OnMoveWindow@CSkinnedWnd@@UAEXVCPoint@@@Z
?OnPaint@CDIBWnd@@IAEXXZ
?OnReadControlDesc@CSkinnedWnd@@UAEHPAVCSkin@@PBD1K1AAVCStringLite@@@Z
?OnReadDefaultControlDesc@CSkinnedWnd@@UAEHPAVCSkin@@PBD1K1AAVCStringLite@@@Z
?OnSetScaleFactor@CSkinnedWnd@@UAEXK@Z
?OnTimer@CSkinnedButton@@UAEXXZ
?OnTimer@CSkinnedControl@@UAEXXZ
?OnTimer@CSkinnedIndicator@@UAEXXZ
?OnTimer@CSkinnedText@@UAEXXZ
?OnTimer@CSkinnedWnd@@IAEXI@Z
?OnUpdateLayeredWindow@CSkinnedWnd@@UAEXPAUHDC__@@@Z
?OutCode@CDIB@@IAEHJJJJJJ@Z
?OverrideDIB@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIB@CSkinnedIndicator@@QAEXPAVCDIB@@@Z
?OverrideDIBAlpha@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBAlpha@CSkinnedIndicator@@QAEXPAVCDIB@@@Z
?OverrideDIBHottrack@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBHottrackAlpha@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBPressed@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBPressedAlpha@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBPressedHottrack@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideDIBPressedHottrackAlpha@CSkinnedButton@@QAEXPAVCDIB@@@Z
?OverrideHeader@CSkin@@AAEXPAVCTextFile@@@Z
?PauseTimer@CSkinnedControl@@QAEXH@Z
?PointToPos@CSkinnedSlider@@AAEJVCPoint@@@Z
?PosToPoint@CSkinnedSlider@@AAE?AVCPoint@@J@Z
?PostMessageToTarget@CMMTimer@@IAEXXZ
?Press@CSkinnedButton@@QAEXH@Z
?ProcessCommandLine@CLauncherThread@@QAEXPBDAAPAD1H@Z
?ProcessLButtonDown@CSkinnedWnd@@QAEHVCPoint@@@Z
?ProcessLButtonUp@CSkinnedWnd@@QAEHVCPoint@@@Z
?ProcessMouseMove@CSkinnedWnd@@QAEHVCPoint@@@Z
?RGBTo555@CDIB@@SAGEEE@Z
?ReadControlDesc@CSkin@@QAEHPBD0K0AAVCStringLite@@@Z
?ReadHeaderSection@CSkin@@QAEHPBDAAVCStringLite@@@Z
?ReadHeaderSectionParam@CSkin@@QAEHPBD0AAVCStringLite@@@Z
?ReadHeaderSectionParamForLayout@CSkin@@QAEHPBDK0AAVCStringLite@@H@Z
?RecalcControlRect@CSkinnedText@@QAEXXZ
?Recompress@CDIB@@QAEXXZ
?Recreate@CSkinnedControl@@QAEHPAVCSkin@@H@Z
?Redraw@CSkinnedControl@@QAEXXZ
?RedrawControl@CSkinnedWnd@@QAEXPAVCSkinnedControl@@@Z
?RedrawControls@CSkinnedWnd@@QAEXPAVCRect@@@Z
?RedrawControls@CSkinnedWnd@@QAEXXZ
?RedrawIndicators@CSkinnedControl@@QAEXXZ
?ReleaseKeyboardFocus@CSkinnedControl@@QAEXXZ
?RemoveControl@CSkinnedWnd@@QAEHPAVCSkinnedControl@@@Z
?RemoveUnusedEntries@CDIB@@QAEHXZ
?RepositionControl@CSkinnedControl@@QAEXXZ
?ResetLayouts@CSkinnedWnd@@QAEXXZ
?ResizeA8R8G8B8@CDIB@@SAXPAEKKK0KKK@Z
?ResizeDIB@CDIB@@QAEHHHH@Z
?ResizePalette@CDIB@@QAEHH@Z
?ResizePaletteHelper@CDIB@@KAHPBX0@Z
?ResizeR8G8B8@CDIB@@SAXPAEKKK0KKK@Z
?ResizeR8G8B8@CDIB@@SAXPAEKKK0KKKK@Z
?SaveDIB@CDIB@@QAEHPAD@Z
?SetAdditionalError@CSkin@@QAEXPBD@Z
?SetAlphaHitTest@CSkinnedButton@@QAEXH@Z
?SetAlphaPathThreshold@CSkinnedSlider@@QAEXK@Z
?SetAnimationFrame@CSkinnedButton@@QAEHK@Z
?SetAnimationFrames@CSkinnedIndicator@@QAEXK@Z
?SetAsyncScaling@CDIBWnd@@QAEXK@Z
?SetBackbuffer@CDIBWnd@@QAEXH@Z

