setup_x86-64_build_4355[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

setup_x86-64_build_4355.zip
Size

104.2MB
MD5

80913a4e34dfa6341eff6ae637a22421
SHA1

4665a9024ae0108bdb2f57606551b8e2337e2014
SHA256

a58e4b94e989320460df69f9b16f413fcb10c24e5fbf203a2cf302edb03a4e4a
SHA512

5f6d12353814cd37d027933eed91afe98214d0241ed789a0179c518523ab9e43a58faedbbf2d97fa585966466937c14ddf2daedfdce2db9546c9338353816e13
SSDEEP

3145728:udoYmeBF2+nyFOrLCUpqOKzc4ywa8bG8aVhxBrWo9:8LFncOfrpqna8y8a7vyo9

Score

3^/10

Malware Config

Signatures

Embeds OpenSSL 1 IoCs

Embeds OpenSSL, may be used to circumvent TLS interception.

resource	yara_rule
static1/unpack001/setup_x86-64_build_4355/cryptography/hazmat/bindings/_rust.pyd	embeds_openssl

Unsigned PE 64 IoCs

Checks for missing Authenticode signature.

resource
unpack001/setup_x86-64_build_4355/AppXDeploymentServer.dll
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_Salsa20.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_aes.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_aesni.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_cbc.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_cfb.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ctr.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ecb.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_eksblowfish.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ocb.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ofb.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_BLAKE2s.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_MD5.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_SHA1.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_SHA256.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_ghash_clmul.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Hash/_ghash_portable.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Protocol/_scrypt.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Util/_cpuid_c.pyd
unpack001/setup_x86-64_build_4355/Cryptodome/Util/_strxor.pyd
unpack001/setup_x86-64_build_4355/DHolographicDisplay.dll
unpack001/setup_x86-64_build_4355/EdgeContent.dll
unpack001/setup_x86-64_build_4355/MSVidCtl.dll
unpack001/setup_x86-64_build_4355/Microsoft.Bluetooth.Service.dll
unpack001/setup_x86-64_build_4355/NlsData0009.dll
unpack001/setup_x86-64_build_4355/SRH.dll
unpack001/setup_x86-64_build_4355/SettingsHandlers_nt.dll
unpack001/setup_x86-64_build_4355/SystemSettingsThresholdAdminFlowUI.dll
unpack001/setup_x86-64_build_4355/UIRibbon.dll
unpack001/setup_x86-64_build_4355/Windows.AI.MachineLearning.dll
unpack001/setup_x86-64_build_4355/Windows.Data.Pdf.dll
unpack001/setup_x86-64_build_4355/Windows.UI.Xaml.Controls.dll
unpack001/setup_x86-64_build_4355/_cffi_backend.pyd
unpack001/setup_x86-64_build_4355/_win32sysloader.pyd
unpack001/setup_x86-64_build_4355/aiohttp/_helpers.pyd
unpack001/setup_x86-64_build_4355/aiohttp/_http_parser.pyd
unpack001/setup_x86-64_build_4355/aiohttp/_http_writer.pyd
unpack001/setup_x86-64_build_4355/aiohttp/_websocket.pyd
unpack001/setup_x86-64_build_4355/bootux.dll
unpack001/setup_x86-64_build_4355/charset_normalizer/md.pyd
unpack001/setup_x86-64_build_4355/charset_normalizer/md__mypyc.pyd
unpack001/setup_x86-64_build_4355/cryptography/hazmat/bindings/_rust.pyd
unpack001/setup_x86-64_build_4355/dbgeng.dll
unpack001/setup_x86-64_build_4355/diagtrack.dll
unpack001/setup_x86-64_build_4355/dwmcore.dll
unpack001/setup_x86-64_build_4355/edgehtml.dll
unpack001/setup_x86-64_build_4355/frozenlist/_frozenlist.pyd
unpack001/setup_x86-64_build_4355/msftedit.dll
unpack001/setup_x86-64_build_4355/mshtml.dll
unpack001/setup_x86-64_build_4355/multidict/_multidict.pyd
unpack001/setup_x86-64_build_4355/prm0009.dll
unpack001/setup_x86-64_build_4355/pythoncom311.dll
unpack001/setup_x86-64_build_4355/pywintypes311.dll
unpack001/setup_x86-64_build_4355/setup_x86-64_build_4355.exe
unpack001/setup_x86-64_build_4355/tellib.dll
unpack001/setup_x86-64_build_4355/twinui.dll
unpack001/setup_x86-64_build_4355/twinui.pcshell.dll
unpack001/setup_x86-64_build_4355/win32api.pyd
unpack001/setup_x86-64_build_4355/win32kfull.sys
unpack001/setup_x86-64_build_4355/win32ui.pyd
unpack001/setup_x86-64_build_4355/wuaueng.dll
unpack001/setup_x86-64_build_4355/yarl/_quoting_c.pyd
unpack001/setup_x86-64_build_4355/zstandard/_cffi.pyd
unpack001/setup_x86-64_build_4355/zstandard/backend_c.pyd

Files

setup_x86-64_build_4355.zip
.zip
setup_x86-64_build_4355/AppXDeploymentServer.dll
.dll windows:10 windows x64 arch:x64

0514bfd9d917637f3cbfcabfc3ccd787

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

AppxDeploymentServer.pdb

Imports

api-ms-win-crt-string-l1-1-0

strcmp
wcscmp
wcsncmp
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__stricmp
_o__ui64tow_s
_o__ultow_s
_o__wcsicmp
_o__wcslwr
_o__wcsnicmp
_o__wtoi
_o_calloc
memmove
_o_free
_o_malloc
_o_qsort
_o_realloc
_o_strncpy_s
_o_strtol
_o_terminate
_o_toupper
_o_wcscpy_s
_o_wcsncat_s
_o_wcsncpy_s
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
wcsstr
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o___std_exception_destroy
_o___std_exception_copy
strchr
wcsrchr
wcschr
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

ntdll

RtlExpandEnvironmentStrings
NtQuerySecurityObject
RtlGetAppContainerNamedObjectPath
NtOpenDirectoryObject
RtlDeriveCapabilitySidsFromName
NtGetCachedSigningLevel
NtCompareSigningLevels
RtlFindAceByType
RtlCreateSecurityDescriptor
RtlCreateAcl
NtQueryLicenseValue
NtSetSecurityObject
RtlAddProcessTrustLabelAce
RtlSetSaclSecurityDescriptor
RtlGetPersistedStateLocation
NtQueryInformationFile
NtQueryInformationThread
RtlNtPathNameToDosPathName
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlDeleteFunctionTable
RtlAddFunctionTable
RtlWaitForWnfMetaNotification
NtSetInformationVirtualMemory
RtlLengthSid
RtlDeleteCriticalSection
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
RtlGetDeviceFamilyInfoEnum
RtlIsMultiSessionSku
RtlDeleteSecurityObject
NtAccessCheck
RtlConvertSidToUnicodeString
RtlEqualSid
RtlAllocateAndInitializeSid
RtlIsStateSeparationEnabled
RtlQueryPackageClaims
ZwFlushBuffersFileEx
RtlValidSid
RtlAllocateHeap
RtlFreeUnicodeString
NtUnmapViewOfSection
NtMapViewOfSection
RtlNtStatusToDosErrorNoTeb
NtCreateSection
EtwEventUnregister
EtwEventWrite
EtwEventRegister
NtClose
RtlIsGenericTableEmptyAvl
NtDeleteWnfStateName
RtlInitializeCriticalSection
NtSetInformationThread
RtlIsMultiUsersInSessionSku
NtQuerySystemInformation
RtlReportException
RtlAcquireSRWLockShared
RtlReleaseSRWLockShared
RtlCopySid
NtQueryInformationToken
NtCreateWnfStateName
NtFsControlFile
RtlFreeSid
RtlNtStatusToDosError
RtlNumberGenericTableElementsAvl
RtlPublishWnfStateData
RtlFreeHeap
RtlLookupElementGenericTableAvl
RtlDowncaseUnicodeString
NtSetInformationFile
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlInitUnicodeString
RtlCompareUnicodeString
RtlInitializeGenericTableAvl
RtlQueryWnfStateData
RtlEnumerateGenericTableWithoutSplayingAvl
RtlEnumerateGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlInsertElementGenericTableAvl
RtlReleaseRelativeName
RtlWow64IsWowGuestMachineSupported
NtOpenFile
RtlDosPathNameToRelativeNtPathName_U_WithStatus
RtlInitUnicodeStringEx
RtlEqualUnicodeString
RtlUpcaseUnicodeChar
RtlCreateAndSetSD
RtlDetermineDosPathNameType_U
NtQueryInformationProcess
RtlpEnsureBufferSize
RtlAddAce
RtlDosPathNameToNtPathName_U_WithStatus
NtCreateFile

combase

GetErrorInfo
ord153

staterepository.core

sqlite3_column_type
sqlite3_column_blob
sqlite3_column_text16
sqlite3_column_bytes
sqlite3_column_text
sqlite3_column_int64
sqlite3_column_int
sqlite3_bind_blob
sqlite3_bind_text16
sqlite3_db_handle
sqlite3_busy_timeout
sqlite3_finalize
sqlite3_reset
sqlite3_next_stmt
sqlite3_step
sqlite3_initialize
sqlite3_errcode
sqlite3_create_function_v2
sqlite3_sql
sqlite3_bind_int64
sqlite3_close
sqlite3_shutdown
sqlite3_enable_shared_cache
sqlite3_user_data
sqlite3_config
sqlite3_trace
sqlite3_errmsg
sqlite3_profile
sqlite3_log
sqlite3_bind_int
sqlite3_bind_null
sqlite3_clear_bindings
sqlite3_db_filename
sqlite3_exec
sqlite3_stmt_busy
sqlite3_open_v2
sqlite3_result_error_nomem
sqlite3_result_error16
sqlite3_extended_errcode
sqlite3_result_error_code
sqlite3_snprintf
sqlite3_file_control
sqlite3_result_int64
sqlite3_result_int
sqlite3_expanded_sql
sqlite3_status
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_wal_checkpoint_v2
sqlite3_value_int64
sqlite3_last_insert_rowid
sqlite3_wal_autocheckpoint
sqlite3_db_config
sqlite3_prepare_v2
sqlite3_total_changes
sqlite3_extended_result_codes
sqlite3_free
sqlite3_db_status
sqlite3_changes
sqlite3_result_blob
sqlite3_value_type
sqlite3_value_text16
sqlite3_malloc
sqlite3_value_int
sqlite3_value_bytes
sqlite3_value_blob
sqlite3_get_autocommit
sqlite3_result_text16

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
FreeLibrary
GetModuleHandleExW
GetModuleFileNameA
LoadLibraryExW
GetModuleFileNameW
GetProcAddress

api-ms-win-core-synch-l1-1-0

CreateEventExW
CreateSemaphoreExW
InitializeSRWLock
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSectionEx
WaitForSingleObject
ResetEvent
CancelWaitableTimer
SetEvent
ReleaseMutex
ReleaseSRWLockExclusive
DeleteCriticalSection
WaitForSingleObjectEx
CreateEventW
OpenSemaphoreW
ReleaseSRWLockShared
OpenEventW
SetWaitableTimer
CreateWaitableTimerExW
CreateMutexExW
AcquireSRWLockExclusive
AcquireSRWLockShared

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMinimum
SetThreadpoolThreadMaximum
CloseThreadpool
CloseThreadpoolWork
CloseThreadpoolCleanupGroupMembers
CreateThreadpool
SetThreadpoolTimer
CloseThreadpoolCleanupGroup
CreateThreadpoolTimer
CloseThreadpoolTimer
TrySubmitThreadpoolCallback

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
ProcessIdToSessionId
OpenThreadToken
GetCurrentThread
GetProcessTimes
SetThreadToken
OpenThread
SetThreadPriority
ExitProcess
TerminateProcess
GetCurrentProcess
ResumeThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeProcThreadAttributeList
CreateProcessAsUserW
OpenProcessToken
UpdateProcThreadAttribute
GetExitCodeProcess

api-ms-win-core-localization-l1-2-0

LCMapStringEx
FormatMessageW
GetSystemPreferredUILanguages

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
TraceMessage

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryW
GetSystemDirectoryW
GetSystemInfo
GetLocalTime
GetTickCount64
GetVersionExW

api-ms-win-core-string-l1-1-0

CompareStringW
MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventSetInformation
EventActivityIdControl
EventProviderEnabled
EventRegister

api-ms-win-core-synch-l1-2-0

InitOnceComplete
WaitOnAddress
InitOnceBeginInitialize
Sleep
WakeByAddressAll

api-ms-win-core-file-l1-1-0

GetFileType
CreateDirectoryW
RemoveDirectoryW
GetVolumeInformationW
GetFileAttributesW
FlushFileBuffers
GetFileAttributesExW
FindNextFileW
FindFirstFileW
GetFileInformationByHandle
SetEndOfFile
SetFilePointerEx
GetFileTime
GetVolumePathNameW
GetFileSizeEx
CompareFileTime
FindClose
CreateFileW
ReadFile
GetFinalPathNameByHandleW
GetVolumeInformationByHandleW
GetDriveTypeW
SetFilePointer
SetFileInformationByHandle
GetTempFileNameW
DeleteFileW
SetFileAttributesW
FindFirstFileExW
WriteFile

api-ms-win-core-registry-l1-1-0

RegOpenUserClassesRoot
RegFlushKey
RegQueryInfoKeyW
RegOpenCurrentUser
RegLoadAppKeyW
RegGetKeySecurity
RegDeleteKeyExW
RegEnumValueW
RegDeleteTreeW
RegSetKeySecurity
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegGetValueW

api-ms-win-security-base-l1-1-0

SetSecurityDescriptorOwner
DuplicateTokenEx
CreatePrivateObjectSecurityEx
ImpersonateLoggedOnUser
AdjustTokenPrivileges
EqualSid
CheckTokenMembership
ImpersonateSelf
IsValidSid
GetAce
DestroyPrivateObjectSecurity
CopySid
GetLengthSid
CreateRestrictedToken
InitializeAcl
AddAccessAllowedAceEx
CreateWellKnownSid
SetTokenInformation
SetSecurityDescriptorControl
GetTokenInformation
InitializeSecurityDescriptor
MakeSelfRelativeSD
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
IsWellKnownSid
DeleteAce
AddAccessAllowedAce
AccessCheck
GetFileSecurityW
GetSecurityDescriptorOwner
RevertToSelf
FreeSid
DuplicateToken
AllocateAndInitializeSid
SetSecurityAccessMask
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
GetSecurityDescriptorSacl
GetSidSubAuthority
GetSidSubAuthorityCount

api-ms-win-core-shlwapi-legacy-l1-1-0

PathStripPathW
PathFileExistsW
PathFindFileNameW
PathFindNextComponentW
PathGetDriveNumberW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

rpcrt4

RpcServerUseProtseqW
RpcServerUseProtseqEpW
RpcServerRegisterIf3
RpcStringFreeW
UuidToStringW
RpcServerRegisterIfEx
RpcServerInqBindings
RpcEpRegisterW
RpcEpUnregister
RpcServerUnregisterIf
UuidCreate
RpcBindingVectorFree
I_RpcExceptionFilter
RpcImpersonateClient
RpcBindingSetAuthInfoExW
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcAsyncCompleteCall
RpcRaiseException
NdrServerCall2
Ndr64AsyncServerCallAll
NdrServerCallAll
NdrAsyncServerCall
UuidFromStringW
NdrClientCall3
RpcBindingFree
RpcServerInqCallAttributesW
RpcRevertToSelf
RpcBindingBind
RpcBindingCreateW

api-ms-win-core-url-l1-1-0

UrlCreateFromPathW
PathCreateFromUrlW

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-io-l1-1-1

CancelSynchronousIo

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects
CreateSemaphoreW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW
lstrcmpiW

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabledForPackage

api-ms-win-core-path-l1-1-0

PathAllocCanonicalize
PathCchAppend
PathCchRemoveBackslash
PathCchSkipRoot
PathAllocCombine
PathCchCombine
PathCchRemoveFileSpec

api-ms-win-core-file-l2-1-0

CreateSymbolicLinkW
CopyFileExW
CreateHardLinkW
MoveFileExW
GetFileInformationByHandleEx

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult
CancelIoEx

api-ms-win-core-memory-l1-1-0

MapViewOfFile
CreateFileMappingW
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW
K32EnumProcesses

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-file-l1-2-0

GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
GetTempPathW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
GetFileVersionInfoExW
VerQueryValueW

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToFileTime

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW
LookupAccountSidW

api-ms-win-core-file-l1-2-2

FindNextFileNameW
FindFirstFileNameW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-wow64-l1-1-1

GetSystemWow64DirectoryW

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIW
StrRChrW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace

api-ms-win-core-windowserrorreporting-l1-1-1

WerRegisterCustomMetadata

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

mrmdeploy

GetOrCreatePriFileForAvailablePackages

mrmcorer

GetMergedSystemPriEx

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

AddToPurgeList
AppXApplyTrustLabelToFolder
AppXSetTrustLabelOnPackage
CancelDeploymentImplementation
CreateCanonicalPriFileImplementation
CreateWnfStateNameImplementation
EnumPackagesByUserSidInternal
EnumPackagesByUserSidNamePublisherInternal
EnumPackagesByUserSidPackageFamilyNameInternal
EnumProvisionedPackagesInternal
EnumVisibilityByPackageFullNameInternal
FindPackageByUserSidPackageFullNameInternal
GenerateBytecodeForPackageImplementation
GenerateBytecodeForPackagesImplementation
GetApplicability5Implementation
GetApplicabilityImplementation
GetDeploymentError
GetPackageFilesDiskUsageImplementation
GetPackageFilesDiskUsagePerVolumeImplementation
GetSessionIdsOwnedByUser
IsPackageInstalledInternal
MergeSystemResourceFilesImplementation
PackageRepositoryAllocate
PackageRepositoryFree
PackageStatusOperationImplementation
PackageVolumeStatusImplementation
RDSRecoverRequestsImplementation
RepairResourcesPriAclsImplementation
RequestPackageOperationImplementation
ServerSideRequestContentGroupsImplementation
ServiceMain
SetDeploymentError
SetPackageStatusBlockingForUserImplementation
SetPackageStatusBlockingImplementation
StartDeploymentImplementation
SvchostPushServiceGlobals

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 815KB - Virtual size: 814KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/CoreUIComponents.dll
.dll windows:6 windows x64 arch:x64

0b0da790adfdac6a418a0abf3f9cc3db

Code Sign

33:00:00:04:15:82:95:a1:a3:d8:2e:28:57:00:00:00:00:04:15
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/02/2023, 00:05

Not After

01/02/2024, 00:05

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:ea:37:7f:48:29:b0:14:ad:63:ae:1c:db:3c:9d:f8:00:35:ab:7b:87:dd:7a:f0:fc:f6:bf:ae:38:eb:70:42
Signer

Actual PE Digest

fe:ea:37:7f:48:29:b0:14:ad:63:ae:1c:db:3c:9d:f8:00:35:ab:7b:87:dd:7a:f0:fc:f6:bf:ae:38:eb:70:42

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

CoreUIComponents.pdb

Imports

msvcrt

_wcstoui64
wcschr
_CxxThrowException
memchr
_callnewh
memmove_s
_wcsicmp
??0exception@@QEAA@XZ
_vsnprintf_s
memcpy_s
_vsnwprintf
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
wcscpy_s
_lock
_unlock
_initterm
malloc
free
swprintf_s
printf
realloc
_amsg_exit
_XcptFilter
?terminate@@YAXXZ
memcmp
memmove
__dllonexit
??1type_info@@UEAA@XZ
??3@YAXPEAX@Z
_purecall
_onexit
wcsspn
__CxxFrameHandler3
memset
__C_specific_handler
memcpy
wcsrchr
sqrt

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExA
GetModuleHandleExW
FreeLibrary
GetProcAddress
GetModuleFileNameA
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

WakeByAddressAll
Sleep
InitOnceExecuteOnce
WaitOnAddress

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureStackBackTrace
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TlsSetValue
GetCurrentThread
TlsAlloc
TlsFree
SetThreadPriority
TlsGetValue
OpenProcessToken
CreateThread
GetCurrentProcess
TerminateProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetSystemTime

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar
CompareStringOrdinal
CompareStringW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-heap-l1-1-0

HeapDestroy
HeapFree
HeapAlloc
GetProcessHeap
HeapCreate

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-synch-l1-1-0

AcquireSRWLockShared
InitializeCriticalSection
WaitForSingleObject
InitializeSRWLock
InitializeCriticalSectionEx
ReleaseSRWLockShared
CreateEventW
WaitForSingleObjectEx
OpenEventW
CreateWaitableTimerExW
CreateSemaphoreExW
ReleaseSRWLockExclusive
CancelWaitableTimer
CreateMutexExW
DeleteCriticalSection
SetWaitableTimer
SetEvent
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
OpenSemaphoreW
AcquireSRWLockExclusive
ReleaseSemaphore

api-ms-win-core-localization-l1-2-0

LCMapStringW
GetLocaleInfoW
FormatMessageW

api-ms-win-core-file-l1-1-0

FlushFileBuffers
WriteFile
GetFileType

api-ms-win-core-console-l1-1-0

GetConsoleMode
WriteConsoleW

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

api-ms-win-core-com-l1-1-0

CoGetClassObject
CoCreateInstance
CoGetCallContext
CoMarshalInterface
CoReleaseMarshalData
CreateStreamOnHGlobal
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoDecrementMTAUsage
CoIncrementMTAUsage
CoTaskMemRealloc
CoGetMalloc
CoGetStdMarshalEx
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoUninitialize

api-ms-win-core-heap-l2-1-0

LocalFree
LocalReAlloc
LocalAlloc

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegGetValueW
RegCreateKeyExW

api-ms-win-security-base-l1-1-0

MakeAbsoluteSD
SetSecurityDescriptorDacl
EqualSid
GetTokenInformation
MakeSelfRelativeSD
FreeSid
GetSecurityDescriptorDacl
AllocateAndInitializeSid

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsIsStringEmpty
WindowsCreateString
WindowsStringHasEmbeddedNull
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsDuplicateString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoOriginateError
GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoTransformError

api-ms-win-core-threadpool-l1-2-0

FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolTimer
SubmitThreadpoolWork
CloseThreadpoolWork

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
VirtualQuery
VirtualProtect

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled
QuirkIsEnabledForProcess
QuirkIsEnabledForPackage

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-debug-l1-1-1

CheckRemoteDebuggerPresent

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW
GetExplicitEntriesFromAclW

api-ms-win-core-localization-obsolete-l1-2-0

GetNumberFormatW

ntdll

NtQueryInformationToken
RtlCompareUnicodeString
RtlNtStatusToDosErrorNoTeb
RtlCopySid
RtlInitUnicodeString
RtlFreeHeap
RtlValidSid
RtlAllocateHeap
RtlGetDeviceFamilyInfoEnum
NtQueryInformationProcess

coremessaging

MsgRelease
MsgBlobCreateShared
MsgBlobCreateStack
MsgStringCreateShared
MsgStringCreateStack
CoreUICreateAnonymousStream
CoreUICreateSystemWindowIDManager
CoreUICreate
CoreUIOpenExisting

api-ms-win-appmodel-runtime-l1-1-1

ParseApplicationUserModelId
FindPackagesByPackageFamily

api-ms-win-appmodel-runtime-l1-1-0

PackageFamilyNameFromFullName

api-ms-win-core-winrt-robuffer-l1-1-0

RoGetBufferMarshaler

api-ms-win-ntuser-sysparams-l1-1-0

GetMonitorInfoW

rpcrt4

I_RpcBindingInqLocalClientPID

api-ms-win-core-winrt-propertysetprivate-l1-1-0

RoCreateNonAgilePropertySet

api-ms-win-core-winrt-propertysetprivate-l1-1-1

RoCreatePropertySetSerializer

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-service-core-l1-1-0

RegisterServiceCtrlHandlerExW
SetServiceStatus

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

shcore

ord240
ord246
SHTaskPoolAllowThreadReuse
SHTaskPoolQueueTask

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
IsErrorPropagationEnabled

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-security-lsalookup-l2-1-0

LookupAccountNameW

api-ms-win-core-com-l1-1-1

RoGetAgileReference

Exports

Exports

CoreUIClientCreate
CoreUIClientTestCreate
CoreUIConfigureTestHost
CoreUICreateDuplicateWindowFactory
CoreUICreateICoreWindowFactory
CoreUIFactoryCreate
CoreUIServerCreate
CoreUIServerTestCreate
CreateNavigationClientWindowAdapter
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
MinUserGetInputHost
MinUserGetInputRoutingInfo
MinUserInputInitialize
MinUserNotifyOneCoreTransformMode
MinUserRegisterPointerInputTarget
MinUserRequestViewHitTest
MinUserReregisterPointerInputTargets
MinUserUnregisterPointerInputTarget
ServiceMain
SvchostPushServiceGlobals

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_Salsa20.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

PyInit__Salsa20
Salsa20_8_core
Salsa20_stream_destroy
Salsa20_stream_encrypt
Salsa20_stream_init

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_aes.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

AES_start_operation
AES_stop_operation
PyInit__raw_aes

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_aesni.pyd
.dll windows:6 windows x64 arch:x64

bc234f2877830bc99ce39286541d6ef1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

calloc
_aligned_malloc
free
_aligned_free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_wassert
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm
_initialize_narrow_environment

Exports

Exports

AESNI_start_operation
AESNI_stop_operation
PyInit__raw_aesni

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_cbc.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

CBC_decrypt
CBC_encrypt
CBC_start_operation
CBC_stop_operation
PyInit__raw_cbc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_cfb.pyd
.dll windows:6 windows x64 arch:x64

b7b86a79048044d07db6b7de63b7c90e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy
memmove

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e
_wassert

Exports

Exports

CFB_decrypt
CFB_encrypt
CFB_start_operation
CFB_stop_operation
PyInit__raw_cfb

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ctr.pyd
.dll windows:6 windows x64 arch:x64

bc234f2877830bc99ce39286541d6ef1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

calloc
_aligned_malloc
free
_aligned_free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_wassert
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm
_initialize_narrow_environment

Exports

Exports

CTR_decrypt
CTR_encrypt
CTR_start_operation
CTR_stop_operation
PyInit__raw_ctr

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ecb.pyd
.dll windows:6 windows x64 arch:x64

760d82578721a074ac240db77368fcb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

ECB_decrypt
ECB_encrypt
ECB_start_operation
ECB_stop_operation
PyInit__raw_ecb

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_eksblowfish.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

EKSBlowfish_start_operation
EKSBlowfish_stop_operation
PyInit__raw_eksblowfish

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ocb.pyd
.dll windows:6 windows x64 arch:x64

2d71f25096805592caf0d27ca08982e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_wassert
_execute_onexit_table
_cexit
_initterm
_initialize_onexit_table

Exports

Exports

OCB_decrypt
OCB_digest
OCB_encrypt
OCB_start_operation
OCB_stop_operation
OCB_transcrypt
OCB_update
PyInit__raw_ocb

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Cipher/_raw_ofb.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

OFB_decrypt
OFB_encrypt
OFB_start_operation
OFB_stop_operation
PyInit__raw_ofb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_BLAKE2s.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

PyInit__BLAKE2s
blake2s_copy
blake2s_destroy
blake2s_digest
blake2s_init
blake2s_update

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_MD5.pyd
.dll windows:6 windows x64 arch:x64

2d71f25096805592caf0d27ca08982e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_wassert
_execute_onexit_table
_cexit
_initterm
_initialize_onexit_table

Exports

Exports

MD5_copy
MD5_destroy
MD5_digest
MD5_init
MD5_pbkdf2_hmac_assist
MD5_update
PyInit__MD5

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_SHA1.pyd
.dll windows:6 windows x64 arch:x64

2d71f25096805592caf0d27ca08982e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_wassert
_execute_onexit_table
_cexit
_initterm
_initialize_onexit_table

Exports

Exports

PyInit__SHA1
SHA1_copy
SHA1_destroy
SHA1_digest
SHA1_init
SHA1_pbkdf2_hmac_assist
SHA1_update

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_SHA256.pyd
.dll windows:6 windows x64 arch:x64

2d71f25096805592caf0d27ca08982e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_wassert
_execute_onexit_table
_cexit
_initterm
_initialize_onexit_table

Exports

Exports

PyInit__SHA256
SHA256_copy
SHA256_destroy
SHA256_digest
SHA256_init
SHA256_pbkdf2_hmac_assist
SHA256_update

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_ghash_clmul.pyd
.dll windows:6 windows x64 arch:x64

5ce92e7d1c0a7d3c28338120fb91aa68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_aligned_free

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

PyInit__ghash_clmul
ghash_clmul
ghash_destroy_clmul
ghash_expand_clmul

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Hash/_ghash_portable.pyd
.dll windows:6 windows x64 arch:x64

200e5a8a397640442ee9fed8ad5a7ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e

Exports

Exports

PyInit__ghash_portable
ghash_destroy_portable
ghash_expand_portable
ghash_portable

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Protocol/_scrypt.pyd
.dll windows:6 windows x64 arch:x64

4ad07fe3afee3f621a47d59bc3c712f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memmove
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e
_wassert

Exports

Exports

PyInit__scrypt
scryptROMix

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Util/_cpuid_c.pyd
.dll windows:6 windows x64 arch:x64

760d82578721a074ac240db77368fcb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__cpuid_c
have_aes_ni
have_clmul

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Cryptodome/Util/_strxor.pyd
.dll windows:6 windows x64 arch:x64

760d82578721a074ac240db77368fcb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__strxor
strxor
strxor_c

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/DHolographicDisplay.dll
.dll windows:10 windows x64 arch:x64

79381de3ec2a776ba68e537f9ce52a09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

DHolographicDisplay.pdb

Imports

api-ms-win-crt-private-l1-1-0

_o__fpclass
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o_free
_o_malloc
_o_pow
_o_realloc
_o_roundf
_o_sin
_o_terminate
__std_terminate
_CxxThrowException
__CxxFrameHandler4
memcpy
_o__execute_onexit_table
_o__errno
_o__crt_atexit
__C_specific_handler
__CxxFrameHandler3
memmove
memcmp
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy

api-ms-win-crt-string-l1-1-0

memset
wcsnlen

api-ms-win-crt-runtime-l1-1-0

_wassert
_initterm_e
_initterm

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringA
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle
GetHandleInformation

api-ms-win-core-errorhandling-l1-1-0

SetLastError
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-synch-l1-1-0

ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
CreateEventExW
CreateSemaphoreExW
SetEvent
ReleaseSemaphore
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
ResetEvent
CreateEventW
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
SetWaitableTimer
InitializeSRWLock
AcquireSRWLockShared
ReleaseSRWLockShared
CreateWaitableTimerExW
WaitForSingleObject

api-ms-win-core-processthreads-l1-1-0

CreateThread
TerminateProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetThreadPriority
GetThreadPriority

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
LoadLibraryExA
FreeLibrary

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl
EventRegister
EventUnregister
EventWriteTransfer
EventSetInformation

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemInfo
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-crt-math-l1-1-0

fmaxf
fmodf

msvcp_win

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
_Thrd_join
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?uncaught_exception@std@@YA_NXZ
?_XGetLastError@std@@YAXXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegCloseKey
RegNotifyChangeKeyValue
RegCreateKeyExW

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteStringBuffer
WindowsPromoteStringBuffer
WindowsPreallocateStringBuffer
WindowsCreateStringReference
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsDeleteString

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError
SetRestrictedErrorInfo
GetRestrictedErrorInfo

dxgi

CreateDXGIFactory1
CreateDXGIFactory2

d3d12

ord101
ord102
D3D12SerializeVersionedRootSignature

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolWork
SetThreadpoolTimer
CreateThreadpoolTimer
TrySubmitThreadpoolCallback
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolWaitCallbacks
SubmitThreadpoolWork
CloseThreadpoolWait
CreateThreadpoolWork

api-ms-win-ntuser-sysparams-l1-1-0

DisplayConfigGetDeviceInfo

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
CM_Unregister_Notification
CM_Register_Notification
CM_MapCrToWin32Err

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

d3dcompiler_47

D3DGetBlobPart

cabinet

ord43
ord40
ord45

avrt

AvSetMmThreadCharacteristicsW

api-ms-win-core-io-l1-1-0

GetQueuedCompletionStatus
CancelIoEx
DeviceIoControl
CreateIoCompletionPort

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-io-l1-1-1

GetOverlappedResultEx

api-ms-win-security-base-l1-1-0

AllocateLocallyUniqueId

api-ms-win-core-memory-l1-1-0

VirtualProtect
VirtualQuery

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

oleaut32

SysFreeString

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

Exports

Exports

DHD1CreateSystem

Sections

.text
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/DefaultHrtfs.bin
setup_x86-64_build_4355/EdgeContent.dll
.dll windows:10 windows x64 arch:x64

40ddb06a77771144cd36fecfcf186e8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

EdgeContent.pdb

Imports

msvcp_win

?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_XGetLastError@std@@YAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
_Strxfrm
_Strcoll
?is@?$ctype@D@std@@QEBA_NFD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
_To_byte
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
??Bios_base@std@@QEBA_NXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
_To_wide
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
_Cnd_wait
_Cnd_broadcast
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Throw_C_error@std@@YAXH@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?widen@?$ctype@G@std@@QEBAGD@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
_Wcscoll
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
_Wcsxfrm
?_Xbad_function_call@std@@YAXXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?uncaught_exception@std@@YA_NXZ
?flags@ios_base@std@@QEBAHXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?setf@ios_base@std@@QEAAHHH@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
?_Xbad_alloc@std@@YAXXZ

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__stricmp
_o__strnicmp
_o__ultow_s
_o__wcsicmp
_o__wcsnicmp
_o__wcstoui64
_o__wtof
_o__wtoi
_o__wtoi64
_o__wtol
_o_bsearch_s
_o_ceil
_o_floor
_o_fputs
_o_free
_o_isalpha
_o_isdigit
_o_isspace
_o_iswalpha
_o_iswascii
_o_iswspace
_o_isxdigit
_o_malloc
_o_memcpy_s
_o_realloc
memchr
_o_strtol
_o_strtoull
_o_terminate
_o_toupper
_o_towlower
_o_towupper
_o_wcscat_s
_o_wcscpy
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstod
_o_wcstok_s
_o_wcstol
_o_wcstoul
_o_wmemcpy_s
__CxxFrameHandler3
__C_specific_handler
_o__itow_s
__std_type_info_compare
_o__execute_onexit_table
_o__errno
memcmp
wcsstr
wcschr
memcpy
wcsrchr
memmove
strchr
_o__crt_atexit
_o__invalid_parameter_noinfo_noreturn
_o__configure_narrow_argv
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__cexit
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfwprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
__std_terminate
__CxxFrameHandler4
_CxxThrowException

api-ms-win-crt-string-l1-1-0

wcslen
memset
strncmp
wcsncmp
strlen
wcsnlen
strcmp
wcscmp

iertutil

ord140
ord134
ord796
ord232
ord80
ord57
ord62
ord78
ord74
ord76
ord85
ord690
ord97
ord791
ord64
ord32
ord68
ord795
ord63
IntlPercentEncodeNormalize
ord79
CreateUri
ord77
ord681
ord88
ord302
ord398
ord58
CreateIUriBuilder
ord301
ord820
ord100
ord89
ord792
ord144
ord854
ord688
ord595
ord794
ord851
ord852
ord81
ord49
ord67
ord65
ord59
ord86
ord45
ord102
ord314
ord312
ord311
ord66
ord87
ord91
ord597
ord56
ord855
ord685
ord138
ord656
ord661
ord651
ord655
ord650
ord793
ord231
ord658
ord652
ord654
ord172
ord82
ord61
ord70
ord870
ord594

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
GetRestrictedErrorInfo
RoOriginateErrorW
RoOriginateError
SetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo

api-ms-win-core-winrt-l1-1-0

RoUninitialize
RoActivateInstance
RoInitialize
RoGetActivationFactory

api-ms-win-downlevel-advapi32-l1-1-0

EventProviderEnabled
CheckTokenMembership
OpenThreadToken
IsValidSid
InitializeAcl
GetLengthSid
AddAccessAllowedAce
DuplicateToken
ImpersonateLoggedOnUser
GetTokenInformation
RegQueryInfoKeyW
RegDeleteTreeW
RegEnumKeyExW
TraceMessageVa
RevertToSelf
OpenProcessToken
RegGetValueW
RegQueryValueExW
EventWriteEx
EventRegister
RegCreateKeyExW
RegSetValueExW
EventWriteTransfer
RegCloseKey
RegOpenKeyExW
EventUnregister

api-ms-win-downlevel-shlwapi-l1-1-0

StrChrNW
StrCmpW
StrRStrIW
StrCmpNICW
PathIsUNCServerW
StrChrW
StrCmpCW
StrStrIA
PathFindExtensionA
PathFindFileNameW
StrCmpICW
StrStrIW
StrCmpIW
PathFindExtensionW
StrTrimW
PathIsUNCServerShareW
PathFileExistsW

api-ms-win-core-kernel32-legacy-l1-1-0

LoadLibraryW
WTSGetActiveConsoleSessionId
RaiseFailFastException
WaitForMultipleObjects
FindResourceW

ntdll

NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
NtUpdateWnfStateData
RtlGetSuiteMask
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlSubscribeWnfStateChangeNotification
RtlIpv6AddressToStringW
RtlIpv4AddressToStringW
RtlCompareMemory
NtSetThreadExecutionState
RtlQueryTokenHostIdAsUlong64
RtlGetDeviceFamilyInfoEnum
RtlGetVersion
NtQueryInformationProcess

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
LockResource
LoadResource
SizeofResource
LoadLibraryExW
FreeLibrary
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
LoadLibraryExA

api-ms-win-core-synch-l1-1-0

ResetEvent
WaitForSingleObject
CreateEventExW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
ReleaseSemaphore
CreateMutexExW
DeleteCriticalSection
ReleaseMutex
OpenSemaphoreW
ReleaseSRWLockShared
AcquireSRWLockShared
OpenEventW
WaitForSingleObjectEx
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
CreateSemaphoreExW
LeaveCriticalSection
SetEvent
InitializeSRWLock
CreateEventW
WaitForMultipleObjectsEx
CreateMutexW
InitializeCriticalSection

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapReAlloc
HeapSetInformation
HeapAlloc
HeapSize

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
SetLastError
GetLastError
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetProcessId
SetThreadPriority
GetThreadPriority
GetCurrentThread
TlsSetValue
CreateThread
GetCurrentProcessId
TlsAlloc
GetCurrentThreadId
TlsGetValue
SetProcessShutdownParameters
OpenThread
TlsFree

api-ms-win-eventing-provider-l1-1-0

EventSetInformation

api-ms-win-core-localization-l1-2-0

ResolveLocaleName
GetLocaleInfoEx
LocaleNameToLCID
FormatMessageW
GetLocaleInfoW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-synch-l1-2-0

SleepConditionVariableCS
InitOnceExecuteOnce
InitOnceBeginInitialize
InitializeConditionVariable
WakeConditionVariable
Sleep
InitOnceComplete

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolCleanupGroup
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SubmitThreadpoolWork
CreateThreadpoolTimer
TrySubmitThreadpoolCallback
WaitForThreadpoolWorkCallbacks
SetThreadpoolThreadMaximum
CreateThreadpoolWork
SetThreadpoolTimer
CloseThreadpoolWork
CloseThreadpool
CreateThreadpool
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers

oleaut32

SafeArrayDestroy
VariantClear
VariantCopy
SafeArrayGetDim
SafeArrayGetUBound
VarDateFromStr
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayAccessData
SafeArrayCopy
SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayGetElemsize
SafeArrayGetLBound
LPSAFEARRAY_UserSize64
VARIANT_UserUnmarshal64
VARIANT_UserFree64
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
VARIANT_UserMarshal
LPSAFEARRAY_UserMarshal64
VARIANT_UserSize
LPSAFEARRAY_UserFree64
VARIANT_UserUnmarshal
VARIANT_UserFree
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserSize
VARIANT_UserMarshal64
VARIANT_UserSize64
SysStringByteLen
BSTR_UserMarshal64
BSTR_UserSize64
BSTR_UserFree64
BSTR_UserMarshal
BSTR_UserUnmarshal
BSTR_UserUnmarshal64
BSTR_UserFree
BSTR_UserSize
VariantChangeType
VariantInit
VarBstrCmp
LoadRegTypeLi
LoadTypeLi
SysReAllocStringLen
SafeArrayCreate

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
GetProcessMitigationPolicy
OpenProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetVersionExW
GetTickCount64
GetSystemDirectoryW
GetSystemTime
GetComputerNameExW
GetTickCount
GetLogicalProcessorInformation
GetLocalTime
GetSystemInfo

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-string-l1-1-0

CompareStringEx
WideCharToMultiByte
CompareStringOrdinal
MultiByteToWideChar

api-ms-win-core-processthreads-l1-1-3

SetThreadDescription
SetProcessInformation

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics
SystemParametersInfoW
GetMonitorInfoW

api-ms-win-rtcore-ntuser-private-l1-1-7

IsOneCoreTransformMode

api-ms-win-crt-math-l1-1-0

ceilf

api-ms-win-core-memory-l1-1-0

OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
VirtualQuery
MapViewOfFile
VirtualProtect
VirtualAlloc

windows.storage

SHGetSpecialFolderPathW
SHGetInstanceExplorer
SHGetKnownFolderPath

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient6
ObjectStublessClient5
ObjectStublessClient13
ObjectStublessClient7
ObjectStublessClient3
ObjectStublessClient11
ObjectStublessClient14
ObjectStublessClient12
ObjectStublessClient9
ObjectStublessClient10
ObjectStublessClient4
ObjectStublessClient18
ObjectStublessClient28
NdrProxyForwardingFunction4
NdrProxyForwardingFunction3
ObjectStublessClient15
ObjectStublessClient23
ObjectStublessClient22
ObjectStublessClient19
ObjectStublessClient26
ObjectStublessClient17
ObjectStublessClient16
ObjectStublessClient8
ObjectStublessClient21
ObjectStublessClient24
ObjectStublessClient25
CStdAsyncStubBuffer_Release
CStdAsyncStubBuffer_Disconnect
CStdStubBuffer2_CountRefs
NdrProxyForwardingFunction8
NdrProxyForwardingFunction6
CStdStubBuffer2_Disconnect
NdrProxyForwardingFunction11
CStdAsyncStubBuffer_Connect
ObjectStublessClient20
ObjectStublessClient29
ObjectStublessClient30
ObjectStublessClient31
CStdStubBuffer2_QueryInterface
CStdAsyncStubBuffer_AddRef
CStdAsyncStubBuffer_Invoke
NdrProxyForwardingFunction5
CStdAsyncStubBuffer_QueryInterface
NdrProxyForwardingFunction10
NdrProxyForwardingFunction9
NdrProxyForwardingFunction7
CStdStubBuffer2_Connect
ObjectStublessClient27

api-ms-win-core-url-l1-1-0

UrlEscapeW
UrlApplySchemeW
UrlIsW
PathCreateFromUrlW
UrlUnescapeW
UrlCanonicalizeW
ParseURLW
GetAcceptLanguagesW
UrlCanonicalizeA

api-ms-win-core-windowserrorreporting-l1-1-1

WerRegisterCustomMetadata
WerRegisterAdditionalProcess

api-ms-win-core-windowserrorreporting-l1-1-0

WerSetFlags
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule

api-ms-win-core-job-l2-1-0

QueryInformationJobObject
CreateJobObjectW
SetInformationJobObject
AssignProcessToJobObject