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SaveMedia.cfg
SaveMedia.dll
.dll windows:6 windows x86 arch:x86

7da849b65959d1ef74f20421b758aa9b

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:30:17:d1:01:ca:4d:98:82:a7:a7:0d:96:58:7e:3e:cb:9d:b1:ab
Signer

Actual PE Digest

2e:30:17:d1:01:ca:4d:98:82:a7:a7:0d:96:58:7e:3e:cb:9d:b1:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\SaveMedia\Release\SaveMedia.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

msvfw32

ICOpen
ICCompressorFree
ICCompressorChoose
ICSendMessage
ICGetInfo
ICClose

shlwapi

PathRemoveFileSpecA
PathRenameExtensionA
PathStripPathA

dsound

ord6
ord7

mfc140

ord2759
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord12032
ord3830
ord11881
ord14502
ord8922
ord12163
ord6947
ord10950
ord9213
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord4911
ord4972
ord4493
ord5769
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord8173
ord6848
ord4468
ord11663
ord13628
ord5911
ord5401
ord2680
ord12067
ord3933
ord3363
ord3364
ord3258
ord12111
ord1000
ord5228
ord5528
ord5739
ord9305
ord5504
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord9166
ord4490
ord2560
ord3689
ord2241
ord5898
ord310
ord305
ord1509
ord265
ord10207
ord3295
ord3298
ord2387
ord3005
ord1507
ord4841
ord3230
ord14571
ord12348
ord14518
ord12291
ord4807
ord1529
ord1044
ord316
ord6724
ord2376
ord2381
ord266
ord2383
ord13681
ord3844
ord1471
ord5894
ord12182
ord12191
ord4582
ord8180
ord10384
ord12194
ord12162
ord12870
ord998
ord7406
ord5742
ord7452
ord10202
ord3627
ord12706
ord1526
ord1186
ord12544
ord1657
ord8470
ord557
ord1184
ord1655
ord8468
ord555
ord2298
ord9085
ord1068
ord3864
ord2988
ord8703
ord4213
ord3142
ord6471
ord7459
ord12074
ord6193
ord13677
ord2758
ord9167
ord12115
ord1109
ord8997
ord10963
ord11343
ord10421
ord4084
ord458
ord3395
ord3396
ord3159
ord7076
ord6104
ord8713
ord6195
ord1696

kernel32

SetFilePointer
WriteFile
CloseHandle
GetTickCount
LoadLibraryExA
GetProcAddress
RaiseException
OutputDebugStringW
ReleaseMutex
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcessId
GetLocalTime
_lclose
SystemTimeToFileTime
CreateFileA
SetEndOfFile
QueryPerformanceCounter
QueryPerformanceFrequency
TerminateThread
IsProcessorFeaturePresent
GetModuleHandleA
LoadLibraryA
GetPrivateProfileIntA
GetPrivateProfileStringA
FreeLibrary
GetCurrentThreadId
GetCurrentThread
EnterCriticalSection
OpenFile
ReadFile
CreateMutexA
LeaveCriticalSection
WritePrivateProfileStringA
SetThreadPriority
ResumeThread
GetSystemInfo
CreateEventA
SetEvent
ResetEvent
WaitForMultipleObjects
GetVersionExA
WideCharToMultiByte
DeleteFileA
DecodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
ExitProcess
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
GetFileSize