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-downlevel-shlwapi-l2-1-0

SHGetValueW
IStream_Reset
IStream_Size
SHCreateStreamOnFileEx
IStream_WriteStr
IStream_Write
SHStrDupW
IStream_Read
SHCreateMemStream

api-ms-win-downlevel-user32-l1-1-0

CharLowerW

api-ms-win-downlevel-shell32-l1-1-0

SetCurrentProcessExplicitAppUserModelID

api-ms-win-core-kernel32-legacy-l1-1-1

PowerSetRequest
PowerClearRequest
PowerCreateRequest

api-ms-win-core-heap-obsolete-l1-1-0

LocalAlloc
LocalFree
LocalReAlloc
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock

api-ms-win-core-localization-obsolete-l1-2-0

EnumUILanguagesW
GetSystemDefaultLocaleName
GetUserDefaultUILanguage

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpA

api-ms-win-core-file-l1-1-0

FindClose
SetFilePointer
GetDriveTypeW
FindNextFileW
RemoveDirectoryW
SetFilePointerEx
LocalFileTimeToFileTime
CompareFileTime
GetFileTime
CreateFileW
DeleteFileW
GetFullPathNameW
GetLongPathNameW
GetFileSizeEx
CreateDirectoryW
GetTempFileNameW
GetFileSize
WriteFile
ReadFile
FileTimeToLocalFileTime
GetFileAttributesW
FindFirstFileW

api-ms-win-core-file-l1-2-0

GetTempPathW
CreateFile2

rpcrt4

IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrClientCall3
CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
NdrCStdStubBuffer_Release
NdrStubCall3
NdrStubForwardingFunction
RpcRaiseException
NdrGetUserMarshalInfo
NdrCStdStubBuffer2_Release
CStdStubBuffer_CountRefs
NdrDllGetClassObject

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
SetEnvironmentVariableW
GetCurrentDirectoryW

api-ms-win-core-path-l1-1-0

PathCchCombine
PathCchCanonicalize
PathCchRemoveBackslash
PathAllocCombine
PathCchAddBackslash
PathCchAppend

api-ms-win-core-file-l2-1-0

CopyFile2

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-power-base-l1-1-0

PowerDeterminePlatformRoleEx

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetProductInfo

api-ms-win-core-io-l1-1-0

GetQueuedCompletionStatus
CreateIoCompletionPort
CancelIoEx
GetOverlappedResult

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-registry-l2-1-0

RegEnumKeyW

api-ms-win-security-base-l1-2-0

CheckTokenCapability

api-ms-win-core-psapi-l1-1-0

K32EnumProcesses
K32GetProcessImageFileNameW
K32GetProcessMemoryInfo

userenv

GetAppContainerFolderPath
GetAppContainerRegistryLocation

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-security-isolatedcontainer-l1-1-0

IsProcessInIsolatedContainer

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
IEGetWriteableFolderPath
IEIsInPrivateBrowsing
IEIsProtectedModeProcess
IERefreshElevationPolicy

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wpp_sf
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ssm_url
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/MSVidCtl.dll
.dll regsvr32 windows:10 windows x64 arch:x64

dd5e8a87d388e7f0e0dcb3f9ea5a64ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

MSVidCtl.pdb

Imports

msvcrt

_wsplitpath_s
wcscspn
swscanf
_wcsicmp
wcsncmp
iswalpha
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
_XcptFilter
_amsg_exit
_initterm
?terminate@@YAXXZ
_lock
_unlock
__dllonexit
_onexit
??1type_info@@UEAA@XZ
memset
memmove
memcpy
memcmp
floor
__CxxFrameHandler3
_ui64tow
_errno
wcstol
wcsstr
iswspace
??8type_info@@QEBAHAEBV0@@Z
wcstoul
_vsnprintf
_wcsnicmp
_vsnwprintf
_itow
_wtoi
iswdigit
_purecall
realloc
wcscat_s
malloc
??0exception@@QEAA@XZ
memmove_s
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
memcpy_s
??0exception@@QEAA@AEBV0@@Z
wcsnlen
free
wcscpy_s
__C_specific_handler
_CxxThrowException
wcscmp

ole32

GetRunningObjectTable
MkParseDisplayName
CreateBindCtx
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
CoGetMalloc
CoInitializeEx
CoWaitForMultipleHandles
CoUninitialize
ProgIDFromCLSID
StringFromCLSID
OleSaveToStream
WriteClassStm
OleLoadFromStream
StringFromGUID2
CoCreateFreeThreadedMarshaler
CLSIDFromString
CreateItemMoniker
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
ReadClassStm
HDC_UserSize64
HDC_UserMarshal
HDC_UserUnmarshal64
HDC_UserFree
HDC_UserUnmarshal
HDC_UserMarshal64
HDC_UserSize
HDC_UserFree64
HWND_UserUnmarshal64
HWND_UserMarshal64
HWND_UserMarshal
HWND_UserSize
HWND_UserSize64
HWND_UserFree64
HWND_UserFree
HWND_UserUnmarshal
CoTaskMemAlloc

oleaut32

SafeArrayUnaccessData
SysStringByteLen
SysAllocStringLen
SafeArrayDestroy
LoadRegTypeLi
SafeArrayAccessData
CreateErrorInfo
VariantInit
VariantChangeTypeEx
VarCmp
OleCreatePictureIndirect
OleCreatePropertyFrame
SetErrorInfo
VariantChangeType
SysAllocStringByteLen
VarUI4FromStr
VariantClear
VariantCopy
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
LPSAFEARRAY_UserSize64
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserSize
BSTR_UserMarshal64
BSTR_UserSize64
BSTR_UserFree64
VARIANT_UserUnmarshal64
VARIANT_UserFree64
BSTR_UserMarshal
VARIANT_UserMarshal
BSTR_UserUnmarshal
VARIANT_UserSize
VARIANT_UserUnmarshal
VARIANT_UserFree
BSTR_UserUnmarshal64
BSTR_UserFree
VARIANT_UserMarshal64
VARIANT_UserSize64
BSTR_UserSize
SysFreeString
SafeArrayCreate

kernel32

UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
GetProcessHeap
TerminateProcess
HeapAlloc
EncodePointer
LoadLibraryExA
VirtualFree
HeapFree
WriteFile
ExpandEnvironmentStringsW
OutputDebugStringA
GetTempPathW
GetLocalTime
SetLastError
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
GetTickCount64
GetCurrentProcessId
IsValidLocale
LoadLibraryW
GetSystemDirectoryW
WideCharToMultiByte
GetVersionExW
GetDriveTypeW
DeviceIoControl
CreateFileW
Sleep
GetLocaleInfoW
SetThreadExecutionState
DecodeSystemPointer
SizeofResource
GetCurrentProcess
DuplicateHandle
WaitForMultipleObjects
CreateThread
ResetEvent
SetEvent
SetUnhandledExceptionFilter
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
DecodePointer
CreateMutexW
LockResource
LoadResource
FindResourceW
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateEventW
MultiByteToWideChar
FormatMessageW
lstrlenA
OutputDebugStringW
DebugBreak
GetSystemInfo
VirtualQuery
VirtualAlloc
VirtualProtect
GetModuleHandleW
lstrcpynW
lstrcmpiW
lstrlenW
lstrcpyW
HeapDestroy
DisableThreadLibraryCalls
FreeLibrary
EncodeSystemPointer
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException

user32

SetWindowLongPtrW
FillRect
LoadCursorW
wsprintfW
GetWindowLongPtrW
CreateWindowExW
RegisterClassExW
DefWindowProcW
BeginPaint
EndPaint
UnionRect
OffsetRect
SetWindowRgn
GetClassInfoExW
SetWindowPos
GetClientRect
PtInRect
SendMessageW
DestroyWindow
SetCursor
LoadImageW
DestroyAcceleratorTable
ShowWindow
CallWindowProcW
CharNextW
LoadStringW
CharPrevW
wvsprintfW
MsgWaitForMultipleObjectsEx
PeekMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
IsWindow
CopyRect
MapWindowPoints
EqualRect
ReleaseDC
GetDC
SystemParametersInfoW
GetWindowRect
GetParent
IntersectRect
PostMessageW
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDesktopWindow
InvalidateRect
SetFocus
GetFocus
IsChild

advapi32

RegQueryValueW
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptAcquireContextW
RegQueryValueExW
RegSetValueW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW

gdi32

DeleteDC
CreateCompatibleDC
SelectObject
CreateDIBitmap
DeleteMetaFile
CloseMetaFile
GetDeviceCaps
SetWindowOrgEx
SaveDC
SetWindowExtEx
CreateMetaFileW
CreateRectRgnIndirect
CreateSolidBrush
DeleteObject
RestoreDC

shlwapi

UrlIsW
PathCreateFromUrlW

rpcrt4

NdrCStdStubBuffer_Release
NdrStubForwardingFunction
NdrDllCanUnloadNow
IUnknown_AddRef_Proxy
NdrOleFree
IUnknown_Release_Proxy
NdrOleAllocate
IUnknown_QueryInterface_Proxy
NdrStubCall3
CStdStubBuffer_Invoke
NdrClientCall3
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
NdrCStdStubBuffer2_Release
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrDllGetClassObject

slc

SLGetWindowsInformationDWORD

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Microsoft.Bluetooth.Service.dll
.dll windows:10 windows x64 arch:x64

17ee58e408cf0ca2a4be40d36bd9f7b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Microsoft.Bluetooth.Service.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__itoa_s
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcstoui64
memmove
_o_free
_o_malloc
_o_qsort
_o_realloc
_o_strcat_s
_o_terminate
_o_toupper
_o_wcstok_s
_o_wcstol
__C_specific_handler
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
__std_type_info_compare
__CxxFrameHandler3
_CxxThrowException
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

strnlen
memset

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
DeleteCriticalSection
CreateSemaphoreExW
SetEvent
CreateEventExW
InitializeCriticalSectionAndSpinCount
AcquireSRWLockShared
ReleaseSemaphore
WaitForSingleObject
ReleaseSRWLockExclusive
CreateEventW
EnterCriticalSection
LeaveCriticalSection
ResetEvent
AcquireSRWLockExclusive
ReleaseMutex
InitializeCriticalSection
CreateMutexExW
WaitForSingleObjectEx
InitializeSRWLock
ReleaseSRWLockShared
OpenSemaphoreW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetLastError
GetLastError
RaiseException
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
SetThreadPriority
OpenThreadToken
CreateThread
TerminateProcess
OpenProcessToken

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
TraceMessage
RegisterTraceGuidsW
GetTraceEnableFlags
UnregisterTraceGuids
GetTraceEnableLevel

api-ms-win-core-threadpool-l1-2-0

TrySubmitThreadpoolCallback
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWait
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWork
SetThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
SetThreadpoolTimerEx
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroup

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCompareMemory
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetSystemInfo
GetTickCount

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
_Xtime_get_ticks
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z

api-ms-win-core-winrt-l1-1-0

RoRevokeActivationFactories
RoInitialize
RoActivateInstance
RoGetActivationFactory
RoUninitialize
RoRegisterActivationFactories

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
RoOriginateError
SetRestrictedErrorInfo
GetRestrictedErrorInfo
RoOriginateErrorW

api-ms-win-core-com-l1-1-0

CoSwitchCallContext
CoInitializeEx
StringFromGUID2
CoRegisterClassObject
CoUninitialize
CoResumeClassObjects
CoAddRefServerProcess
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoWaitForMultipleHandles
CoRevertToSelf
CoMarshalInterface
CoGetApartmentType
CoImpersonateClient
CoReleaseServerProcess
CoDisconnectContext
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
CreateStreamOnHGlobal
CoReleaseMarshalData
CoCreateGuid
CoGetMalloc
CoRevokeClassObject
CoCreateInstance
CoIncrementMTAUsage
CoGetMarshalSizeMax
CoDecrementMTAUsage
CoDisconnectObject
CoTaskMemFree

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-winrt-string-l1-1-0

WindowsIsStringEmpty
WindowsDuplicateString
WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsStringHasEmbeddedNull
WindowsCreateString

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceComplete
WakeByAddressSingle
WakeByAddressAll
InitOnceBeginInitialize
WaitOnAddress
InitOnceExecuteOnce

api-ms-win-shcore-stream-l1-1-0

IStream_Write

api-ms-win-core-io-l1-1-0

CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatusEx
DeviceIoControl
CancelIoEx
GetOverlappedResult

api-ms-win-core-file-l1-1-0

ReadFile
WriteFile
CreateFileW

api-ms-win-devices-query-l1-1-0

DevFindProperty
DevCreateObjectQuery
DevFreeObjectProperties
DevCloseObjectQuery
DevGetObjectProperties

api-ms-win-security-base-l1-1-0

GetTokenInformation
RevertToSelf
ImpersonateSelf
IsValidSid
CheckTokenMembership
GetLengthSid
CopySid

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
IsErrorPropagationEnabled
RoReportFailedDelegate

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
CompareStringW
MultiByteToWideChar

api-ms-win-core-winrt-robuffer-l1-1-0

RoGetBufferMarshaler

ntdll

RtlNtStatusToDosError
RtlAllocateWnfSerializationGroup
RtlUnsubscribeWnfNotificationWithCompletionCallback
RtlUTF8ToUnicodeN
RtlInitUnicodeString
RtlGUIDFromString
RtlStringFromGUID
NtQuerySystemInformation
RtlFreeUnicodeString
RtlQueryPackageIdentity
RtlUnicodeToUTF8N
RtlUnsubscribeWnfNotificationWaitForCompletion
NtQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlPublishWnfStateData

api-ms-win-devices-query-l1-1-1

DevCreateObjectQueryEx

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_PropertyW
CM_Register_Notification
CM_MapCrToWin32Err
CM_Unregister_Notification

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventProviderEnabled
EventWriteTransfer
EventUnregister

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolAllowThreadReuse
SHTaskPoolQueueTask

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

rpcrt4

RpcServerRegisterIf3
I_RpcBindingInqLocalClientPID
NdrServerCall2
NdrServerCallAll
RpcEpRegisterW
UuidHash
RpcServerUseProtseqW
RpcBindingVectorFree
RpcEpUnregister
RpcServerUnregisterIfEx
RpcServerInqBindings

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegDeleteKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteValueW
RegDeleteTreeW
RegGetValueW

authz

AuthzInitializeContextFromSid
AuthzInitializeContextFromToken
AuthzFreeResourceManager
AuthzAccessCheck
AuthzSetAppContainerInformation
AuthzFreeContext
AuthzInitializeResourceManager

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

bcrypt

BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptHashData
BCryptGetProperty
BCryptCreateHash
BCryptDestroyHash
BCryptFinishHash

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-kernel32-legacy-l1-1-0

WTSGetActiveConsoleSessionId

api-ms-win-devices-swdevice-l1-1-0

SwMemFree
SwDeviceCreate
SwDeviceInterfaceRegister
SwDevicePropertySet
SwDeviceClose

policymanager

PolicyManager_GetPolicyString
PolicyManager_GetPolicy
PolicyManager_FreeGetPolicyData
PolicyManager_GetPolicyInt

combase

ord67
ord66
ord68

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

devobj

DevObjGetDeviceInterfaceDetail
DevObjEnumDeviceInterfaces
DevObjCreateDeviceInfoList
DevObjDestroyDeviceInfoList
DevObjGetClassDevs

api-ms-win-crt-math-l1-1-0

ceilf

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 562KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/NlsData0009.dll
.dll windows:10 windows x64 arch:x64

39e5b123f43265233e81e846a7b09d58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

NlsData0009.pdb

Imports

msvcrt

_amsg_exit
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_initterm
wcsncpy_s
__CxxFrameHandler3
wcsncat_s
_lock
wcschr
strncmp
_fileno
_unlock
_isatty
realloc
malloc
free
_XcptFilter
__dllonexit
??0exception@@QEAA@AEBV0@@Z
__C_specific_handler
_onexit
??1type_info@@UEAA@XZ
memmove
?terminate@@YAXXZ
__iob_func
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_resetstkoflw
_wsplitpath_s
ftell
fclose
fseek
_wfopen
fread
??1exception@@UEAA@XZ
_purecall
logf
_vsnwprintf
swscanf_s
expf
log
memset

api-ms-win-core-libraryloader-l1-2-0

LoadResource
FreeLibrary
GetModuleFileNameW
LockResource
DisableThreadLibraryCalls
GetProcAddress
SizeofResource

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection

api-ms-win-core-file-l1-1-0

GetFileSize
WriteFile
CreateFileW
FlushFileBuffers
SetFilePointer

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetLocalTime
GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

LangDataCall

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/SRH.dll
.dll windows:10 windows x64 arch:x64

b0154256ad4fba632240b90e58acf6fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

SRH.pdb

Imports

msvcp_win

?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
_Cnd_do_broadcast_at_thread_exit
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
?widen@?$ctype@G@std@@QEBAGD@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@G@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Random_device@std@@YAIXZ
?_Xruntime_error@std@@YAXPEBD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?uncaught_exception@std@@YA_NXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
?is@?$ctype@G@std@@QEBA_NFG@Z
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
_Mtx_unlock
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
_Mtx_lock
_Mtx_init_in_situ
_Unlock_shared_ptr_spin_lock
_Lock_shared_ptr_spin_lock
_Mtx_destroy_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
_Thrd_id
_Thrd_join
?_Throw_Cpp_error@std@@YAXH@Z
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-crt-string-l1-1-0

wcscspn
wcsspn
wcsncmp
wcscmp
memset
wcspbrk

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__itow_s
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcslwr_s
_o__wcsnicmp
memmove
_o__wtoi
_o_atan2
_o_ceil
_o_floor
_o_fmod
_o_free
_o_iswalpha
_o_iswcntrl
_o_iswlower
_o_iswspace
_o_iswupper
_o_log
_o_malloc
_o_pow
_o_powf
_o_realloc
_o_sqrt
_o_terminate
_o_towlower
_o_towupper
_o_wcstol
_o_wmemcpy_s
__std_type_info_compare
wcschr
__CxxFrameHandler3
_CxxThrowException
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__execute_onexit_table
_o__errno
wcsstr
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__C_specific_handler
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

ntdll

RtlFreeHeap
RtlCaptureContext
NtQueryInformationToken
RtlNtStatusToDosErrorNoTeb
RtlCompareUnicodeString
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlInitUnicodeString
RtlAllocateHeap
WinSqmAddToStream
WinSqmIncrementDWORD
WinSqmSetString
WinSqmSetDWORD
RtlGetDeviceFamilyInfoEnum
NtQueryWnfStateData
RtlPublishWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion

oleaut32

VarBstrCmp
SafeArrayUnaccessData
SysFreeString
VariantClear
VarBstrCat
VariantCopy
VariantChangeType
SafeArrayDestroy
SafeArrayAccessData
SysAllocString
SafeArrayUnlock
VariantInit
SafeArrayLock
SysStringLen
SysAllocStringLen
SafeArrayGetVartype
SafeArrayGetUBound
SysStringByteLen
SafeArrayRedim
SafeArrayGetDim
VarCmp
VariantCopyInd
SysAllocStringByteLen
SafeArrayGetLBound
SafeArrayCopy
SafeArrayCreate

bcp47langs

Bcp47GetLanguageName
Bcp47GetNlsForm
Bcp47FromLcid

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
LoadResource
GetModuleHandleExW
FreeLibrary
GetModuleFileNameA
LoadStringW
SizeofResource
GetProcAddress
LockResource
FindResourceExW

api-ms-win-core-synch-l1-1-0

CreateEventW
CreateSemaphoreExW
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
DeleteCriticalSection
InitializeCriticalSectionEx
CreateEventExW
ResetEvent
ReleaseSRWLockShared
OpenMutexW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SetEvent
InitializeCriticalSectionAndSpinCount
CancelWaitableTimer
SetWaitableTimer

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapReAlloc
HeapSize
HeapDestroy
HeapFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
RaiseException
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetThreadId
GetExitCodeProcess
GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetCurrentProcess
SetProcessShutdownParameters
TerminateProcess

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
GetUserPreferredUILanguages
GetThreadLocale
LocaleNameToLCID
GetSystemDefaultLCID
FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-classicprovider-l1-1-0

UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
TraceMessage

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoOriginateErrorW

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
StringFromGUID2
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CLSIDFromString
CoWaitForMultipleHandles
CoMarshalInterThreadInterfaceInStream
CoTaskMemFree
StringFromCLSID
CoAllowUnmarshalerCLSID
CoIncrementMTAUsage

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-string-l1-1-0

GetStringTypeExW
WideCharToMultiByte
MultiByteToWideChar
CompareStringW

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle

api-ms-win-core-string-l2-1-0

CharLowerW

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetVersionExW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetLocalTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

api-ms-win-core-registry-l1-1-0

RegSetValueExW
RegGetValueW
RegCloseKey
RegCreateKeyExW
RegNotifyChangeKeyValue
RegDeleteValueW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegEnumKeyExW

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsCreateString
WindowsStringHasEmbeddedNull
WindowsDuplicateString
WindowsPromoteStringBuffer
WindowsDeleteStringBuffer
WindowsIsStringEmpty
WindowsCreateStringReference
WindowsDeleteString
WindowsPreallocateStringBuffer

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-console-l1-2-0

AttachConsole
FreeConsole

api-ms-win-core-console-l2-1-0

ReadConsoleOutputW
GetConsoleScreenBufferInfo

api-ms-win-core-heap-l2-1-0

GlobalFree
LocalFree
GlobalAlloc

rpcrt4

UuidCreate

api-ms-win-core-datetime-l1-1-1

GetDateFormatEx
GetTimeFormatEx

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoOriginateLanguageException

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects
CreateWaitableTimerW

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

api-ms-win-security-base-l1-1-0

AllocateAndInitializeSid
DestroyPrivateObjectSecurity
GetTokenInformation
FreeSid
CheckTokenMembership

api-ms-win-core-localization-l2-1-0

GetNumberFormatEx

api-ms-win-service-management-l1-1-0

CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceW

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-file-l1-1-0

FindFirstFileW
FindClose

api-ms-win-service-winsvc-l1-1-0

ControlService

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW
PathRemoveFileSpecW

api-ms-win-core-registry-l2-1-0

RegOpenKeyW

api-ms-win-core-kernel32-legacy-l1-1-5

SetThreadExecutionState

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-core-sidebyside-l1-1-0

CreateActCtxW
DeactivateActCtx
ActivateActCtx
ReleaseActCtx
GetCurrentActCtx

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-ntuser-rectangle-l1-1-0

CopyRect
EqualRect
UnionRect
IsRectEmpty
PtInRect
InflateRect

api-ms-win-core-featurestaging-l1-1-0

GetFeatureEnabledState
UnsubscribeFeatureStateChangeNotification
SubscribeFeatureStateChangeNotification
RecordFeatureUsage

api-ms-win-crt-math-l1-1-0

_isnan
_finite
acosf
atan2f
ceilf
cosf
floorf
log10f
sqrtf
sinf

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

CreateAndEnqueueNarratorCommandEvent
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DllMain
ExecuteNarratorFind
GetControlAndState
GetInputLearningHelper
IgnoreLeaksInCurrentlyTrackedMemory
Initialize
IsIgnoringLeaks
PostTestCheckForLeaks
RunNarrator
SetBrailleBlinkingCursor
SetBrailleCursorRepresentation
SetBrailleDeviceChangeFromReg
SetBrailleIsEnabledFromReg
SetBrailleTablesFromReg
SetDictationRunning
SetFastKeyEntryEnabled
SetFollowInsertion
SetReadHints
SetScriptingEnabledFromReg
SetVoicePropertiesFromReg
StartIgnoringLeaks
StopIgnoringLeaks
UpdateErrorLoggingCallback
UpdateNarratorSettingsFromReg

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 602KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/SettingsHandlers_nt.dll
.dll windows:10 windows x64 arch:x64

7ae06e70115094afbbb6316378531a7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

SettingsHandlers_nt.pdb

Imports

api-ms-win-crt-string-l1-1-0

memset
wcsncmp
strncmp
wcscspn
wcsspn
wcscmp
memmove_s

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__wtoi
_o__wtoi64
_o_bsearch
_o_bsearch_s
_o_calloc
_o_free
_o_iswdigit
_o_iswspace
_o_malloc
_o_memcpy_s
_o_pow
_o_realloc
_o_terminate
_o_toupper
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstol
memmove
_CxxThrowException
_o__wcsnicmp
_o__wcslwr_s
_o__wcsicmp
_o__set_errno
_o__seh_filter_dll
_o__register_onexit_function
_o__recalloc
_o__purecall
_o__ltow_s
_o__itow_s
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__get_errno
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__C_specific_handler
__CxxFrameHandler4
memcmp
memcpy
_o_iswctype
_o_wcstombs_s
__CxxFrameHandler3
wcsrchr
strchr
wcschr
wcsstr
__std_type_info_compare

combase

NdrCStdStubBuffer_Release

api-ms-win-core-kernel32-legacy-l1-1-0

RegisterWaitForSingleObject
UnregisterWait
GetComputerNameW
LoadLibraryW

rpcrt4

CStdStubBuffer_Connect
UuidCreate
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
NdrDllCanUnloadNow
NdrDllGetClassObject

api-ms-win-core-string-l1-1-0

CompareStringEx
GetStringTypeExW
WideCharToMultiByte
CompareStringW
MultiByteToWideChar
CompareStringOrdinal

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventWriteTransfer
EventActivityIdControl
EventProviderEnabled
EventSetInformation

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
GetCalendarInfoEx
SetUserGeoID
GetUserDefaultLocaleName
LocaleNameToLCID
GetUserPreferredUILanguages
FormatMessageW
EnumSystemGeoID
GetUserGeoID
SetLocaleInfoW
GetGeoInfoW

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
OpenProcessToken
TerminateProcess
CreateThread
GetCurrentThreadId
GetCurrentThread
GetExitCodeProcess
GetProcessId
GetCurrentProcess
OpenThreadToken

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapDestroy
HeapSize
HeapAlloc

api-ms-win-core-libraryloader-l1-2-0

LoadStringW
LoadResource
LoadLibraryExW
SizeofResource
GetModuleHandleW
FindResourceExW
FindStringOrdinal
DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
LockResource

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
OutputDebugStringA
IsDebuggerPresent
DebugBreak

api-ms-win-core-errorhandling-l1-1-0

SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
RaiseException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
AcquireSRWLockShared
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
OpenSemaphoreW
AcquireSRWLockExclusive
InitializeCriticalSectionEx
ReleaseSemaphore
WaitForSingleObjectEx
ResetEvent
TryEnterCriticalSection
InitializeCriticalSection
WaitForMultipleObjectsEx
CreateEventW
InitializeSRWLock
CreateEventExW
CreateSemaphoreExW
ReleaseSRWLockShared
CreateMutexExW
SetEvent
ReleaseMutex
ReleaseSRWLockExclusive
InitializeCriticalSectionAndSpinCount

api-ms-win-core-com-l1-1-0

CoGetMalloc
CoCreateFreeThreadedMarshaler
CoIncrementMTAUsage
CoUninitialize
CoDecrementMTAUsage
CoWaitForMultipleHandles
CoSetProxyBlanket
IIDFromString
CLSIDFromString
CoGetClassObject
CreateStreamOnHGlobal
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StringFromIID
PropVariantCopy
CoCreateInstance
StringFromCLSID
CoTaskMemRealloc
CoGetApartmentType
PropVariantClear
StringFromGUID2
CoCreateGuid
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
CoGetCallContext
CoGetStdMarshalEx
CoReleaseMarshalData

api-ms-win-core-string-l2-1-0

CharNextW
CharLowerBuffW

api-ms-win-core-registry-l1-1-0

RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegLoadMUIStringW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegGetValueW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegCloseKey
RegEnumValueW

oleaut32

LPSAFEARRAY_UserUnmarshal64
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserSize
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SafeArrayGetElement
SafeArrayGetUBound
LPSAFEARRAY_UserMarshal
SafeArrayDestroy
SysAllocStringByteLen
SysStringByteLen
SysStringLen
VariantChangeType
SysAllocString
SysFreeString
VarUI4FromStr
VarBstrCat
LPSAFEARRAY_UserSize64
SafeArrayGetLBound
SysAllocStringLen
VarBstrCmp

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
GetRestrictedErrorInfo
RoOriginateError
SetRestrictedErrorInfo

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-2-0

InitOnceComplete
Sleep
InitOnceBeginInitialize
InitOnceExecuteOnce

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetLocalTime
GetSystemTimeAsFileTime
GetTickCount
GetComputerNameExW
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetTickCount64
GetSystemTime

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead

api-ms-win-core-misc-l1-1-0

lstrcmpiW

api-ms-win-core-sidebyside-l1-1-0

FindActCtxSectionStringW
CreateActCtxW
QueryActCtxW
ActivateActCtx
DeactivateActCtx

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoOriginateLanguageException
IsErrorPropagationEnabled
RoReportFailedDelegate

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CreateThreadpoolWork
CloseThreadpoolTimer
SubmitThreadpoolWork
SetThreadpoolTimer
CreateThreadpoolTimer
TrySubmitThreadpoolCallback
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
SetThreadpoolWait

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-security-base-l1-1-0

CheckTokenMembership
FreeSid
ImpersonateLoggedOnUser
DuplicateToken
AllocateAndInitializeSid
RevertToSelf
GetTokenInformation
DestroyPrivateObjectSecurity
CreateWellKnownSid
EqualSid
CopySid
GetLengthSid
IsValidSid

api-ms-win-core-file-l1-1-0

FileTimeToLocalFileTime
CreateFileW
FindFirstFileExW
FindNextFileW
FindFirstFileW
FindClose
GetFileAttributesW
WriteFile
CreateDirectoryW
DeleteFileW

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetOsSafeBootMode
VerSetConditionMask
GetProductInfo

api-ms-win-core-datetime-l1-1-1

GetDateFormatEx
GetTimeFormatEx

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-registry-l1-1-1

RegDeleteKeyValueW
RegSetKeyValueW

api-ms-win-core-localization-l1-2-3

GetUserDefaultGeoName

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW
K32GetModuleFileNameExW
K32GetProcessImageFileNameW

api-ms-win-core-localization-l2-1-0

EnumCalendarInfoExEx
EnumTimeFormatsEx

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW
LookupAccountSidW

api-ms-win-core-wow64-l1-1-1

IsWow64Process2

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient8
ObjectStublessClient5
ObjectStublessClient10
ObjectStublessClient6
ObjectStublessClient7
ObjectStublessClient11
ObjectStublessClient3
ObjectStublessClient9
ObjectStublessClient4

api-ms-win-shcore-obsolete-l1-1-0

SHStrDupW

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrCmpNIW
QISearch
StrPBrkW
StrChrW

api-ms-win-core-string-obsolete-l1-1-0

lstrlenW

api-ms-win-core-registryuserspecific-l1-1-0

SHRegGetBoolUSValueW
SHRegQueryUSValueW
SHRegWriteUSValueW
SHRegSetUSValueW
SHRegCloseUSKey
SHRegGetUSValueW
SHRegCreateUSKeyW
SHRegEnumUSKeyW
SHRegOpenUSKeyW

api-ms-win-core-localization-private-l1-1-0

NlsCheckPolicy

api-ms-win-core-url-l1-1-0

UrlEscapeW

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx
QueueUserWorkItem

api-ms-win-core-shlwapi-legacy-l1-1-0

PathCommonPrefixW
PathRemoveExtensionW
PathFindFileNameW
SHExpandEnvironmentStringsW
PathFindExtensionW
PathFileExistsW

api-ms-win-core-registry-l2-1-0

RegQueryValueW
RegOpenKeyW

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW
GetFirmwareType

api-ms-win-core-timezone-private-l1-1-0

IsTimeZoneRedirectionEnabled

user32

ord2521
SetPropW
GetPropW
DestroyMenu
GetMenuDefaultItem
CreatePopupMenu
GetKeyState
SendInput
UnregisterClassA
GetProcessDefaultLayout
GetWindowRect
SystemParametersInfoW
SendNotifyMessageW
SendMessageW
GetSysColor
PostMessageW
GetKeyboardLayout
MapVirtualKeyExW
GetWindowThreadProcessId
EnumWindows
GetForegroundWindow
GetSystemMetrics
ord2517
DispatchMessageW
GetWindowLongPtrW
LoadCursorW
SetCursor
TranslateMessage
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjectsEx
FindWindowW
IsWindow
DestroyIcon
LoadImageW
FindWindowExW
CopyIcon
AllowSetForegroundWindow
MonitorFromRect
GetMonitorInfoW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
SetWindowLongPtrW
GetMessageW
DestroyWindow
UnregisterClassW
SetDesktopColorTransform
DefWindowProcW
CharUpperBuffW
GetUserObjectInformationW
GetShellWindow
GetActiveWindow
GetProcessWindowStation
EnumDesktopsW
CloseDesktop
EnumDesktopWindows
SetThreadDesktop
GetThreadDesktop
OpenDesktopW
GhostWindowFromHungWindow
IsWindowVisible
GetWindowLongW
GetWindow
GetClassNameW
InflateRect
ord2544

shlwapi

ord176
StrFormatByteSizeEx
ord629
ord214
ord568
ord174
ord560
ord213
ord12
SHDeleteValueW
SHRegGetValueW
ord199
ord433
SHGetThreadRef
ord548
ord630
ord618
ord544
ord154
ord437
SHSetValueW
SHGetValueW
SHDeleteKeyW
ord16
ord260
ord487
StrToIntW
PathIsRelativeW
PathMatchSpecExW
StrStrIW
ord158
StrChrIW
ord212
PathIsNetworkPathW
SHStrDupA
ord270

shell32

SHGetIDListFromObject
ord923
ord644
ord27
SHCreateShellItem
SHGetNameFromIDList
ord645
ord18
ord916
ord924
SHGetKnownFolderIDList
ord846
SHBindToFolderIDListParentEx
ord2
SHCreateItemInKnownFolder
ord921
ord901
SHCreateShellItemArrayFromIDLists
ord850
SHGetKnownFolderItem
ord155
SHGetKnownFolderPath
SHCreateItemFromParsingName
ord100
ord4
SHChangeNotify
ShellExecuteExW
SHGetFolderPathEx
ord165

shcore

ord233
ord232
ord230
SHTaskPoolQueueTask
ord241
CreateStreamOverRandomAccessStream
ord145
ord244

kernel32

OpenJobObjectW
OpenMutexW
DeleteProcThreadAttributeList
CreateProcessW
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
K32GetModuleBaseNameW
IsProcessInJob
K32EnumProcesses
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OOBEComplete
SearchPathW
SetDynamicTimeZoneInformation
GetTimeZoneInformation
GetDynamicTimeZoneInformation
HeapReAlloc
K32EnumProcessModules
GlobalFree
CreateMutexW
LCMapStringW
FindNLSString
CeipIsOptedIn
FindPackagesByPackageFamily
OpenEventW
CloseThreadpoolWork
RegDeleteTreeW
ProcessIdToSessionId
lstrcmpW
GlobalAlloc
CompareFileTime
GetFileAttributesExW
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformationForYear
RegSetKeySecurity
RegDeleteKeyExW
LocalReAlloc
GetSystemPreferredUILanguages
ResolveLocaleName
GetSystemDefaultLCID

api-ms-win-appmodel-runtime-l1-1-0

OpenPackageInfoByFullName
ClosePackageInfo
GetPackageInfo

policymanager

PolicyManager_GetPolicy
PolicyManager_GetPolicyString
PolicyManager_FreeStringValue
PolicyManager_GetPolicyInt
PolicyManager_IsPolicySetByMobileDeviceManager

msvcp_win

?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Xbad_alloc@std@@YAXXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_XGetLastError@std@@YAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Wcscoll
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_init_in_situ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
_Wcsxfrm
_Mtx_destroy_in_situ
?__ExceptionPtrRethrow@@YAXPEBX@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?__ExceptionPtrDestroy@@YAXPEAX@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@G@std@@2V0locale@2@A
?id@?$collate@G@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
_Mtx_lock
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
?tolower@?$ctype@G@std@@QEBAGG@Z
_Mtx_unlock
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
_Cnd_init_in_situ
?is@?$ctype@G@std@@QEBA_NFG@Z
_Cnd_destroy_in_situ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
??1facet@locale@std@@MEAA@XZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
??0facet@locale@std@@IEAA@_K@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
_Cnd_broadcast
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
_Cnd_wait
?_Xlength_error@std@@YAXPEBD@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ

appxdeploymentclient

ord23
ord25
ord24

api-ms-win-core-path-l1-1-0

PathCchAppend
PathCchCombine

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
TraceMessage
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags

api-ms-win-service-management-l1-1-0

OpenSCManagerW
OpenServiceW
CloseServiceHandle

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

api-ms-win-service-management-l2-1-0

QueryServiceConfigW

api-ms-win-core-memory-l1-1-0

VirtualQuery

winhttp

WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpDetectAutoProxyConfigUrl
WinHttpOpenRequest
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpOpen
WinHttpCrackUrl
WinHttpConnect

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

ntdll

RtlIsMultiSessionSku
RtlPublishWnfStateData
RtlLookupElementGenericTableAvl
RtlInitializeGenericTableAvl
RtlInsertElementGenericTableAvl
RtlAcquireSRWLockExclusive
WinSqmAddToStreamEx
NtQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
WinSqmSetDWORD
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockShared
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlIpv4AddressToStringExW
RtlReleaseSRWLockShared
NtQueryInformationToken
RtlIpv6AddressToStringW
RtlIpv4AddressToStringW
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
WinSqmAddToStream
RtlInitUnicodeString
RtlCompareUnicodeString
RtlFreeUnicodeString
RtlConvertSidToUnicodeString
RtlNtStatusToDosError
RtlAllocateWnfSerializationGroup
RtlQueryWnfStateData
WinSqmIncrementDWORD
WinSqmIsOptedIn
NtClose
NtAdjustPrivilegesToken
NtOpenProcessToken
RtlGetDeviceFamilyInfoEnum
RtlGetVersion
RtlIpv6AddressToStringExW
RtlNtStatusToDosErrorNoTeb
RtlAllocateHeap
RtlFreeHeap

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-shlwapi-winrt-storage-l1-1-1

SHPinDllOfCLSID
ord317
ord448

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-shell-shellcom-l1-1-0

SHCoCreateInstance

api-ms-win-appmodel-runtime-internal-l1-1-0

GetPackageContext
GetPackagePropertyString

api-ms-win-appmodel-state-l1-2-0

GetSystemAppDataKey
OpenStateExplicit
CloseState

api-ms-win-shcore-thread-l1-1-0

GetProcessReference

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_GetSite

sppc

SLpIsCurrentInstalledProductKeyDefaultKey

api-ms-win-core-atoms-l1-1-0

GlobalGetAtomNameW

errordetailscore

FreeErrorDetails
GetErrorDetailsWithContext

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetProxyDllInfo
GetSetting

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 946KB - Virtual size: 946KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/StartTileData.dll
.dll windows:10 windows x64 arch:x64

dc04b594b6adc9aed281d7e5ad85c7ca

Code Sign

33:00:00:04:60:cf:42:a9:12:31:5f:6f:b3:00:00:00:00:04:60
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:85:b8:15:37:5f:c6:c5:0c:67:aa:17:03:05:31:2d:43:81:a7:a1:4f:5c:a1:86:de:e0:ef:cd:56:ba:48:89
Signer

Actual PE Digest

57:85:b8:15:37:5f:c6:c5:0c:67:aa:17:03:05:31:2d:43:81:a7:a1:4f:5c:a1:86:de:e0:ef:cd:56:ba:48:89

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

StartTileData.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__itow_s
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__ui64tow_s
_o__wcsicmp
_o__wcstoi64
_o__wcstoui64
_o__wtoi
memmove
_o_bsearch_s
_o_calloc
_o_ceil
_o_free
_o_iswspace
_o_llroundl
_o_lround
_o_malloc
_o_pow
_o_rand_s
_o_realloc
_o_roundf
_o_roundl
_o_terminate
_o_towupper
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstok_s
_o_wcstol
_o_wcstoul
_o_wcstoull
__C_specific_handler
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__get_errno
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_CxxThrowException
__CxxFrameHandler3
wcschr
wcsstr
strchr
__std_type_info_compare
wcsrchr
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

memset
wcscspn
wcsncmp
wcsspn

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
FreeLibrary
GetProcAddress
FindStringOrdinal
LoadStringW
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW

api-ms-win-core-synch-l1-1-0

ResetEvent
ReleaseMutex
OpenSemaphoreW
CreateSemaphoreExW
CreateEventW
ReleaseSemaphore
CreateMutexExW
CreateEventExW
WaitForSingleObjectEx
InitializeCriticalSectionEx
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObject
InitializeSRWLock
WaitForMultipleObjectsEx

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

SetLastError
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
CreateThread
GetCurrentProcessId
GetCurrentProcess
OpenProcessToken
GetCurrentThreadId
ProcessIdToSessionId
GetProcessId
SetThreadToken
GetCurrentThread
OpenThreadToken

api-ms-win-core-localization-l1-2-0

GetGeoInfoW
GetUserGeoID
GetUserDefaultLCID
FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoFailFastWithErrorContext
SetRestrictedErrorInfo
RoTransformError
RoOriginateErrorW
GetRestrictedErrorInfo

oleaut32

SafeArrayGetDim
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocString
SysFreeString

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventActivityIdControl
EventRegister
EventUnregister
EventSetInformation

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
TrySubmitThreadpoolCallback
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
SetThreadpoolTimer

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsCreateStringReference
WindowsCreateString
WindowsGetStringLen
WindowsStringHasEmbeddedNull
WindowsIsStringEmpty
WindowsCompareStringOrdinal
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsPromoteStringBuffer
WindowsDeleteStringBuffer
WindowsPreallocateStringBuffer
WindowsConcatString

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceExecuteOnce
InitOnceBeginInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemInfo
GetSystemTime
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList
InterlockedFlushSList

api-ms-win-core-com-l1-1-0

CoUninitialize
CoGetMalloc
CoEnableCallCancellation
CoCancelCall
CoCreateGuid
PropVariantClear
CoInitializeEx
CoDisableCallCancellation
StringFromGUID2
IIDFromString
CoMarshalInterThreadInterfaceInStream
CoTaskMemAlloc
CoGetInterfaceAndReleaseStream
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoTaskMemRealloc
CoIncrementMTAUsage
CoWaitForMultipleHandles
CoGetApartmentType
CoReleaseMarshalData
CreateStreamOnHGlobal
CoGetCallContext
CoMarshalInterface
CoDecrementMTAUsage
CoCreateInstance
CoRevertToSelf
CoGetObjectContext
CoGetClassObject

api-ms-win-core-winrt-l1-1-0

RoUninitialize
RoInitialize
RoGetActivationFactory
RoActivateInstance

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFindFileNameW
PathIsFileSpecW
PathGetDriveNumberW
PathUnExpandEnvStringsW
PathFindExtensionW
PathStripPathW
PathIsRelativeW
SHExpandEnvironmentStringsW
PathIsUNCW
PathFileExistsW

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoOriginateLanguageException
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask
SHTaskPoolAllowThreadReuse
SHTaskPoolGetUniqueContext

api-ms-win-security-base-l1-1-0

GetTokenInformation
RevertToSelf
GetAce
DuplicateTokenEx
ImpersonateLoggedOnUser
IsWellKnownSid
EqualSid

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-file-l1-1-0

CreateFileW
GetFileAttributesW
GetFileSize
GetFileAttributesExW
ReadFile
SetEndOfFile
SetFilePointer
SetFileInformationByHandle
FileTimeToLocalFileTime
RemoveDirectoryW
GetFileSizeEx
CreateDirectoryW
CompareFileTime
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceExW
WriteFile
DeleteFileW

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW

api-ms-win-core-registry-l1-1-0

RegDisablePredefinedCacheEx
RegGetValueW
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIW
StrCmpICW

api-ms-win-core-path-l1-1-0

PathCchFindExtension
PathCchCombine
PathAllocCombine
PathCchRemoveFileSpec
PathCchAppend
PathCchRemoveExtension

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

userenv

GetDefaultUserProfileDirectoryW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

ntdll

RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtSetSecurityObject
NtQueryInformationToken
RtlIsMultiSessionSku
RtlGetDeviceFamilyInfoEnum
RtlGetAce
RtlInitUnicodeString
RtlCreateAcl
RtlAllocateHeap
RtlFreeHeap
RtlCompareUnicodeString
RtlLengthSid
RtlQueryInformationAcl
RtlGetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
NtQuerySecurityObject
RtlGetCurrentServiceSessionId
NtQueryWnfStateData
RtlIsMultiUsersInSessionSku
RtlPublishWnfStateData
NtSetInformationFile
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlSubscribeWnfStateChangeNotification
RtlNtStatusToDosErrorNoTeb
RtlAddAce