user32

GetDC
ReleaseDC
GetCursorPos
LoadCursorA
UnregisterClassA
EnableWindow
SendMessageA
EnumDisplaySettingsA
DrawIcon
GetIconInfo

gdi32

GetDeviceCaps
CreateCompatibleDC
SelectObject
CreateBitmap
DeleteObject
GetDIBits
DeleteDC
BitBlt

ole32

PropVariantClear
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString

vcruntime140

memmove
__current_exception_context
__current_exception
_except_handler4_common
longjmp
strstr
_purecall
memset
memcpy
__CxxFrameHandler3
__std_type_info_destroy_list
_setjmp3
__std_terminate

api-ms-win-crt-stdio-l1-1-0

fflush
__stdio_common_vsnprintf_s
ferror
__stdio_common_vsprintf_s
__stdio_common_vsscanf
fopen
fread
fclose
fopen_s
__stdio_common_vfprintf
fwrite
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strcpy_s
strncpy_s
strcat_s
strpbrk
_stricmp

api-ms-win-crt-filesystem-l1-1-0

_findclose
_findfirst64i32
remove
_splitpath_s
_mkdir
_findnext64i32

api-ms-win-crt-convert-l1-1-0

atof
wcstombs_s

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-heap-l1-1-0

malloc
free
_recalloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initterm_e
_initialize_narrow_environment
_seh_filter_dll
_invalid_parameter_noinfo
exit
_configure_narrow_argv
_initterm
_execute_onexit_table
abort
terminate
_crt_atexit
_cexit
_crt_at_quick_exit
_errno
strerror

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-math-l1-1-0

frexp
_libm_sse2_pow_precise
_except1
floor
modf

api-ms-win-crt-environment-l1-1-0

getenv_s

Exports

Exports

Configure
EnumAudioSources
GetStat
Init
SaveMedia
Uninit

Sections

.text
Size: 563KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SaveMedia64.dll
.dll windows:6 windows x64 arch:x64

2c6f0dd6dd775104d66e19d47cff7ce6

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:41

Not After

08/05/2033, 07:41

Subject

CN=Globalsign TSA for MS Authenticode Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/09/2022, 08:06

Not After

16/10/2025, 08:28

Subject

SERIALNUMBER=22178368,CN=MICRO-STAR INTERNATIONAL CO.\, LTD.,O=MICRO-STAR INTERNATIONAL CO.\, LTD.,STREET=No. 69\, Lide St.\, Zhonghe Dist.,L=New Taipei,ST=New Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:f2:96:c1:d7:be:27:43:6b:e7:69:2b:44:6d:9f:e7:19:e6:06:41
Signer

Actual PE Digest

b2:f2:96:c1:d7:be:27:43:6b:e7:69:2b:44:6d:9f:e7:19:e6:06:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\RTSS736\SaveMedia\Release\SaveMedia.pdb