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask
GetProductInfo

rpcrt4

UuidCreate

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer

api-ms-win-shcore-sysinfo-l1-1-0

IsOS

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-shell-shdirectory-l1-1-0

ord292

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-shcore-path-l1-1-0

ord170

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW
K32QueryWorkingSetEx

api-ms-win-core-memory-l1-1-1

PrefetchVirtualMemory
VirtualUnlock

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-core-memory-l1-1-0

MapViewOfFile
UnmapViewOfFile
FlushViewOfFile
CreateFileMappingW

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabledForPackage

api-ms-win-security-capability-l1-1-0

CapabilityCheck

sspicli

GetUserNameExW

api-ms-win-shcore-unicodeansi-l1-1-0

SHAnsiToUnicode

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_SetSite

api-ms-win-core-localization-l1-2-3

GetUserDefaultGeoName

api-ms-win-eventing-controller-l1-1-0

StartTraceW
ControlTraceW
EnableTraceEx2

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-core-url-l1-1-0

PathIsURLW
ParseURLW

api-ms-win-core-normalization-l1-1-0

GetStringScripts

api-ms-win-appmodel-state-l1-2-0

GetStateFolder
OpenStateExplicit
CloseState

api-ms-win-shell-namespace-l1-1-0

SHCreateItemFromParsingName
SHBindToParent
ILFindLastID
ILClone
SHParseDisplayName
SHCreateItemFromIDList
SHGetIDListFromObject

api-ms-win-storage-exports-internal-l1-1-0

SHGetSpecialFolderLocation

api-ms-win-shlwapi-winrt-storage-l1-1-1

SHSendMessageBroadcastW
ord316
StrRetToStrW

coremessaging

CoreUICreate

api-ms-win-storage-exports-external-l1-1-0

STORAGE_ClearDestinationsForAllApps

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

msvcp_win

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_wait
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_XGetLastError@std@@YAXXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
_Cnd_broadcast
_Mtx_destroy_in_situ
_Cnd_destroy_in_situ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
_Cnd_init_in_situ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@G@std@@QEBA_NFG@Z
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
??Bid@locale@std@@QEAA_KXZ
_Wcsxfrm
_Wcscoll
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@G@std@@QEBAGG@Z
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?widen@?$ctype@G@std@@QEBAGD@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?classic@locale@std@@SAAEBV12@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?in@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAG3AEAPEAG@Z
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?_Xbad_function_call@std@@YAXXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?swap@?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXAEAV12@@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?id@?$collate@G@std@@2V0locale@2@A
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?id@?$ctype@G@std@@2V0locale@2@A
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
_Mtx_init_in_situ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

bcp47langs

GetUserLanguages

combase

ord148
ord168
ord154
ord147

shcore

ord200
ord191
ord190
SHUnicodeToAnsi
IUnknown_QueryService
ord123
ord213
ord270
SHStrDupA

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
GetSetting
HasMigratedTDLData
TryMigrateTDLData

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/SystemSettingsThresholdAdminFlowUI.dll
.dll windows:10 windows x64 arch:x64

e1a202740ad09b9119fe6ad036fb9473

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

SystemSettingsThresholdAdminFlowUI.pdb

Imports

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer
EventActivityIdControl

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceBeginInitialize
InitOnceExecuteOnce

api-ms-win-core-com-l1-1-0

CoTaskMemRealloc
CoTaskMemAlloc
CoGetApartmentType
CoGetObjectContext
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
PropVariantClear
CoTaskMemFree
CoCreateInstance

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
OpenProcessToken
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
OpenThreadToken
TerminateProcess

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleW
FreeLibrary
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

CreateMutexExW
CreateEventExW
ResetEvent
WaitForSingleObjectEx
ReleaseMutex
ReleaseSRWLockShared
OpenSemaphoreW
InitializeSRWLock
AcquireSRWLockShared
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreExW
ReleaseSRWLockExclusive
InitializeCriticalSectionEx
AcquireSRWLockExclusive
DeleteCriticalSection
SetWaitableTimer
EnterCriticalSection
LeaveCriticalSection
SetEvent

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
GetStringTypeW
CompareStringEx

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-core-file-l1-1-0

GetDiskFreeSpaceExW
CreateDirectoryW
FindFirstFileW
FindClose

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegGetValueW
RegSetValueExW
RegCloseKey
RegUnLoadKeyW
RegLoadKeyW

wkscli

NetUnjoinDomain
NetGetJoinInformation
NetRenameMachineInDomain
NetJoinDomain
NetValidateName

netutils

NetpwNameValidate
NetApiBufferFree

oleaut32

SysAllocString
SysFreeString

samcli

NetUserEnum
NetUserGetInfo
NetUserSetInfo
NetLocalGroupDelMembers
NetLocalGroupGetMembers
NetLocalGroupAddMembers

api-ms-win-security-lsalookup-l2-1-0

LookupAccountSidW
LookupPrivilegeValueW
LookupAccountNameW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSidToSidW

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsConcatString
WindowsStringHasEmbeddedNull
WindowsCreateString
WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsCreateStringReference
WindowsDeleteString
WindowsCompareStringOrdinal
WindowsDuplicateString

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
GetCommandLineW

api-ms-win-core-sysinfo-l1-1-0

GetComputerNameExW
GetTickCount
GetSystemTimeAsFileTime
SetLocalTime

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-security-base-l1-1-0

AllocateAndInitializeSid
FreeSid
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
GetLengthSid
CheckTokenMembership
DuplicateToken
CreateWellKnownSid

sspicli

LsaDeregisterLogonProcess
LsaConnectUntrusted
LsaLookupAuthenticationPackage

api-ms-win-core-shutdown-l1-1-0

InitiateSystemShutdownExW

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW

api-ms-win-security-logon-l1-1-1

LogonUserW

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus

ntdll

RtlPublishWnfStateData
RtlGetDeviceFamilyInfoEnum
RtlUnsubscribeWnfNotificationWaitForCompletion
NtQueryInformationToken
RtlCanonicalizeDomainName
RtlFreeUnicodeString
RtlEqualUnicodeString
RtlInitUnicodeString

shlwapi

StrCmpW
ord158
StrFormatByteSizeW
StrChrW

shell32

SHCreateItemFromParsingName
SHGetKnownFolderPath
ShellExecuteExW
CommandLineToArgvW
SHGetSpecialFolderPathW
SHCreateItemInKnownFolder

advapi32

CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptGenRandom
CryptAcquireContextW
GetUserNameW
CryptReleaseContext
LsaLookupSids
LsaClose
LsaOpenPolicy
LsaLookupNames2
LsaNtStatusToWinError
LsaFreeMemory

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

propsys

PSPropertyBag_WriteStr
PSCreateMemoryPropertyStore
PropVariantToStringAlloc

appxdeploymentclient

ord30

winbrand

BrandingFormatString
BrandingLoadString
BrandingLoadStringForEdition

shcore

SHRegGetValueW
SHTaskPoolQueueTask
CreateRandomAccessStreamOverStream
ord244

dismapi

DismDelete
_DismGetProvisionedAppxPackages
DismCloseSession
DismInitialize
DismOpenSession

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

kernel32

MoveFileExW
FindNextFileW
RemoveDirectoryW
Sleep
OOBEComplete
GetVersionExW
DnsHostnameToComputerNameW
DnsHostnameToComputerNameExW
WideCharToMultiByte
SetComputerNameExW
SetComputerNameEx2W
lstrcmpiW
LocalAlloc
OutputDebugStringA
MultiByteToWideChar
CreateTimerQueueTimer
DeleteTimerQueueTimer
DeleteFileW

msvcrt

__pctype_func
_ismbblead
___lc_codepage_func
___lc_handle_func
___mb_cur_max_func
_unlock
_lock
setlocale
memmove
memcpy
??0exception@@QEAA@AEBQEBDH@Z
_CxxThrowException
wcslen
memset
vsprintf_s
fputs
wprintf
__C_specific_handler
wcsncmp
malloc
wcstok_s
towlower
__crtCompareStringW
__crtLCMapStringW
iswupper
iswascii
wcschr
wcsrchr
wcstol
___lc_collate_cp_func
ldexp
localeconv
_wgetenv
abort
wcsspn
wcscspn
_get_errno
_set_errno
memcmp
__uncaught_exception
isspace
tolower
__ExceptionPtrRethrow
wcsstr
_vsnprintf_s
realloc
strchr
?terminate@@YAXXZ
__ExceptionPtrCreate
__ExceptionPtrCurrentException
__ExceptionPtrCopy
free
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
_vsnwprintf
memmove_s
_wcsicmp
memcpy_s
_wsetlocale
isalnum
isdigit
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_purecall
__CxxFrameHandler3
calloc
_errno
memchr
_wtoi
__dllonexit
_onexit
??1type_info@@UEAA@XZ
_XcptFilter
_amsg_exit
_wcsdup
_initterm
__iob_func
__ExceptionPtrDestroy
ceil

wincorlib

?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
??0Delegate@Platform@@QE$AAA@XZ
??0ChangedStateException@Platform@@QE$AAA@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?TerminateModule@Details@Platform@@YA_NPEAVModuleBase@1WRL@Microsoft@@@Z
?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z
??0DisconnectedException@Platform@@QE$AAA@XZ
?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z
??0InvalidArgumentException@Platform@@QE$AAA@XZ
??0FailureException@Platform@@QE$AAA@XZ
??0OutOfMemoryException@Platform@@QE$AAA@XZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?CreateException@Exception@Platform@@SAPE$AAV12@H@Z
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
??0NotImplementedException@Platform@@QE$AAA@XZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
??0Object@Platform@@QE$AAA@XZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
??0Exception@Platform@@QE$AAA@H@Z
?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z
?GetActivationFactory@Details@Platform@@YAJPEAVModuleBase@1WRL@Microsoft@@PEAUHSTRING__@@PEAPEAUIActivationFactory@@@Z
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
??BType@Platform@@SA?AVTypeName@Interop@Xaml@UI@Windows@@PE$AAV01@@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?__abi_FailFast@@YAXXZ
??0OutOfBoundsException@Platform@@QE$AAA@XZ
?ReCreateFromException@Details@Platform@@YAJPE$AAVException@2@@Z

ole32

CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoGetMalloc
CoEnableCallCancellation
CoWaitForMultipleHandles
CoDisableCallCancellation
CoGetObject
CreateBindCtx
CoCancelCall
StringFromGUID2

dnsapi

DnsValidateName_W

api-ms-win-core-string-l2-1-0

CharUpperW

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError

userenv

ExpandEnvironmentStringsForUserW

api-ms-win-core-path-l1-1-0

PathCchCanonicalize
PathAllocCombine
PathCchAppend

api-ms-win-devices-config-l1-1-1

CM_Get_Device_IDW

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessageVa

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

user32

GetForegroundWindow
GetKeyboardLayout
MsgWaitForMultipleObjects

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList

api-ms-win-appmodel-unlock-l1-1-0

SetIsDeveloperModeEnabled
IsDeveloperModePolicyApplied

api-ms-win-security-accesshlpr-l1-1-0

FreeTransientObjectSecurityDescriptor
QueryTransientObjectSecurityDescriptor

Exports

Exports

AddDomainUserPage_CreateInstance
CamSystemGlobalSwitch_CreateInstance
ChangeKbLayoutPage_CreateInstance
DeveloperModePage_CreateInstance
DeviceDiscoveryUnpairAllDevicesPage_CreateInstance
DeviceEncryptionPage_CreateInstance
DevicePortalAuthenticationPage_CreateInstance
DevicePortalSetAuthenticationPage_CreateInstance
DisableUserPage_CreateInstance
DllCanUnloadNow
DllGetActivationFactory
EditUserPage_CreateInstance
EnableUserPage_CreateInstance
EnterProductKeyPage_CreateInstance
FeaturedResetPCPage_CreateInstance
HolographicUninstallPage_CreateInstance
InitializeXamlCustomResourceLoader
InitializeXamlRuntime
JoinDomainPage_CreateInstance
LeaveDomainPage_CreateInstance
LockdownAppPage_CreateInstance
LockdownUserPage_CreateInstance
ManageExclusionPage_CreateInstance
RemoteDesktopPage_CreateInstance
RemoveUserPage_CreateInstance
RenamePCPage_CreateInstance
ResetPCPage_CreateInstance
RetailDemoConfirmPage_CreateInstance
SetDateTimePage_CreateInstance
SetFindMyDevicePage_CreateInstance
SetGeolocationMasterPage_CreateInstance
SurfaceHubDeveloperModePage_CreateInstance
TroubleshootActivationPage_CreateInstance
UnblockSimPinPage_CreateInstance
UninitializeXamlCustomResourceLoader
UninitializeXamlRuntime
UninstallOSPage_CreateInstance

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/UIRibbon.dll
.dll windows:10 windows x64 arch:x64

cebc1c2101dd88c6978cbe22bd573baf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

UIRibbon.pdb

Imports

msvcrt

log
log10
logf
memcmp
memcpy
memmove
memset
pow
sin
sinf
sqrt
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
_initterm
_amsg_exit
_XcptFilter
wcsncmp
wcsrchr
qsort
fmod
swprintf_s
fclose
fopen
fwprintf
wcstoul
_resetstkoflw
strstr
_wcsupr
fgets
iswascii
iswprint
wcstok
floor
expf
cosf
cos
ceilf
ceil
__RTDynamicCast
free
_isnan
_finite
_wtoi
memcpy_s
_vsnwprintf
realloc
_purecall
__C_specific_handler
_callnewh
malloc
floorf
sqrtf

advapi32

IsTextUnicode
RegSetKeyValueW
RegGetValueW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
EventWriteTransfer
EventSetInformation
EventRegister
EventUnregister
UnregisterTraceGuids
TraceEvent
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle

gdi32

SetBitmapBits
RealizePalette
SetMapMode
DeleteEnhMetaFile
OffsetRgn
ScriptBreak
GetTextMetricsW
CreateDIBPatternBrushPt
LPtoDP
PatBlt
Ellipse
CreatePolygonRgn
SetViewportOrgEx
GetBkColor
GetTextColor
CreateDCW
SetLayout
GetDCOrgEx
RectVisible
GetSystemPaletteEntries
SelectPalette
ScriptItemize
DeleteObject
GetObjectType
GetObjectW
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
SelectObject
SetBkColor
SetTextColor
CreateSolidBrush
DeleteDC
CreateRectRgn
CombineRgn
FillRgn
CreateBitmap
BitBlt
CreatePatternBrush
GetStockObject
CreateDCA
GetDeviceCaps
ExtTextOutA
GetPixel
GetClipBox
CreateCompatibleBitmap
GetDIBits
SetDIBitsToDevice
GetCurrentObject
GetObjectA
GetDIBColorTable
SetDIBColorTable
StretchDIBits
SetBkMode
CreateFontIndirectA
SetDIBits
CreateDIBitmap
SetStretchBltMode
StretchBlt
GetViewportOrgEx
GetWindowOrgEx
SetPixel
GdiAlphaBlend
GdiTransparentBlt
GdiGradientFill
GetClipRgn
ExtSelectClipRgn
SelectClipRgn
GetLayout
CreateRoundRectRgn
SetWindowOrgEx
IntersectClipRect
SetTextAlign
GetTextAlign
ExcludeClipRect
ExtTextOutW
SetDCBrushColor
GetBrushOrgEx
SetBrushOrgEx
PlayEnhMetaFile
SaveDC
RestoreDC
GetTextExtentPoint32W
GetEnhMetaFileHeader
CreatePen
MoveToEx
LineTo
EqualRgn
SetRectRgn

kernel32

QueryDepthSList
GetFileAttributesA
DeleteFileA
ExpandEnvironmentStringsW
GetFullPathNameW
GetModuleHandleA
IsProcessorFeaturePresent
LoadLibraryExA
EncodePointer
DecodePointer
FlushInstructionCache
GetLocaleInfoA
IsDBCSLeadByte
IsWow64Process2
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
lstrcmpW
InterlockedPopEntrySList
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
HeapFree
GetProcessHeap
CloseHandle
SetLastError
GetLastError
GetProcAddress
GetModuleHandleExW
GetVersionExW
GetModuleHandleW
FormatMessageW
GetCurrentThreadId
HeapAlloc
GetModuleFileNameA
DebugBreak
IsDebuggerPresent
OutputDebugStringW
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
WaitForSingleObject
OpenSemaphoreW
GetCurrentProcessId
CreateMutexExW
CreateSemaphoreExW
FindAtomW
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemInfo
TlsGetValue
TlsAlloc
TlsFree
TlsSetValue
CompareStringOrdinal
GetLocaleInfoW
GetNumberFormatW
GetUserDefaultLCID
CompareStringW
ReleaseSRWLockShared
AcquireSRWLockShared
RaiseException
CreateEventW
CompareStringEx
SetEvent
ResetEvent
CreateThread
SetThreadPriority
GetCurrentThread
FreeLibraryAndExitThread
GetThreadPriority
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
FreeLibrary
GetSystemDirectoryW
DeactivateActCtx
LoadLibraryW
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
GetModuleFileNameW
QueryActCtxW
OutputDebugStringA
GetVersionExA
VirtualFree
LoadLibraryA
GetUserDefaultLangID
InitOnceBeginInitialize
InitOnceComplete
Sleep
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
SizeofResource
MulDiv
GetACP
WideCharToMultiByte
CreateFileW
GetFileType
GlobalMemoryStatusEx
FindResourceW
InitOnceExecuteOnce
InitializeSRWLock
MultiByteToWideChar
GlobalAddAtomW
GetModuleHandleExA
WaitForMultipleObjects
ResolveDelayLoadedAPI
DelayLoadFailureHook
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
InterlockedPushEntrySList
SetProcessWorkingSetSize
GetStringTypeExW
GetAtomNameW
AddAtomW
DeleteAtom
WriteFile
InitializeCriticalSectionAndSpinCount
GetFileSize
ReadFile
HeapCreate
HeapReAlloc
GetFileAttributesW
InitializeSListHead
InterlockedFlushSList
GetSystemTimeAsFileTime

ole32

CoInitialize
CLSIDFromString
CoLockObjectExternal
OleDraw
OleUninitialize
CoUninitialize
CoInitializeEx
CoDisconnectObject
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
PropVariantCopy
PropVariantClear
RevokeDragDrop

user32

PostMessageW
IsIconic
GetClientRect
SetWindowsHookExW
UnhookWindowsHookEx
TranslateMessage
DispatchMessageW
GetPropW
SendMessageW
CallNextHookEx
MonitorFromRect
SetTimer
KillTimer
LoadStringW
LoadImageW
GetSysColor
FillRect
DrawTextW
GetAsyncKeyState
CreateWindowExW
DefWindowProcW
LoadIconW
GetWindowThreadProcessId
RegisterClassW
ClientToScreen
BeginPaint
EndPaint
InvalidateRect
TrackMouseEvent
SetCapture
ReleaseCapture
GetSystemMetrics
LoadCursorA
RegisterWindowMessageA
GetProcessDefaultLayout
SystemParametersInfoA
GetMonitorInfoA
EnumDisplayMonitors
GetSysColorBrush
IntersectRect
GetSystemMetricsForDpi
LogicalToPhysicalPointForPerMonitorDPI
SetThreadDpiAwarenessContext
MonitorFromPoint
GetClassInfoExW
RegisterClassExW
EnableWindow
GetParent
GetKeyState
GetClassLongA
UnregisterClassA
GetFocus
SendMessageA
DestroyWindow
PostQuitMessage
WaitMessage
IsWindowVisible
AdjustWindowRectEx
GetWindowLongA
GetWindowRect
SetWindowPos
SetWindowLongW
SetRect
IsRectEmpty
IsChild
GetSystemMenu
GetWindowPlacement
EnableMenuItem
OffsetRect
SetWindowTextW
UnregisterClassW
MessageBeep
EqualRect
SetLayeredWindowAttributes
MapWindowPoints
MoveWindow
PtInRect
PostMessageA
InflateRect
IsWindowUnicode
SendMessageTimeoutW
SendMessageTimeoutA
SetWindowTextA
AppendMenuW
EnumThreadWindows
EnumWindows
GetClassNameA
GetWindow
MonitorFromWindow
CallWindowProcW
GetDC
SetWindowLongPtrA
GetActiveWindow
WindowFromPoint
GetCursorPos
ScreenToClient
SetParent
NotifyWinEvent
SetFocus
GetClassNameW
DeferWindowPos
AnimateWindow
SetCursor
DefWindowProcA
GetWindowTextW
PeekMessageA
PeekMessageW
GetMessageW
MsgWaitForMultipleObjects
GetMessagePos
GetForegroundWindow
SystemParametersInfoW
GetKeyboardLayout
LoadImageA
UpdateWindow
GetDoubleClickTime
IsWindowEnabled
SetForegroundWindow
GetPropA
UnionRect
BeginDeferWindowPos
GetCapture
SetWindowsHookExA
RedrawWindow
EndDeferWindowPos
SetWindowRgn
CopyRect
UpdateLayeredWindow
GetClassLongPtrA
IsMenu
GetClassInfoA
GetWindowDC
ValidateRect
LockWindowUpdate
TrackPopupMenuEx
SetPropW
RemovePropW
FrameRect
VkKeyScanExW
RegisterWindowMessageW
IsProcessDPIAware
DestroyIcon
GetTitleBarInfo
SetRectEmpty
GetWindowInfo
IsZoomed
InternalGetWindowText
DrawIconEx
DrawFrameControl
DrawTextExW
DrawEdge
GetIconInfo
CreateIconIndirect
GetClassLongW
GetMessageTime
DrawFocusRect
GetWindowTextLengthW
CreatePopupMenu
DestroyMenu
InvertRect
GetMonitorInfoW
IsWinEventHookInstalled
ChildWindowFromPointEx
GetKeyboardState
GetWindowLongPtrW
SetWindowLongPtrW
SetMenu
ord2707
IsTopLevelWindow
ord2706
ord2705
ord2704
ord2559
RegisterSystemThread
IsWindowInDestroy
ShowWindow
GetWindowLongPtrA
GetWindowLongW
GetDesktopWindow
GetAncestor
IsWindow
CopyImage
ReleaseDC
LoadCursorW
LoadBitmapA

shell32

ShellExecuteW

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetClipRect
GdipDrawImageRectRect
GdiplusShutdown
GdipFillRectangle
GdipCreateRegion
GdipGetClip
GdipIsClipEmpty
GdipSetClipRegion
GdipDeleteRegion
GdipDeletePen
GdipCreateMatrix
GdipDeleteMatrix
GdipSetCompositingMode
GdipGetCompositingMode
GdipSetCompositingQuality
GdipCreateBitmapFromFile
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdipSetTextContrast
GdipGetTextContrast
GdipSetTextRenderingHint
GdipGetTextRenderingHint
GdipGetWorldTransform
GdipTranslateRegionI
GdipSetWorldTransform
GdipGetDC
GdipReleaseDC
GdipResetWorldTransform
GdipCreateMatrix2
GdipSaveGraphics
GdipRestoreGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipImageRotateFlip
GdipCloneBitmapAreaI
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipBitmapGetPixel
GdipGetImageHeight
GdipGetCompositingQuality
GdipGetImageWidth

xmllite

CreateXmlReader
CreateXmlWriter

oleaut32

VarDecAdd
VarDecInt
VarDecRound
VarI4FromStr
VarBstrFromI4
VarDecSu
VarDecMul
VarDecDiv
VarCmp
VariantChangeTypeEx
VarDecFromR8
VariantInit
VariantChangeType
VariantCopy
OleCreateFontIndirect
VariantClear
SetErrorInfo
SysAllocStringLen
SysStringLen
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayGetElement
SafeArrayCopy
SafeArrayGetVartype
VarBstrFromDec
VarDecFromStr
VarUI4FromDec
VarDecFromI4
VarDecCmp
SysAllocString
SysFreeString
SafeArrayDestroy
SafeArrayCreateVector

api-ms-win-core-path-l1-1-0

PathCchAppend
PathCchRemoveFileSpec

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bootdat
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Windows.AI.MachineLearning.dll
.dll windows:6 windows x64 arch:x64

372d113682de847d64474ef61656edc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

windows.ai.machinelearning.pdb

Imports

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleFileNameA
LoadLibraryExA
GetModuleHandleExW
FreeLibrary
DisableThreadLibraryCalls
GetModuleHandleW

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceBeginInitialize
InitOnceComplete
SleepConditionVariableSRW
InitOnceExecuteOnce
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ResetEvent
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockShared
CreateEventW
AcquireSRWLockShared
WaitForSingleObject
InitializeCriticalSectionEx
ReleaseMutex
InitializeSRWLock
CreateSemaphoreExW
InitializeCriticalSection
EnterCriticalSection
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
DeleteCriticalSection
OpenSemaphoreW
CreateMutexExW
LeaveCriticalSection
SetEvent

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
GetLastError
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
GetProcessTimes
GetCurrentProcess
TerminateProcess
GetExitCodeThread

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventWriteTransfer
EventRegister
EventUnregister

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
GetCPInfo
LCMapStringEx
FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringA
DebugBreak
OutputDebugStringW

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetLogicalProcessorInformation
GetSystemTimeAsFileTime
GetSystemInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateString
WindowsDuplicateString
WindowsCreateStringReference
WindowsGetStringLen
WindowsPromoteStringBuffer
WindowsStringHasEmbeddedNull
WindowsPreallocateStringBuffer
WindowsDeleteStringBuffer
WindowsIsStringEmpty
WindowsGetStringRawBuffer

api-ms-win-core-string-l1-1-0

CompareStringEx
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoIncrementMTAUsage
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW
RoTransformError
SetRestrictedErrorInfo
GetRestrictedErrorInfo

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualAlloc
VirtualProtect
VirtualFree

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryA
LoadLibraryW

api-ms-win-crt-string-l1-1-0

strcmp
_wcsdup
isalpha
isdigit
isupper
islower
_towlower_l
_towupper_l
__strncnt
wcsnlen
_stricmp
_wcsicmp
strcspn
memset
isspace
iswspace
tolower

api-ms-win-crt-runtime-l1-1-0

_set_errno
abort
_invalid_parameter_noinfo
_beginthreadex
strerror_s
fesetround
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_invalid_parameter_noinfo_noreturn
_get_errno

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsprintf_s
ungetc
setvbuf
fsetpos
fread
fputc
_wsopen_s
_get_stream_buffer_pointers
__stdio_common_vsnprintf_s
__acrt_iob_func
_fsopen
fflush
_wfsopen
_fseeki64
fgetpos
__stdio_common_vfprintf
__stdio_common_vsprintf
_read
fgetc
_close
_sopen_s
fclose
fwrite

api-ms-win-crt-heap-l1-1-0

_malloc_base
_realloc_base
_aligned_malloc
_calloc_base
free
calloc
_free_base
malloc
_callnewh
_aligned_free

api-ms-win-crt-locale-l1-1-0

___lc_locale_name_func
___lc_collate_cp_func
___mb_cur_max_func
_create_locale
_lock_locales
_unlock_locales
localeconv
setlocale
_free_locale
___lc_codepage_func
__pctype_func

api-ms-win-crt-math-l1-1-0

powf
sinf
pow
sinhf
sqrt
logf
acoshf
ceil
atanf
sqrtf
atanhf
ldexp
tanf
asinf
acosf
tanhf
coshf
exp
expf
floorf
log2
tanh
roundf
fmod
fmodf
asinhf
nearbyintf
log
fmaxf
cosf
_fdtest
log2f
_dtest
ceilf
frexp

api-ms-win-crt-time-l1-1-0

wcsftime
_Wcsftime
_W_Getmonths
_mktime64
_localtime64_s
_gmtime64_s
_difftime64
_W_Getdays
_Getdays
_Strftime
_Getmonths
_Gettnames
_W_Gettnames

api-ms-win-crt-convert-l1-1-0

_strtoi64
strtoll
strtoul
strtof
strtoull
strtol
strtod

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-private-l1-1-0

strchr
__std_type_info_destroy_list
__processing_throw
__AdjustPointer
__current_exception
__uncaught_exception
strstr
__RTtypeid
__std_type_info_name
__std_type_info_compare
__std_terminate
memchr
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
_CxxThrowException
memcpy
memmove
memcmp
__C_specific_handler

ext-ms-win-dxcore-l1-1-0

DXCoreCreateAdapterFactory

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlPcToFileHeader
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetSystemTimePreciseAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList

api-ms-win-core-file-l1-1-0

CreateFileW
SetFilePointerEx
ReadFile
GetFileSizeEx

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
CloseThreadpoolWork
TrySubmitThreadpoolCallback

oleaut32

SysFreeString
SysStringLen

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-com-l1-1-1

RoGetAgileReference

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
MLCreateOperatorRegistry

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Windows.Data.Pdf.dll
.dll windows:10 windows x64 arch:x64

e9a2028f23215ae4d9747d3a0b68e686

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Windows.Data.Pdf.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__itoa_s
_o__mktime64
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__stricmp
_o__ui64toa_s
_o__ultoa_s
_o__wcsicmp
memmove
_o__wtof
_o__wtoi
_o_acos
_o_bsearch
_o_cos
_o_exit
_o_floor
_o_fmod
_o_free
_o_isalpha
_o_isdigit
_o_isspace
_o_iswupper
_o_isxdigit
_o_ldexp
_o_log10
_o_log2
_o_malloc
_o_memcpy_s
_o_pow
_o_powf
_o_qsort
_o_rand_s
_o_realloc
_o_sin
_o_strtod
_o_strtof
_o_strtol
_o_terminate
_o_towlower
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__hypotf
__std_type_info_compare
_o__fcvt_s
_o__execute_onexit_table
_o__errno
_o__dtest
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfwprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
__std_terminate
__CxxFrameHandler4
memchr
memcmp
memcpy
strchr

api-ms-win-crt-string-l1-1-0

strnlen
strncmp
wcsncmp
wcscmp
wcsnlen
memset

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream
CreateStreamOverRandomAccessStream

api-ms-win-shcore-obsolete-l1-1-0

SHStrDupW

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolGetUniqueContext
SHTaskPoolQueueTask
SHTaskPoolAllowThreadReuse

api-ms-win-shcore-stream-l1-1-0

SHCreateMemStream

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
SizeofResource
DisableThreadLibraryCalls
LoadResource
LockResource
LoadLibraryExW
LoadStringW
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
FreeLibrary

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-com-l1-1-0

CoWaitForMultipleHandles
StringFromGUID2
CoCreateInstanceFromApp
CoCreateInstance
CoTaskMemRealloc
CoCreateGuid
CoMarshalInterface
PropVariantClear
CreateStreamOnHGlobal
CoTaskMemFree
CoGetApartmentType
CoCreateFreeThreadedMarshaler
PropVariantCopy
CoReleaseMarshalData
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FindNLSStringEx
FormatMessageW

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoOriginateErrorW
RoOriginateError
RoFailFastWithErrorContext
RoTransformError

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
AcquireSRWLockShared
CreateEventW
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
CreateSemaphoreExW
ReleaseMutex
CreateMutexExW
ResetEvent
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ReleaseSRWLockShared
EnterCriticalSection
LeaveCriticalSection
CreateEventExW
OpenSemaphoreW
WaitForSingleObject
WaitForMultipleObjectsEx
WaitForSingleObjectEx

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeConditionVariable
InitOnceBeginInitialize
InitOnceExecuteOnce
InitOnceInitialize
InitOnceComplete
InitializeConditionVariable

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventSetInformation
EventActivityIdControl
EventRegister

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-winrt-string-l1-1-0

WindowsPromoteStringBuffer
WindowsPreallocateStringBuffer
WindowsDuplicateString
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull
WindowsCompareStringOrdinal
WindowsGetStringRawBuffer
WindowsCreateString
WindowsDeleteString
HSTRING_UserSize
WindowsDeleteStringBuffer
HSTRING_UserMarshal
WindowsCreateStringReference
HSTRING_UserUnmarshal64
HSTRING_UserUnmarshal
HSTRING_UserMarshal64
HSTRING_UserFree
HSTRING_UserSize64
HSTRING_UserFree64

rpcrt4

CStdStubBuffer_DebugServerRelease
NdrOleFree
NdrCStdStubBuffer_Release
NdrOleAllocate
NdrCStdStubBuffer2_Release
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
NdrStubForwardingFunction
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
NdrDllCanUnloadNow
CStdStubBuffer_CountRefs
NdrDllGetClassObject
NdrStubCall3

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient17
ObjectStublessClient26
ObjectStublessClient28
ObjectStublessClient27
ObjectStublessClient9
CStdStubBuffer2_Connect
ObjectStublessClient8
ObjectStublessClient6
ObjectStublessClient10
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
ObjectStublessClient24
ObjectStublessClient19
ObjectStublessClient3
ObjectStublessClient13
ObjectStublessClient7
ObjectStublessClient21
NdrProxyForwardingFunction3
CStdStubBuffer2_Disconnect
ObjectStublessClient23
ObjectStublessClient25
CStdStubBuffer2_CountRefs
ObjectStublessClient15
ObjectStublessClient20
ObjectStublessClient18
ObjectStublessClient22
ObjectStublessClient16
ObjectStublessClient11
ObjectStublessClient12
ObjectStublessClient14
CStdStubBuffer2_QueryInterface

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
RaiseException
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetTickCount

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo

api-ms-win-core-string-l1-1-0

GetStringTypeExW
MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo

api-ms-win-security-base-l1-1-0

GetTokenInformation

oleaut32

VariantInit
SysAllocString
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCopy
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayRedim
SafeArrayAccessData
SysFreeString
SysAllocStringLen

api-ms-win-core-url-l1-1-0

UrlIsW

api-ms-win-core-shlwapi-legacy-l1-1-0

PathIsUNCW

d2d1

ord13
ord2
ord1
ord4
ord5

d3d11

D3D11CreateDevice

dwrite

DWriteCreateFactory

ntdll

RtlGetDeviceFamilyInfoEnum
NtQueryInformationProcess

propsys

InitPropVariantFromFileTime
ord436

api-ms-win-core-winrt-robuffer-l1-1-0

RoGetBufferMarshaler

msvcp_win

_Wcsxfrm
_Wcscoll
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@G@std@@QEBA_NFG@Z
?id@?$ctype@G@std@@2V0locale@2@A
?id@?$collate@G@std@@2V0locale@2@A
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
?tolower@?$ctype@G@std@@QEBAGG@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setf@ios_base@std@@QEAAHH@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??Bios_base@std@@QEBA_NXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?widen@?$ctype@G@std@@QEBAGD@Z
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA_N_N@Z
??1facet@locale@std@@MEAA@XZ
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?flags@ios_base@std@@QEBAHXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?width@ios_base@std@@QEAA_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setf@ios_base@std@@QEAAHHH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xlength_error@std@@YAXPEBD@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?width@ios_base@std@@QEBA_JXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
??0_Lockit@std@@QEAA@H@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??1_Lockit@std@@QEAA@XZ
??1_Locinfo@std@@QEAA@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??7ios_base@std@@QEBA_NXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?is@?$ctype@D@std@@QEBA_NFD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
_Strxfrm
_Strcoll
?id@?$collate@D@std@@2V0locale@2@A
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?eof@ios_base@std@@QEBA_NXZ
?bad@ios_base@std@@QEBA_NXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QEBA_JXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uncaught_exception@std@@YA_NXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??0facet@locale@std@@IEAA@_K@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?fail@ios_base@std@@QEBA_NXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?good@ios_base@std@@QEBA_NXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

api-ms-win-crt-math-l1-1-0

_finite
atan2f
atanf
ceilf
cosf
floorf
fmodf
log10f
logf
sinf
sqrtf
_isnan

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

cabinet

ord45
ord43
ord40

api-ms-win-core-normalization-l1-1-0

IsNormalizedString
NormalizeString

dxgi

CreateDXGIFactory1

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
PdfCreateRenderer

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Windows.Media.dll
.dll windows:10 windows x64 arch:x64

49b5daf58ba9f2f96120673a5efacb4f

Code Sign

33:00:00:04:60:cf:42:a9:12:31:5f:6f:b3:00:00:00:00:04:60
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:8f:05:49:b7:3c:a6:d7:aa:14:15:f9:ac:40:35:64:da:64:0c:41:49:e4:95:63:e0:0d:f1:31:0d:fa:f8:f6
Signer

Actual PE Digest

d4:8f:05:49:b7:3c:a6:d7:aa:14:15:f9:ac:40:35:64:da:64:0c:41:49:e4:95:63:e0:0d:f1:31:0d:fa:f8:f6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Windows.Media.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__gmtime32
_o__i64toa_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__ltoa_s
_o__ltow_s
_o__mkgmtime32
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__strdup
_o__stricmp
_o__strnicmp
_o__strtoui64
_o__ui64tow_s
_o__ultoa_s
_o__ultow_s
_o__wcsicmp
memmove
_o__wcslwr_s
_o__wcsnicmp
_o__wcstoui64
_o__wtoi
_o__wtoi64
_o_atof
_o_atoi
_o_atol
_o_calloc
_o_free
_o_isdigit
_o_isspace
_o_iswalpha
_o_iswdigit
_o_iswspace
_o_malloc
_o_memcpy_s
_o_qsort
_o_rand
_o_realloc
_o_srand
_o_strncpy_s
_o_strtok_s
_o_strtoul
_o_terminate
_o_tolower
_o_toupper
_o_towlower
_o_towupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstok_s
_o_wcstol
__CxxFrameHandler3
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__gcvt_s
_o__atoi64
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__execute_onexit_table
_o__errno
wcsstr
wcschr
wcsrchr
strstr
strchr
__C_specific_handler
__std_terminate
__CxxFrameHandler4
_CxxThrowException
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

strncmp
strnlen
wcsncmp
memmove_s
wcscmp
strcmp
memset
wcscspn

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
FreeLibraryAndExitThread
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
LoadLibraryExW
FreeLibrary
GetModuleHandleExW
GetModuleFileNameA

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapReAlloc
GetProcessHeap
HeapFree

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
TlsGetValue
GetCurrentThreadId
OpenProcessToken
GetCurrentProcessId
GetProcessId
CreateThread
TlsSetValue
SetThreadPriority
ResumeThread
GetCurrentThread
TlsAlloc
GetThreadPriority

api-ms-win-core-localization-l1-2-0

FormatMessageW
IsValidLocaleName

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventProviderEnabled
EventRegister
EventSetInformation
EventWriteTransfer
EventActivityIdControl

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
RaiseException
SetLastError
UnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

TryAcquireSRWLockExclusive
CreateSemaphoreExW
CreateWaitableTimerExW
CreateEventExW
WaitForSingleObject
InitializeCriticalSectionEx
ReleaseSemaphore
WaitForMultipleObjectsEx
ReleaseMutex
LeaveCriticalSection
AcquireSRWLockShared
SetWaitableTimer
EnterCriticalSection
SetEvent
CreateEventW
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
DeleteCriticalSection
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
InitializeCriticalSection

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceExecuteOnce
Sleep
InitOnceBeginInitialize

rpcrt4

NdrOleAllocate
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
CStdStubBuffer_DebugServerRelease
NdrDllGetClassObject
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
NdrStubCall3
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
UuidFromStringW
NdrCStdStubBuffer2_Release
NdrOleFree
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent
GetProcessMitigationPolicy

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
GetTickCount64
GetLocalTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
GetTokenInformation

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrSpnW
StrCmpCW
StrChrW
StrStrIW
StrTrimW
QISearch

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegGetValueW
RegOpenKeyExW
RegCloseKey

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToFileTime

api-ms-win-core-url-l1-1-0

UrlHashW

api-ms-win-core-path-l1-1-0

PathIsUNCEx
PathCchFindExtension

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
TrySubmitThreadpoolCallback
CloseThreadpoolTimer
CallbackMayRunLong

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-heap-l2-1-0

GlobalAlloc
LocalFree
LocalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

msvcp_win

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-crt-math-l1-1-0

_finite
_isnan
ceilf
cosf
floorf
log10f
logf
sinf
sqrtf

api-ms-win-crt-time-l1-1-0

_time32

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Windows.StateRepository.dll
.dll windows:10 windows x64 arch:x64

ea1b7bcae41239e54d525702fc6207c6

Code Sign

33:00:00:04:5f:f3:c9:6c:1a:7f:f7:da:1d:00:00:00:00:04:5f
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:b8:e3:6e:49:cc:16:78:11:d6:9d:1e:74:e4:6e:6a:1a:64:b8:2d:56:e9:f5:aa:a3:49:78:9a:89:b6:ab:2a
Signer

Actual PE Digest

b8:b8:e3:6e:49:cc:16:78:11:d6:9d:1e:74:e4:6e:6a:1a:64:b8:2d:56:e9:f5:aa:a3:49:78:9a:89:b6:ab:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Windows.StateRepository.pdb

Imports

msvcrt

realloc
_purecall
memmove_s
_ui64tow_s
_XcptFilter
_amsg_exit
malloc
_initterm
__C_specific_handler
wcschr
_unlock
__dllonexit
_onexit
__CxxFrameHandler3
memset
_vsnwprintf
toupper
memmove
_callnewh
wcsrchr
_vsnprintf
_lock
_stricmp
memcmp
memcpy
free
memcpy_s
strcmp

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
LoadLibraryExW
GetProcAddress
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW

api-ms-win-core-synch-l1-1-0

CreateMutexExW
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
WaitForSingleObject
InitializeCriticalSectionEx
ReleaseSemaphore
ReleaseSRWLockExclusive
DeleteCriticalSection
CreateSemaphoreExW
CreateEventW
WaitForSingleObjectEx
OpenSemaphoreW
EnterCriticalSection
LeaveCriticalSection
SetEvent
InitializeSRWLock
ReleaseMutex

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

SetLastError
SetUnhandledExceptionFilter
RaiseException
GetLastError
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
TerminateProcess
GetProcessId
OpenProcessToken
GetCurrentProcessId
GetCurrentThread
OpenThreadToken
ProcessIdToSessionId
SetThreadToken
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventActivityIdControl
EventProviderEnabled
EventWriteTransfer

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

api-ms-win-service-core-l1-1-0

RegisterServiceCtrlHandlerExW
SetServiceStatus

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceExecuteOnce
InitOnceBeginInitialize
Sleep

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer

ntdll

RtlLookupElementGenericTableAvl
RtlDowncaseUnicodeString
RtlInsertElementGenericTableAvl
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockShared
RtlReleaseSRWLockShared
RtlCompareUnicodeString
RtlFreeUnicodeString
RtlInitUnicodeString
RtlConvertSidToUnicodeString
RtlCopySid
NtQueryInformationToken
RtlExpandEnvironmentStrings
NtSetInformationThread
NtQueryInformationThread
NtQueryInformationProcess
RtlNtStatusToDosErrorNoTeb
NtQueryInformationFile
RtlIsMultiUsersInSessionSku
RtlDeleteCriticalSection
RtlInitializeCriticalSection
RtlLeaveCriticalSection
RtlEnterCriticalSection
RtlAllocateHeap
RtlFreeHeap
NtAccessCheck
RtlLengthSid
RtlEqualSid
RtlValidSid
RtlDetermineDosPathNameType_U
RtlGetDeviceFamilyInfoEnum
RtlInitializeGenericTableAvl

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
ConvertStringSidToSidW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetLocalTime

combase

ord66
ord68
ord69
ord67

staterepository.core

sqlite3_vfs_unregister
sqlite3_vfs_register
sqlite3_vfs_find
sqlite3_expanded_sql
sqlite3_snprintf
sqlite3_profile
sqlite3_trace
sqlite3_config
sqlite3_status
sqlite3_step
sqlite3_reset
sqlite3_finalize
sqlite3_sql
sqlite3_column_type
sqlite3_column_blob
sqlite3_column_text16
sqlite3_column_bytes
sqlite3_column_text
sqlite3_column_int64
sqlite3_column_int
sqlite3_bind_blob
sqlite3_bind_text16
sqlite3_bind_int64
sqlite3_bind_int
sqlite3_bind_null
sqlite3_clear_bindings
sqlite3_db_handle
sqlite3_exec
sqlite3_stmt_busy
sqlite3_prepare_v2
sqlite3_result_text16
sqlite3_value_int64
sqlite3_free
sqlite3_result_blob
sqlite3_malloc
sqlite3_value_bytes
sqlite3_value_blob
sqlite3_value_int
sqlite3_value_text16
sqlite3_value_type
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_error_code
sqlite3_result_error16
sqlite3_result_error_nomem
sqlite3_user_data
sqlite3_create_function_v2
sqlite3_errcode
sqlite3_next_stmt
sqlite3_db_status
sqlite3_busy_timeout
sqlite3_db_filename
sqlite3_last_insert_rowid
sqlite3_changes
sqlite3_wal_checkpoint_v2
sqlite3_wal_autocheckpoint
sqlite3_db_config
sqlite3_get_autocommit
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_extended_errcode
sqlite3_open_v2
sqlite3_log
sqlite3_errmsg
sqlite3_close
sqlite3_enable_shared_cache
sqlite3_shutdown
sqlite3_initialize

api-ms-win-appmodel-runtime-internal-l1-1-3

CouldMultiUserAppsBehaviorBePossibleForPackage

api-ms-win-appmodel-runtime-internal-l1-1-1

GetPackageFullNameFromToken

api-ms-win-security-base-l1-1-0

CopySid
GetLengthSid
EqualSid
GetTokenInformation
IsValidSid
CreateWellKnownSid

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal

api-ms-win-security-accesshlpr-l1-1-0

FreeTransientObjectSecurityDescriptor
BuildSecurityDescriptorForSharingAccess

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-core-file-l1-1-0

GetFileAttributesW
WriteFile
CreateFileW
DeleteFileW

api-ms-win-core-file-l2-1-0

MoveFileExW
GetFileInformationByHandleEx

api-ms-win-core-registry-l1-1-0

RegDeleteTreeW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW

api-ms-win-security-lsalookup-l1-1-0

LsaLookupGetDomainInfo
LsaLookupOpenLocalPolicy
LsaLookupFreeMemory
LsaLookupClose