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

msvfw32

ICClose
ICGetInfo
ICSendMessage
ICCompressorFree
ICCompressorChoose
ICOpen

shlwapi

PathRemoveFileSpecA
PathStripPathA
PathRenameExtensionA

dsound

ord7
ord6

mfc140

ord4817
ord4351
ord5566
ord9343
ord4343
ord2962
ord14136
ord7620
ord14134
ord8413
ord6607
ord4326
ord11357
ord13284
ord5704
ord5224
ord2627
ord11754
ord3804
ord3270
ord3271
ord3165
ord11798
ord988
ord5064
ord5347
ord5536
ord9001
ord5323
ord5067
ord1055
ord5049
ord7430
ord7431
ord7420
ord5211
ord7890
ord8862
ord4348
ord2512
ord3591
ord2207
ord5691
ord310
ord305
ord2917
ord1485
ord4686
ord3137
ord14197
ord12035
ord14144
ord11978
ord4648
ord1507
ord1032
ord316
ord6483
ord2338
ord4756
ord266
ord265
ord1487
ord3738
ord2901
ord8403
ord4072
ord3053
ord6237
ord7204
ord11761
ord5980
ord13327
ord2695
ord8863
ord11802
ord1087
ord8693
ord10657
ord11037
ord10117
ord3943
ord446
ord3299
ord3300
ord3066
ord6822
ord5896
ord5982
ord4741
ord4803
ord4848
ord13331
ord3205
ord3202
ord9903
ord7881
ord2696
ord14279
ord9933
ord9935
ord9934
ord9932
ord9936
ord5435
ord11365
ord11366
ord8792
ord11719
ord3710
ord4771
ord4826
ord11575
ord4842
ord4783
ord4789
ord14128
ord8618
ord11850
ord4795
ord4777
ord6703
ord10644
ord4832
ord4765
ord1750
ord8909
ord8781
ord2348
ord2344
ord1674
ord3723
ord1449
ord3166
ord5687
ord11869
ord11878
ord4438
ord7888
ord10080
ord11881
ord11849
ord12553
ord13438
ord11892
ord986
ord7152
ord5539
ord11888
ord7198
ord9898
ord3529
ord12391
ord1504
ord1164
ord12230
ord1635
ord8172
ord545
ord1162
ord1633
ord8170
ord1695
ord543
ord2342
ord1717
ord1743
ord2264
ord5213
ord1729

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
RaiseException
EnterCriticalSection
ReadFile
OutputDebugStringW
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
ExitProcess
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
DecodePointer
DeleteFileA
WideCharToMultiByte
GetVersionExA
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventA
GetSystemInfo
ResumeThread
SetThreadPriority
WritePrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
GetModuleHandleA
IsProcessorFeaturePresent
TerminateThread
QueryPerformanceFrequency
QueryPerformanceCounter
SetEndOfFile
CreateFileA
SystemTimeToFileTime
_lclose
GetLocalTime
GetCurrentProcessId
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
WriteFile
SetFilePointer
GetPrivateProfileStringA
GetTickCount
LoadLibraryExA
GetProcAddress
GetModuleFileNameA
FreeLibrary
GetCurrentThreadId
GetCurrentThread
OpenFile
LeaveCriticalSection
GetFileSize

user32

EnumDisplaySettingsA
DrawIcon
GetIconInfo
LoadCursorA
EnableWindow
GetCursorPos
GetDC
UnregisterClassA
ReleaseDC
SendMessageA

gdi32

BitBlt
CreateBitmap
SelectObject
GetDIBits
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC

ole32

PropVariantClear
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

oleaut32

SysFreeString

vcruntime140_1

__CxxFrameHandler4

vcruntime140

longjmp
strstr
_purecall
memset
memcpy
memcmp
__intrinsic_setjmp
__current_exception
__std_type_info_destroy_list
memmove
__C_specific_handler
__std_terminate
__current_exception_context

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vsnprintf_s
fread
fopen
fflush
ferror
__stdio_common_vsprintf_s
__stdio_common_vfprintf
fwrite
__stdio_common_vsscanf
fopen_s
fclose

api-ms-win-crt-string-l1-1-0

strncpy_s
strcat_s
strpbrk
_stricmp
strcpy_s

api-ms-win-crt-filesystem-l1-1-0

_findclose
_findfirst64i32
remove
_mkdir
_findnext64i32
_splitpath_s

api-ms-win-crt-convert-l1-1-0

wcstombs_s
atof

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-heap-l1-1-0

free
malloc
_recalloc

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_initterm
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
exit
_initterm_e
_invalid_parameter_noinfo
strerror
_register_onexit_function
_errno

api-ms-win-crt-time-l1-1-0

_gmtime64

api-ms-win-crt-math-l1-1-0

pow
modf
frexp
floor

api-ms-win-crt-environment-l1-1-0

getenv_s

Exports

Exports

Configure
EnumAudioSources
GetStat
Init
SaveMedia
Uninit

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libmfxsw32.dll
.dll windows:5 windows x86 arch:x86