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-security-lsalookup-l2-1-0

LookupAccountSidW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-windowserrorreporting-l1-1-1

WerRegisterCustomMetadata

api-ms-win-core-path-l1-1-0

PathCchCombine

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-appmodel-runtime-l1-1-0

GetCurrentApplicationUserModelId
GetCurrentPackageFamilyName
GetCurrentPackageFullName

api-ms-win-appmodel-runtime-l1-1-1

GetApplicationUserModelIdFromToken

Exports

Exports

ServiceMain
StateRepository_DataAccessLayer_DatabaseCache_Add
StateRepository_DataAccessLayer_DatabaseCache_Get
StateRepository_Initialize
StateRepository_Service_UpdateStatus
StateRepository_Shutdown
SvchostPushServiceGlobals

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/Windows.UI.Xaml.Controls.dll
.dll windows:10 windows x64 arch:x64

0a5037be5c3f8eb64beadb98959e000b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Windows.UI.Xaml.Controls.pdb

Imports

bcp47langs

LanguageListAsMuiForm
GetApplicationLanguages

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
TerminateProcess
GetCurrentProcess
TlsSetValue
GetCurrentProcessId
TlsGetValue

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-core-localization-l1-2-0

GetLocaleInfoW
FormatMessageW
SetProcessPreferredUILanguages

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-heap-l1-1-0

HeapSize
HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
SizeofResource
FindResourceExW
LockResource
LoadResource
GetModuleHandleW
FreeLibrary
GetModuleFileNameA
DisableThreadLibraryCalls
GetProcAddress
LoadLibraryExW

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
GetRestrictedErrorInfo
RoOriginateError
SetRestrictedErrorInfo

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
CreateSemaphoreExW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
DeleteCriticalSection
ResetEvent
SetEvent
CreateEventW
ReleaseSRWLockShared
AcquireSRWLockShared
InitializeCriticalSectionAndSpinCount

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsDuplicateString
WindowsDeleteStringBuffer
WindowsDeleteString
WindowsCreateString
WindowsGetStringRawBuffer
WindowsPromoteStringBuffer
WindowsGetStringLen
WindowsPreallocateStringBuffer
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-errorprivate-l1-1-0

RoFailFastWithErrorContextInternal2

api-ms-win-crt-private-l1-1-0

_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__dtest
_o__errno
_o__execute_onexit_table
_o__free_base
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
_o__wtoi
_o_atan2
_o_bsearch
_o_ceil
_o_cos
_o_floor
_o_pow
_o_round
_o_roundf
_o_sin
_o_sqrt
_o_terminate
_o_towupper
_o_wcstoul
__CxxFrameHandler4
__std_terminate
memmove
memcpy
memcmp
_CxxThrowException
__C_specific_handler
__CxxFrameHandler3
_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_wassert

api-ms-win-crt-math-l1-1-0

_fdtest
ceilf

api-ms-win-crt-string-l1-1-0

wcsncmp
memset

msvcp_win

?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
??Bios_base@std@@QEBA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

api-ms-win-core-processenvironment-l1-1-0

SearchPathW

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
GetSystemDefaultUILanguage

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetSystemTimeAsFileTime

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile

api-ms-win-core-featurestaging-l1-1-0

SubscribeFeatureStateChangeNotification
RecordFeatureUsage
UnsubscribeFeatureStateChangeNotification

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-3

TerminateProcessOnMemoryExhaustion

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead
InterlockedFlushSList

oleaut32

SysFreeString

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-com-l1-1-1

RoGetAgileReference

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DllMain
GetDependencyLocatorStorage
SendTelemetryOnSuspend
XamlTestHookFreeControlsResourceLibrary

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 962KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_asyncio.pyd
.dll windows:6 windows x64 arch:x64

9d434eba59ce931bdee5b38eec4b196b

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:d1:e2:b6:b0:45:92:78:20:d0:32:5a:d4:38:b0:65:69:11:c8:cc:8d:97:9d:4e:6f:57:67:c5:dd:b8:77:b4
Signer

Actual PE Digest

7e:d1:e2:b6:b0:45:92:78:20:d0:32:5a:d4:38:b0:65:69:11:c8:cc:8d:97:9d:4e:6f:57:67:c5:dd:b8:77:b4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_asyncio.pdb

Imports

python311

PyIter_Send
PyExc_ValueError
PyErr_Format
PyModule_AddType
_Py_FalseStruct
PyCoro_Type
PyType_IsSubtype
PyErr_Restore
_Py_Dealloc
PyObject_Free
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObject
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyObject_ClearWeakRefs
PyObject_Vectorcall
PyUnicode_FromFormat
PySet_New
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PyType_Ready
PyObject_GetAttrString
PyList_Append
PyObject_RichCompareBool
PyException_SetTraceback
_PyDict_GetItemIdWithError
Py_BuildValue
PyUnicode_Type
PyObject_CallMethod
_PyArg_UnpackKeywords
_PyDict_GetItem_KnownHash
PyObject_VectorcallMethod
PyObject_IsInstance
PyExc_StopIteration
PyContext_CopyCurrent
PyCMethod_New
_PyGen_SetStopIterationValue
_PyRuntime
PyObject_GC_Track
_PyType_Name
_Py_NewReference
_PyObject_New
PyExc_TypeError
PyObject_IsTrue
PyObject_Str
_PyLong_AsInt
PyGen_Type
_PyThreadState_GetDict
_Py_TrueStruct
_PyObject_GC_New
PyTraceBack_Type
_Py_IsFinalizing
PyThreadState_GetID
_PyDict_DelItem_KnownHash
PyUnicode_FromString
PyObject_CallNoArgs
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyExc_RuntimeError
_PyGen_FetchStopIterationValue
PyList_SetSlice
PyErr_WriteUnraisable
_PyObject_LookupAttrId
PyErr_SetString
PyExc_SystemExit
_PyObject_CallMethodIdObjArgs
PyExc_AttributeError
PySet_Add
PyTuple_New
_Py_NoneStruct
PyExc_KeyboardInterrupt
PyUnicode_FromFormatV
PySet_Contains
PyObject_CallFinalizerFromDealloc
_PyDict_SetItemId
_PyErr_ChainExceptions
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyObject_SelfIter
PyErr_NormalizeException
PyImport_ImportModule
_PyErr_BadInternalCall
_PyDict_SetItem_KnownHash
_PyArg_CheckPositional
PyType_GenericNew
_PyObject_SetAttrId
PyErr_GivenExceptionMatches
PyObject_CallOneArg
PyErr_SetObject
PyException_GetTraceback
PyDict_New
Py_GenericAlias

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit__asyncio

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_bz2.pyd
.dll windows:6 windows x64 arch:x64

d0a62ab71a2b2ca69c6aba1f0a37fcdd

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2f:16:ea:2a:32:2c:67:c6:e7:b3:c9:80:62:78:82:85:95:fa:58:35:85:6d:e1:26:54:34:56:6b:5a:6f:a8:88
Signer

Actual PE Digest

2f:16:ea:2a:32:2c:67:c6:e7:b3:c9:80:62:78:82:85:95:fa:58:35:85:6d:e1:26:54:34:56:6b:5a:6f:a8:88

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_bz2.pdb

Imports

python311

_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_Realloc
PyType_FromModuleAndSpec
PyBytes_FromStringAndSize
PyModuleDef_Init
PyExc_OSError
PyErr_NoMemory
PyMem_Free
PyThread_free_lock
PyList_Append
PyExc_EOFError
_PyNumber_Index
PyObject_GetBuffer
PyMem_RawFree
PyBuffer_Release
PyThread_release_lock
PyEval_RestoreThread
PyMem_Malloc
_Py_Dealloc
PyList_New
PyModule_AddType
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
_PyArg_BadArgument
PyThread_acquire_lock
_PyArg_NoPositional
PyMem_RawMalloc
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew

vcruntime140

memmove
memcpy
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
exit
_execute_onexit_table
_cexit
_initterm

api-ms-win-crt-heap-l1-1-0

free
malloc

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

PyInit__bz2

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_cffi_backend.pyd
.dll windows:6 windows x64 arch:x64

1f8568e4a2373d2e7c1bf07e57b0e0f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyErr_ExceptionMatches
PyThread_release_lock
PyComplex_AsCComplex
PyCapsule_GetPointer
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyLong_AsLong
PyObject_ClearWeakRefs
PyObject_Init
PyUnicode_AsUTF8
PyUnicode_AsWideCharString
PyUnicode_FromFormat
PyObject_GetBuffer
PyList_New
PyModule_Create2
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_NewException
_PyObject_CallMethod_SizeT
PyErr_Clear
PyList_Append
PyObject_RichCompareBool
PyTuple_Size
PyThreadState_GetDict
PyCapsule_New
PyObject_GenericSetAttr
_Py_HashPointer
PyDict_SetItem
PyDict_New
_PyLong_Sign
PyUnicode_Type
PyThread_free_lock
PyObject_IsInstance
PyMem_Free
PyLong_FromVoidPtr
PyType_GenericAlloc
PyObject_AsFileDescriptor
PyUnicode_AsWideChar
PyCMethod_New
PyList_Type
PyErr_NoMemory
PyModule_GetDict
PyDict_GetItem
PyDict_Clear
PyLong_AsVoidPtr
PyUnicode_DecodeLatin1
PyUnicode_FromKindAndData
PyIndex_Check
PyObject_GC_Track
PyBytes_FromStringAndSize
_Py_NotImplementedStruct
PyExc_NotImplementedError
PyGILState_Ensure
PyDict_DelItem
PyNumber_Long
PyNumber_AsSsize_t
_PyObject_New
PyExc_TypeError
PyThreadState_Clear
PyDict_Copy
PyObject_Str
PyTuple_Pack
_PyByteArray_empty_string
PyModule_Type
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
_PyObject_GC_New
_PyObject_GC_NewVar
PyUnicode_GetLength
Py_FileSystemDefaultEncoding
_Py_FatalErrorFunc
PyDict_Keys
PyUnicode_FromString
PyGILState_GetThisThreadState
PyComplex_FromCComplex
PyBuffer_Release
PyObject_Call
PyObject_Repr
PyByteArray_Type
PyType_Type
PyThreadState_Delete
PyEval_RestoreThread
PyUnicode_FromStringAndSize
Py_FatalError
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Restore
PyType_IsSubtype
PyErr_SetFromErrno
PyFloat_Type
_Py_FalseStruct
PyTuple_Type
PyBool_Type
PyObject_RichCompare
PyLong_AsUnsignedLongLongMask
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyDict_Next
PyLong_FromUnsignedLong
PyUnicode_InternInPlace
PyExc_ValueError
PyObject_GetIter
PyErr_WriteUnraisable
PyExc_ZeroDivisionError
PyErr_SetString
PyUnicode_FromWideChar
PyUnicode_New
PyTuple_GetSlice
PyExc_AttributeError
PyBuffer_FillInfo
PyFloat_FromDouble
PyUnicode_AsUCS4
PyExc_WindowsError
PyThread_acquire_lock
PyLong_FromLongLong
PyExc_UserWarning
PyDict_Size
PyDict_SetItemString
PyTuple_New
PyLong_AsLongLong
_Py_NoneStruct
PyGILState_Release
PyRun_StringFlags
PyLong_AsUnsignedLongLong
PyFloat_AsDouble
PySys_GetObject
PyThread_allocate_lock
PyLong_FromUnsignedLongLong
PyExc_MemoryError
_PyErr_WriteUnraisableMsg
PyErr_SetNone
PyBuffer_IsContiguous
PyObject_Hash
PyObject_GC_UnTrack
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyList_SetSlice
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyObject_SelfIter
PyErr_NormalizeException
PyImport_ImportModule
PySlice_Type
PyExc_KeyError
PyLong_AsSsize_t
PyErr_WarnEx
PyModule_AddIntConstant
PyObject_Malloc
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyBool_FromLong
PyErr_SetObject
PyObject_Free
PySlice_AdjustIndices
PyThreadState_Get
PyCFunction_Type
PyUnicode_InternFromString
PyExc_OSError
PyInterpreterState_GetDict

user32

MessageBoxW

kernel32

FreeLibrary
IsDebuggerPresent
InitializeSListHead
TlsSetValue
SetLastError
VirtualAlloc
Sleep
FormatMessageW
GetLastError
LoadLibraryA
TlsAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
CreateThread
GetProcAddress
LocalFree
GetCurrentThreadId
TlsGetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime

vcruntime140

memcmp
memcpy
memchr
memset
__std_type_info_destroy_list
__C_specific_handler
memmove

api-ms-win-crt-heap-l1-1-0

malloc
free
calloc

api-ms-win-crt-stdio-l1-1-0

setbuf
__stdio_common_vsprintf
__stdio_common_vfprintf
_dup
_close
__acrt_iob_func
fclose

api-ms-win-crt-convert-l1-1-0

_strtoui64

api-ms-win-crt-string-l1-1-0

_strdup
isspace
strncmp
strcmp

api-ms-win-crt-runtime-l1-1-0

_cexit
_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_onexit_table
_initialize_narrow_environment
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

PyInit__cffi_backend

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_ctypes.pyd
.dll windows:6 windows x64 arch:x64

e716aa549ea6dfb7b233942c7f07ff87

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:d8:39:3c:11:9e:b4:e8:c8:a7:bd:67:dd:91:20:58:ae:4f:e1:25:a2:42:6d:e1:dd:38:9c:b7:79:c6:e5:9d
Signer

Actual PE Digest

75:d8:39:3c:11:9e:b4:e8:c8:a7:bd:67:dd:91:20:58:ae:4f:e1:25:a2:42:6d:e1:dd:38:9c:b7:79:c6:e5:9d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_ctypes.pdb

Imports

libffi-8

ffi_type_sint8
ffi_type_uint8
ffi_type_float
ffi_type_uint64
ffi_type_uint32
ffi_type_double
ffi_type_uint16
ffi_type_sint32
ffi_call
ffi_type_sint64
ffi_type_void
ffi_prep_cif
ffi_prep_closure
ffi_type_sint16
ffi_type_pointer

ole32

ProgIDFromCLSID

oleaut32

SysStringLen
SysFreeString
GetErrorInfo
SysAllocStringLen

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetSystemInfo
VirtualAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
LoadLibraryExW
FreeLibrary
LocalFree
QueryPerformanceCounter
FormatMessageW
DisableThreadLibraryCalls
GetProcAddress
SetLastError
GetLastError

python311

_PyObject_LookupAttrId
PyExc_ValueError
_Py_CheckRecursiveCall
PyDict_Next
PyErr_Format
PyDict_Type
PyModule_AddType
PyType_IsSubtype
PyExc_OverflowError
_Py_Dealloc
PyLong_AsUnsignedLongMask
PyTuple_GetItem
PySequence_GetSlice
PyDescr_NewGetSet
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObjectRef
PySequence_SetItem
_PyArg_ParseTuple_SizeT
PyObject_CallFunctionObjArgs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySys_Audit
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
_PyDict_GetItemIdWithError
PyObject_GenericSetAttr
PyDict_SetItem
PyDict_New
_PyLong_Sign
PyObject_VectorcallMethod
PyObject_IsInstance
PyMem_Free
PyLong_FromVoidPtr
PyUnicode_AsWideChar
PyErr_NoMemory
_PyRuntime
PyLong_AsVoidPtr
PyObject_CallObject
PyIndex_Check
PyBytes_FromStringAndSize
PyDict_DelItem
PyNumber_AsSsize_t
_PyObject_MakeTpCall
PyUnicode_New
_PyWeakref_ProxyType
PyExc_TypeError
PyTuple_Pack
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyArg_UnpackTuple
PyUnicode_FromString
PyBuffer_Release
PyType_Type
PySequence_Tuple
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PyErr_WarnEx
PyExc_RuntimeWarning
PyOS_vsnprintf
PyImport_ImportModule
PyObject_GC_UnTrack
PySys_GetObject
PyGILState_Release
PyErr_WriteUnraisable
Py_Initialize
PyObject_GC_Del
PyLong_AsLong
PyObject_Vectorcall
Py_IsInitialized
PyFile_WriteString
PyObject_GC_Track
PyGILState_Ensure
_PyObject_GC_NewVar
PyErr_Print
PyMem_Calloc
PyErr_SetObject
PyObject_CallOneArg
PyLong_AsUnsignedLong
PyErr_SetString
PyCapsule_IsValid
PyBytes_AsString
PyErr_NormalizeException
PyUnicode_AppendAndDel
Py_BuildValue
PyErr_SetFromWindowsErr
PyUnicode_FromFormatV
PyFloat_FromDouble
PyObject_CallFunction
PyTuple_Type
PyObject_Free
PyCapsule_GetPointer
PyErr_Fetch
PyUnicode_AsWideCharString
_PyObject_GetAttrId
PyThreadState_GetDict
PyCapsule_New
PyUnicode_Type
_PyTraceback_Add
_PyUnicode_IsPrintable
PyExc_OSError
_PyObject_New
PyMem_Realloc
PyObject_Str
PyExc_FileNotFoundError
PyObject_Call
PyArg_ParseTuple
PyBool_FromLong
PyLong_FromUnsignedLongLong
PyFloat_AsDouble
PyLong_FromLongLong
PyLong_FromUnsignedLong
PyLong_AsUnsignedLongLongMask
PyFloat_Unpack4
PyFloat_Pack4
PyObject_IsTrue
PyFloat_Pack8
PyByteArray_Type
PyFloat_Unpack8
PyObject_GetAttr
PySequence_Fast
PyTuple_Size
_PyDict_SizeOf
_PyLong_AsInt
_Py_CheckFunctionResult
PyTuple_GetSlice
PyExc_AttributeError
PyMemoryView_FromObject
PyDict_SetItemString
PyTuple_New
_PyDict_ContainsId
_Py_NoneStruct
PyDict_Contains
PyDict_GetItemWithError
_PyDict_SetItemId
_PyErr_WriteUnraisableMsg
PyBuffer_IsContiguous
PyUnicode_Concat
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyWeakref_CallableProxyType
_PyUnicode_EqualToASCIIString
PyLong_FromSsize_t
PyWeakref_NewProxy
PyErr_Occurred
PyDict_Update
PySequence_GetItem
PySlice_Type
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyExc_Exception
PySlice_AdjustIndices
PyDescr_NewClassMethod
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_Size
Py_GenericAlias
PyType_GetName
PyUnicode_FromWideChar
PyObject_IsSubclass

vcruntime140

memcmp
__std_type_info_destroy_list
__C_specific_handler
strchr
memcpy
memset
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

api-ms-win-crt-string-l1-1-0

iswctype

Exports

Exports

DllCanUnloadNow
DllGetClassObject
PyInit__ctypes

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_decimal.pyd
.dll windows:6 windows x64 arch:x64

c8876e9e8ae3bb7e4abb8348fe33f03e

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:9e:eb:e6:7c:a4:fa:b7:c2:75:f6:89:76:f9:4f:58:39:87:5e:f1:f8:6b:ea:ac:e2:03:e4:8f:44:8d:62:45
Signer

Actual PE Digest

25:9e:eb:e6:7c:a4:fa:b7:c2:75:f6:89:76:f9:4f:58:39:87:5e:f1:f8:6b:ea:ac:e2:03:e4:8f:44:8d:62:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_decimal.pdb

Imports

python311

PyList_GetItem
_PyUnicode_IsWhitespace
PyObject_CallMethod
PyObject_IsInstance
PyMem_Free
PyErr_NoMemory
PyObject_CallObject
PyComplex_Type
_Py_NotImplementedStruct
PyUnicode_Compare
PyArg_ParseTupleAndKeywords
_PyObject_New
PyExc_TypeError
PyMem_Realloc
PyModule_AddStringConstant
PyUnicode_AsUTF8String
PyTuple_Pack
PyObject_HashNotImplemented
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
_Py_TrueStruct
PyDict_New
_PyLong_GCD
PyUnicode_CompareWithASCIIString
PyType_Type
PyArg_ParseTuple
PyContextVar_New
PyFloat_FromString
PyExc_ArithmeticError
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyContextVar_Set
PyObject_CallFunction
PyExc_ZeroDivisionError
PyErr_SetString
PyUnicode_FromWideChar
PyList_Size
PyDict_SetItem
_Py_HashPointer
PyObject_GenericSetAttr
_PyLong_New
PyTuple_Size
PyList_Append
PyErr_Clear
PyErr_NewException
PyUnicode_New
PyExc_AttributeError
PyObject_GetAttrString
PyType_Ready
PyModule_Create2
_PyUnicode_ToDecimalDigit
PyFloat_FromDouble
PyDict_Size
PyDict_SetItemString
PyList_New
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CallFunctionObjArgs
PyModule_AddObject
PyComplex_AsCComplex
PyModule_AddObjectRef
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyLong_Type
PyTuple_New
PyFloat_Type
_Py_FalseStruct
PyUnicode_FromString
PyTuple_Type
_Py_NoneStruct
PyFloat_AsDouble
PyComplex_FromDoubles
PyDict_GetItemWithError
Py_BuildValue
PyContextVar_Get
PyLong_FromLong
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
_Py_ascii_whitespace
PyType_GenericNew
PyModule_AddIntConstant
PyBool_FromLong
PyErr_SetObject
PyUnicode_InternFromString
PyObject_IsTrue
PyBaseObject_Type

vcruntime140

strchr
memmove
memcpy
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-convert-l1-1-0

strtoll
mbstowcs

api-ms-win-crt-math-l1-1-0

log10
copysign
ceil
_dclass

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_errno

api-ms-win-crt-string-l1-1-0

tolower
isupper
isdigit

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
free

kernel32

RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
RtlCaptureContext

Exports

Exports

PyInit__decimal

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_hashlib.pyd
.dll windows:6 windows x64 arch:x64