3b6ea42b172600bb5a8950b6766adce0

Code Sign

35:de:f4:cf
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

22/08/1998, 16:41

Not After

22/08/2018, 16:41

Subject

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

1b:aa:c3:a2:00:01:00:00:79:76
Certificate

Issuer

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Not Before

12/12/2011, 18:40

Not After

26/11/2014, 18:40

Subject

CN=Intel(R) Software Products

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:1e:80:b7:00:00:00:00:00:07
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

15/05/2009, 19:25

Not After

15/05/2015, 19:35

Subject

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:7b:38:2d:2b:14:3d:42:3e:33:ac:81:56:4b:de:44:29:9d:dd:ad
Signer

Actual PE Digest

7e:7b:38:2d:2b:14:3d:42:3e:33:ac:81:56:4b:de:44:29:9d:dd:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\users\mkazakov\2013_R2\MediaSDK_2013_R2\build\win_Win32\bin\libmfxsw32.pdb

Imports

kernel32

GetLastError
CreateEventExW
GetOverlappedResult
WriteFile
CloseHandle
CreateEventW
InterlockedIncrement
WaitForSingleObject
SetEvent
ResetEvent
SetThreadAffinityMask
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleFileNameW
GetSystemInfo
QueryPerformanceCounter
GetSystemTimeAsFileTime
Sleep
SwitchToThread
ReleaseSemaphore
CreateSemaphoreW
OutputDebugStringA
DecodePointer
EncodePointer
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
ExitThread
CreateThread
GetProcAddress
GetModuleHandleW
ExitProcess
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
LoadLibraryW
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesExW
DeleteFileW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

winmm

timeGetTime

Exports

Exports

MFXCloneSession
MFXClose
MFXDisjoinSession
MFXGetPriority
MFXInit
MFXJoinSession
MFXQueryIMPL
MFXQueryVersion
MFXSetPriority
MFXVideoCORE_GetHandle
MFXVideoCORE_SetBufferAllocator
MFXVideoCORE_SetFrameAllocator
MFXVideoCORE_SetHandle
MFXVideoCORE_SyncOperation
MFXVideoDECODE_Close
MFXVideoDECODE_DecodeFrameAsync
MFXVideoDECODE_DecodeHeader
MFXVideoDECODE_GetDecodeStat
MFXVideoDECODE_GetPayload
MFXVideoDECODE_GetVideoParam
MFXVideoDECODE_Init
MFXVideoDECODE_Query
MFXVideoDECODE_QueryIOSurf
MFXVideoDECODE_Reset
MFXVideoDECODE_SetSkipMode
MFXVideoENCODE_Close
MFXVideoENCODE_EncodeFrameAsync
MFXVideoENCODE_GetEncodeStat
MFXVideoENCODE_GetVideoParam
MFXVideoENCODE_Init
MFXVideoENCODE_Query
MFXVideoENCODE_QueryIOSurf
MFXVideoENCODE_Reset
MFXVideoUSER_ProcessFrameAsync
MFXVideoUSER_Register
MFXVideoUSER_Unregister
MFXVideoVPP_Close
MFXVideoVPP_GetVPPStat
MFXVideoVPP_GetVideoParam
MFXVideoVPP_Init
MFXVideoVPP_Query
MFXVideoVPP_QueryIOSurf
MFXVideoVPP_Reset
MFXVideoVPP_RunFrameVPPAsync

Sections

.text
Size: 14.6MB - Virtual size: 14.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 194KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libmfxsw64.dll
.dll windows:5 windows x64 arch:x64

ceb419a5aaa755241938db3b7db9fb65

Code Sign

35:de:f4:cf
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

22/08/1998, 16:41

Not After

22/08/2018, 16:41

Subject

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16/02/2006, 18:01

Not After

19/02/2016, 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

1b:aa:c3:a2:00:01:00:00:79:76
Certificate

Issuer

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Not Before

12/12/2011, 18:40

Not After

26/11/2014, 18:40

Subject

CN=Intel(R) Software Products

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:1e:80:b7:00:00:00:00:00:07
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

15/05/2009, 19:25

Not After

15/05/2015, 19:35

Subject

CN=Intel External Basic Issuing CA 3A,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:8a:b8:6f:64:ba:04:f3:b1:8d:3c:05:6d:e2:4e:53:02:44:df:08
Signer

Actual PE Digest

d4:8a:b8:6f:64:ba:04:f3:b1:8d:3c:05:6d:e2:4e:53:02:44:df:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\users\mkazakov\2013_R2\MediaSDK_2013_R2\build\win_x64\bin\libmfxsw64.pdb

Imports

kernel32

GetLastError
CreateEventExW
GetOverlappedResult
WriteFile
CloseHandle
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
SetThreadAffinityMask
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleFileNameW
GetSystemInfo
QueryPerformanceCounter
GetSystemTimeAsFileTime
Sleep
SwitchToThread
ReleaseSemaphore
CreateSemaphoreW
OutputDebugStringA
DecodePointer
EncodePointer
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
ExitThread
CreateThread
GetProcAddress
GetModuleHandleW
ExitProcess
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
GetStdHandle
HeapSize
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
LoadLibraryW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesExW
DeleteFileW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

winmm

timeGetTime

Exports

Exports

MFXCloneSession
MFXClose
MFXDisjoinSession
MFXGetPriority
MFXInit
MFXJoinSession
MFXQueryIMPL
MFXQueryVersion
MFXSetPriority
MFXVideoCORE_GetHandle
MFXVideoCORE_SetBufferAllocator
MFXVideoCORE_SetFrameAllocator
MFXVideoCORE_SetHandle
MFXVideoCORE_SyncOperation
MFXVideoDECODE_Close
MFXVideoDECODE_DecodeFrameAsync
MFXVideoDECODE_DecodeHeader
MFXVideoDECODE_GetDecodeStat
MFXVideoDECODE_GetPayload
MFXVideoDECODE_GetVideoParam
MFXVideoDECODE_Init
MFXVideoDECODE_Query
MFXVideoDECODE_QueryIOSurf
MFXVideoDECODE_Reset
MFXVideoDECODE_SetSkipMode
MFXVideoENCODE_Close
MFXVideoENCODE_EncodeFrameAsync
MFXVideoENCODE_GetEncodeStat
MFXVideoENCODE_GetVideoParam
MFXVideoENCODE_Init
MFXVideoENCODE_Query
MFXVideoENCODE_QueryIOSurf
MFXVideoENCODE_Reset
MFXVideoUSER_ProcessFrameAsync
MFXVideoUSER_Register
MFXVideoUSER_Unregister
MFXVideoVPP_Close
MFXVideoVPP_GetVPPStat
MFXVideoVPP_GetVideoParam
MFXVideoVPP_Init
MFXVideoVPP_Query
MFXVideoVPP_QueryIOSurf
MFXVideoVPP_Reset
MFXVideoVPP_RunFrameVPPAsync

Sections

.text
Size: 17.9MB - Virtual size: 17.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1016KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6Certificate

Extended Key Usages

Key Usages

c2:12:29:5c:f5:60:0f:bd:ed:f8:75:4a:85:76:78:dd:25:df:5a:73Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 176KB

.rsrc Size: 37KB - Virtual size: 37KB

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 352B

c26621761683a926589c7f7a96aa5d75

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

shlwapi

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

30682cbcd9e51d263811845cece41fd0

Headers

DLL Characteristics

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:48:90:3d:c2:8a:bc:a7:a1:19:4d:0c:1c:57:b8:29
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

08:5e:21:e8:3e:4f:82:88:70:9d:5a:d6
Certificate

c2:12:29:5c:f5:60:0f:bd:ed:f8:75:4a:85:76:78:dd:25:df:5a:73
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 176KB

.rsrc
Size: 37KB - Virtual size: 37KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 352B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 116B

.pdata
Size: 512B - Virtual size: 168B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 578B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B