02e7e9437b7e711286b4b21f873e174b

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:78:fc:f2:4c:88:39:df:b0:06:a5:90:a6:db:17:45:af:33:ba:cc:d9:65:8a:31:37:2b:f8:da:5f:e8:5a:11
Signer

Actual PE Digest

30:78:fc:f2:4c:88:39:df:b0:06:a5:90:a6:db:17:45:af:33:ba:cc:d9:65:8a:31:37:2b:f8:da:5f:e8:5a:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_hashlib.pdb

Imports

libcrypto-3

EVP_MD_do_all_provided
EVP_MD_CTX_free
EVP_DigestInit_ex
EVP_MD_CTX_get0_md
ERR_func_error_string
HMAC
EVP_DigestUpdate
EVP_MD_CTX_md
HMAC_Update
HMAC_CTX_new
EVP_MD_CTX_copy
EVP_PBE_scrypt
OBJ_nid2ln
ERR_clear_error
ERR_peek_last_error
HMAC_Init_ex
HMAC_CTX_free
EVP_MD_get_block_size
OBJ_nid2sn
EVP_MD_fetch
EVP_MD_free
HMAC_Final
ERR_reason_error_string
ERR_lib_error_string
EVP_DigestFinalXOF
EVP_MD_get_flags
EVP_DigestFinal
EVP_MD_CTX_new
PKCS5_PBKDF2_HMAC
EVP_MD_get_type
HMAC_CTX_get_md
EVP_default_properties_is_fips_enabled
EVP_MD_up_ref
EVP_MD_get_size
HMAC_CTX_copy
CRYPTO_memcmp

python311

PyErr_NewException
PyType_FromSpecWithBases
PyDict_SetItem
PyDict_New
PyThread_free_lock
PyMem_Free
PyFrozenSet_New
PyErr_NoMemory
PyModuleDef_Init
_Py_hashtable_set
PyBytes_FromStringAndSize
PyType_FromSpec
_PyObject_New
PyExc_TypeError
PyObject_IsTrue
_PyUnicode_Ready
PyMem_Malloc
PyModule_GetState
PyUnicode_FromString
_Py_strhex
PyBuffer_Release
_Py_hashtable_get
PyEval_RestoreThread
_Py_hashtable_new_full
PyObject_GetAttrString
PyObject_GetBuffer
PyUnicode_FromFormat
PyUnicode_AsUTF8
PyLong_AsLong
PyModule_AddObject
PyModule_AddObjectRef
PyThread_release_lock
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_Py_hashtable_destroy
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
PyDictProxy_New
_PyArg_BadArgument
PySet_Add
PyThread_acquire_lock
_Py_NoneStruct
PyModule_GetDef
PyThread_allocate_lock
_Py_HashBytes
PyDict_GetItemWithError
PyBuffer_IsContiguous
PyLong_FromLong
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
PyLong_AsUnsignedLong
_PyNumber_Index
PyBool_FromLong
PyExc_BufferError
PyErr_FormatV
_PyArg_Parse_SizeT
PyObject_CheckBuffer

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

Exports

Exports

PyInit__hashlib

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_lzma.pyd
.dll windows:6 windows x64 arch:x64

c39c7a021b2adfc11bb34f105f70355e

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:e9:a4:ad:8c:34:bd:6e:c6:b0:5f:76:13:26:69:36:1f:56:4b:0c:ca:57:fc:fa:5a:b2:fb:d0:39:29:3a:c6
Signer

Actual PE Digest

1f:e9:a4:ad:8c:34:bd:6e:c6:b0:5f:76:13:26:69:36:1f:56:4b:0c:ca:57:fc:fa:5a:b2:fb:d0:39:29:3a:c6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_lzma.pdb

Imports

python311

PyDict_SetItem
PyDict_New
PyErr_NewExceptionWithDoc
PyThread_free_lock
PyMem_Free
PyErr_NoMemory
PyModuleDef_Init
PyBytes_FromStringAndSize
PyErr_SetString
PyType_FromModuleAndSpec
PyMem_Realloc
PyMapping_Check
_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_RawFree
PyBuffer_Release
PyEval_RestoreThread
_PyArg_BadArgument
PyThread_acquire_lock
PyLong_FromLongLong
PyTuple_New
_Py_NoneStruct
PyMem_RawMalloc
PyType_GetModuleState
PyMapping_GetItemString
PyList_Append
PyErr_Clear
PyExc_EOFError
PyList_New
PyObject_GetBuffer
PyModule_AddObject
PyThread_release_lock
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyMem_Malloc
_PyArg_UnpackKeywords
PyLong_AsUnsignedLongLong
PyThread_allocate_lock
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyEval_SaveThread
PyErr_Occurred
PySequence_GetItem
PyExc_KeyError
_PyArg_CheckPositional
PyLong_AsSsize_t
PyType_GenericNew
PyModule_AddIntConstant
_PyNumber_Index
PyBool_FromLong
PyUnicode_InternFromString
PyMem_Calloc
PyExc_TypeError
PySequence_Size

vcruntime140

memmove
memset
__std_type_info_destroy_list
__C_specific_handler
memcpy
memcmp

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit__lzma

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_multiprocessing.pyd
.dll windows:6 windows x64 arch:x64

ad5e2bc3f4742dadfaf9e74afc91a9f0

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:fe:2e:5f:7e:56:95:89:8d:d2:fd:f8:e4:ae:f9:26:35:fb:0c:b8:63:30:bb:59:cb:c1:46:c0:c9:0d:8f:b5
Signer

Actual PE Digest

7c:fe:2e:5f:7e:56:95:89:8d:d2:fd:f8:e4:ae:f9:26:35:fb:0c:b8:63:30:bb:59:cb:c1:46:c0:c9:0d:8f:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_multiprocessing.pdb

Imports

ws2_32

recv
send
closesocket
WSAGetLastError

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetLastError
ReleaseSemaphore
WaitForMultipleObjectsEx
GetCurrentThreadId
GetLastError
WaitForSingleObjectEx
CloseHandle
ResetEvent
CreateSemaphoreA
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
RtlCaptureContext

python311

_PyLong_AsInt
_Py_TrueStruct
PyExc_AssertionError
_PyOS_IsMainThread
PyMem_Malloc
PyThread_get_thread_ident
PyModuleDef_Init
_PyArg_ParseStack_SizeT
PyExc_OSError
PyErr_NoMemory
PyDict_New
_PyOS_SigintEvent
PyMem_Free
PyBuffer_Release
PyErr_SetExcFromWindowsErr
PyErr_SetFromErrno
_Py_FalseStruct
_PyArg_UnpackKeywords
PyFloat_AsDouble
PyErr_SetFromWindowsErr
PyErr_Occurred
_PyArg_CheckPositional
PyBool_FromLong
PyEval_RestoreThread
PyBytes_FromStringAndSize
_PyBytes_Resize
PyModule_AddObject
_Py_Dealloc
PyModule_AddType
PyErr_Format
PyExc_ValueError
PyErr_SetString
_PyArg_BadArgument
PyDict_SetItemString
_Py_NoneStruct
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyArg_Parse_SizeT
PyExc_OverflowError

vcruntime140

__std_type_info_destroy_list
memcpy
memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_errno
_initterm_e

Exports

Exports

PyInit__multiprocessing

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_overlapped.pyd
.dll windows:6 windows x64 arch:x64

48664681fdde7330197ca0b81cd0888e

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:98:7d:9e:7c:54:6d:35:80:0f:b1:79:f7:1c:32:4d:b0:84:42:e2:fd:19:2c:15:e8:a6:4d:d3:91:96:55:f9
Signer

Actual PE Digest

63:98:7d:9e:7c:54:6d:35:80:0f:b1:79:f7:1c:32:4d:b0:84:42:e2:fd:19:2c:15:e8:a6:4d:d3:91:96:55:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_overlapped.pdb

Imports

ws2_32

closesocket
WSASend
ntohl
WSAIoctl
WSASendTo
WSAConnect
socket
ntohs
WSAStringToAddressW
WSARecv
WSARecvFrom
inet_ntop
htons
bind
WSAGetLastError

kernel32

ResetEvent
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
ReadFile
SetLastError
WriteFile
RegisterWaitForSingleObject
UnregisterWait
GetQueuedCompletionStatus
CreateFileW
PostQueuedCompletionStatus
CreateEventW
FormatMessageW
GetLastError
SetEvent
CloseHandle
CancelIoEx
GetOverlappedResult
UnregisterWaitEx
LocalFree
CreateEventA
CreateIoCompletionPort
ConnectNamedPipe
GetCurrentThreadId

python311

PyErr_SetExcFromWindowsErr
PyBuffer_Release
PyArg_ParseTuple
_PyArg_ParseTupleAndKeywordsFast
PyEval_RestoreThread
_Py_TrueStruct
PyArg_Parse
_Py_Dealloc
PyErr_SetFromErrno
_Py_FalseStruct
PyTuple_Type
PyModule_AddType
PyMem_RawFree
PyType_FromModuleAndSpec
PyObject_Free
_PyObject_New
PyBytes_FromStringAndSize
PyModuleDef_Init
_PyArg_ParseStack
PyExc_ConnectionRefusedError
PyExc_OSError
PyLong_FromVoidPtr
PyUnicode_FromFormat
_PyBytes_Resize
_PyUnicode_WideCharString_Opt_Converter
PyUnicode_FromString
PyModule_GetState
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyErr_WriteUnraisable
PyErr_SetString
_PyArg_BadArgument
PyTuple_New
_Py_NoneStruct
PyMem_RawMalloc
Py_BuildValue
_PyUnicode_AsUnicode
PyExc_RuntimeError
PyEval_SaveThread
PyImport_ImportModule
PyExc_ConnectionAbortedError
PyBool_FromLong
PyModule_AddObject

vcruntime140

__std_type_info_destroy_list
memset
memcpy
__C_specific_handler

api-ms-win-crt-string-l1-1-0

iswctype

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e

Exports

Exports

PyInit__overlapped

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_queue.pyd
.dll windows:6 windows x64 arch:x64

d39104d594ed5774205f94197c63bfbc

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:b3:84:e0:92:df:34:80:76:b6:98:71:05:e3:56:3b:44:94:58:1a:bb:15:20:1f:8e:d7:c4:73:c0:eb:e5:83
Signer

Actual PE Digest

a9:b3:84:e0:92:df:34:80:76:b6:98:71:05:e3:56:3b:44:94:58:1a:bb:15:20:1f:8e:d7:c4:73:c0:eb:e5:83

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_queue.pdb

Imports

python311

PyThread_release_lock
Py_GenericAlias
_Py_Dealloc
_PyDeadline_Init
PyModule_AddType
PyExc_ValueError
_PyArg_UnpackKeywords
PyThread_acquire_lock_timed
PyObject_IsTrue
PyType_FromModuleAndSpec
PyExc_TypeError
_PyDeadline_Get
PyModule_AddObjectRef
PyType_GetModuleByDef
PyModuleDef_Init
PyThread_free_lock
PyErr_NewExceptionWithDoc
PyList_Append
PyList_New
PyObject_ClearWeakRefs
PyExc_OverflowError
PyErr_SetString
PyType_GetModule
_PyArg_NoPositional
_Py_NoneStruct
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyObject_GC_UnTrack
PyList_SetSlice
PyEval_SaveThread
PyLong_FromSsize_t
PyErr_Occurred
_PyArg_NoKeywords
PyBool_FromLong
_PyTime_FromSecondsObject
Py_MakePendingCalls
_PyTime_AsMicroseconds
PyEval_RestoreThread

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
RtlCaptureContext
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

Exports

Exports

PyInit__queue

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_socket.pyd
.dll .js windows:6 windows x64 arch:x64 polyglot

332065e5d19d708832b034da27e5571a

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:2c:32:f7:7e:36:9a:3d:56:d0:50:51:08:89:23:91:3a:7f:54:83:cd:ba:a9:50:79:84:24:77:44:75:e2:7c
Signer

Actual PE Digest

1f:2c:32:f7:7e:36:9a:3d:56:d0:50:51:08:89:23:91:3a:7f:54:83:cd:ba:a9:50:79:84:24:77:44:75:e2:7c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_socket.pdb

Imports

ws2_32

accept
WSACleanup
setsockopt
WSAIoctl
closesocket
gethostbyname
select
ntohl
WSADuplicateSocketW
shutdown
listen
WSASetLastError
WSASocketW
inet_pton
getaddrinfo
WSAStartup
getpeername
getnameinfo
inet_addr
getsockname
gethostbyaddr
getprotobyname
getservbyport
send
socket
ntohs
connect
inet_ntoa
getservbyname
recvfrom
recv
getsockopt
htonl
inet_ntop
htons
ioctlsocket
sendto
freeaddrinfo
bind
WSAGetLastError

iphlpapi

ConvertInterfaceLuidToNameW
GetIfTable2Ex
if_nametoindex
if_indextoname
FreeMibTable

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
SetHandleInformation
VerifyVersionInfoA
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
GetLastError
GetComputerNameExW

python311

_PyTime_FromSeconds
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyModule_AddObjectRef
PyCapsule_GetPointer
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyErr_Fetch
PyLong_AsLong
_PyBytes_Resize
PyUnicode_AsUTF8
PyUnicode_FromFormat
PySys_Audit
PyList_New
PyModule_Create2
PyErr_NewException
_PyDict_Pop
PyErr_Clear
PyList_Append
PyTuple_Size
PyUnicode_FSConverter
PyCapsule_New
PyBytes_Size
PyObject_CallFinalizerFromDealloc
PyMem_Free
PyType_GenericAlloc
PyErr_NoMemory
PyExc_OSError
PyErr_CheckSignals
PyBytes_FromStringAndSize
PyByteArray_Size
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
_PyTime_AsTimeval_clamp
_PyLong_AsInt
PyExc_ImportError
_Py_TrueStruct
PyUnicode_FromString
PyErr_SetExcFromWindowsErr
_PyDeadline_Init
PyBuffer_Release
PyByteArray_Type
Py_AtExit
PyType_Type
_PyTime_AsTimeval
PyEval_RestoreThread
PyErr_ResourceWarning
_Py_Dealloc
PyErr_Restore
PyType_IsSubtype
PyErr_SetFromErrno
PyLong_Type
_PyTime_AsSecondsDouble
_Py_FalseStruct
PyModule_AddStringConstant
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WriteUnraisable
PyErr_SetString
PyUnicode_FromWideChar
PyByteArray_AsString
PyUnicode_New
PyFloat_FromDouble
PyExc_TimeoutError
PyLong_FromLongLong
PyLong_AsLongLong
_Py_NoneStruct
PyUnicode_DecodeMBCS
PyErr_SetFromWindowsErr
PyLong_FromLong
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyExc_Warning
PyErr_Occurred
PyBytes_AsString
PyModule_AddIntConstant
PyLong_AsUnsignedLong
_Py_BuildValue_SizeT
PyUnicode_DecodeFSDefault
_PyTime_AsMilliseconds
PyErr_SetObject
_PyTime_FromSecondsObject
PyOS_snprintf
PyUnicode_AsEncodedString
PyExc_OverflowError

vcruntime140

memcpy
memset
__std_type_info_destroy_list
__C_specific_handler
strchr

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_configure_narrow_argv
_errno
_cexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit__socket

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_sqlite3.pyd
.dll windows:6 windows x64 arch:x64

6c7847858d251cc23656628bf2649d1b

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:c8:91:9c:f7:74:f2:72:cf:ec:c8:c9:0e:ea:df:29:09:fa:15:0b:65:e8:cc:a1:21:4d:4c:31:89:af:19:ed
Signer

Actual PE Digest

77:c8:91:9c:f7:74:f2:72:cf:ec:c8:c9:0e:ea:df:29:09:fa:15:0b:65:e8:cc:a1:21:4d:4c:31:89:af:19:ed

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_sqlite3.pdb

Imports

python311

_Py_Dealloc
PyModule_GetDict
PyErr_ExceptionMatches
PyObject_CheckBuffer
_PyArg_ParseTuple_SizeT
PyErr_Fetch
PyObject_Vectorcall
PyObject_GetBuffer
PySys_Audit
PyList_New
PyErr_Clear
PyList_Append
PyUnicode_FSConverter
PyList_GetItem
PyUnicode_Type
PyObject_VectorcallMethod
PyMem_Free
PyLong_AsLongAndOverflow
PyErr_NoMemory
PyObject_CallObject
PyObject_GC_Track
PyBytes_FromStringAndSize
PyGILState_Ensure
PyThread_get_thread_ident
PyType_GetModuleByDef
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
_PyUnicode_Ready
PyCallable_Check
PyMem_Malloc
_PyLong_AsInt
PyObject_CallMethodObjArgs
_Py_TrueStruct
PyModule_GetState
_PyObject_GC_New
PyUnicode_FromString
PyBuffer_Release
PyObject_CallNoArgs
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PySequence_Size
PyOS_snprintf
PyErr_SetObject
PySequence_GetItem
PyObject_SelfIter
PyIter_Next
PyObject_GetIter
PyLong_FromLongLong
PyTuple_Type
PyLong_Type
PyExc_UnicodeDecodeError
_PyErr_FormatFromCause
PyObject_ClearWeakRefs
PyBytes_Type
PyUnicode_Decode
PySequence_Check
PyErr_Restore
PyList_Type
PyObject_GetItem
PyTuple_Pack
PyExc_LookupError
PyErr_Print
PyByteArray_Type
PyIter_Check
Py_BuildValue
_PyObject_LookupAttr
PyModule_AddObjectRef
PyDict_SetItem
PyDict_New
PyExc_Exception
PyModule_AddIntConstant
PyModule_AddType
PyModule_AddStringConstant
PyObject_GetAttrString
PyErr_NewException
PyModuleDef_Init
PyExc_ImportError
PyUnicode_CompareWithASCIIString
PyBool_FromLong
PySlice_Type
PyObject_Hash
PyObject_RichCompare
PyTuple_GetItem
_Py_ctype_tolower
PyObject_RichCompareBool
PyTuple_Size
_Py_NotImplementedStruct
PyNumber_AsSsize_t
PyExc_IndexError
PyObject_SetAttrString
PyLong_AsLongLongAndOverflow
PySlice_AdjustIndices
PySlice_Unpack
PyLong_FromUnsignedLong
PyLong_AsLong
PyIndex_Check
PyType_GetModule
PyTuple_New
_Py_NoneStruct
PyGILState_Release
PyFloat_AsDouble
PyObject_GetAttr
PyDict_GetItemWithError
PyExc_MemoryError
PyBuffer_IsContiguous
PyObject_GC_UnTrack
PyLong_FromLong
_PyErr_ChainExceptions
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyErr_Occurred
PyImport_ImportModule
_PyArg_CheckPositional
_PyArg_NoKeywords
PyExc_OverflowError
PyFloat_Type
PyType_IsSubtype
_Py_FalseStruct
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WriteUnraisable
PyErr_SetString
PyList_Size
_PyArg_BadArgument
PyExc_AttributeError
PyWeakref_GetObject
PyBuffer_FillInfo
PyByteArray_FromStringAndSize
PyFloat_FromDouble
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyObject_CallOneArg
PyWeakref_NewRef
PyDict_Type
PyUnicode_InternFromString

sqlite3

sqlite3_enable_load_extension
sqlite3_backup_pagecount
sqlite3_blob_open
sqlite3_step
sqlite3_create_window_function
sqlite3_serialize
sqlite3_value_blob
sqlite3_backup_step
sqlite3_malloc64
sqlite3_value_double
sqlite3_trace_v2
sqlite3_result_error_toobig
sqlite3_libversion_number
sqlite3_bind_double
sqlite3_column_text
sqlite3_last_insert_rowid
sqlite3_changes
sqlite3_bind_blob
sqlite3_column_count
sqlite3_column_type
sqlite3_bind_text
sqlite3_stmt_readonly
sqlite3_column_decltype
sqlite3_value_bytes
sqlite3_exec
sqlite3_column_int64
sqlite3_bind_null
sqlite3_column_bytes
sqlite3_column_name
sqlite3_column_blob
sqlite3_bind_parameter_count
sqlite3_column_double
sqlite3_bind_int64
sqlite3_reset
sqlite3_bind_parameter_name
sqlite3_shutdown
sqlite3_enable_shared_cache
sqlite3_initialize
sqlite3_complete
sqlite3_libversion
sqlite3_threadsafe
sqlite3_extended_errcode
sqlite3_errmsg
sqlite3_blob_close
sqlite3_blob_write
sqlite3_blob_read
sqlite3_blob_bytes
sqlite3_data_count
sqlite3_errcode
sqlite3_progress_handler
sqlite3_load_extension
sqlite3_close_v2
sqlite3_create_collation_v2
sqlite3_get_autocommit
sqlite3_errstr
sqlite3_limit
sqlite3_expanded_sql
sqlite3_result_error_nomem
sqlite3_value_int64
sqlite3_value_type
sqlite3_result_text
sqlite3_sleep
sqlite3_context_db_handle
sqlite3_result_null
sqlite3_close
sqlite3_prepare_v2
sqlite3_stricmp
sqlite3_backup_finish
sqlite3_open_v2
sqlite3_value_text
sqlite3_db_handle
sqlite3_result_double
sqlite3_result_int64
sqlite3_busy_timeout
sqlite3_user_data
sqlite3_total_changes
sqlite3_finalize
sqlite3_result_error
sqlite3_free
sqlite3_backup_init
sqlite3_interrupt
sqlite3_deserialize
sqlite3_backup_remaining
sqlite3_create_function_v2
sqlite3_set_authorizer
sqlite3_aggregate_context
sqlite3_result_blob

vcruntime140

__std_type_info_destroy_list
memcpy
memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm

api-ms-win-crt-string-l1-1-0

_strnicmp

kernel32

TerminateProcess
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls

Exports

Exports

PyInit__sqlite3

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_ssl.pyd
.dll windows:6 windows x64 arch:x64

320b5938e789045797776388b51c1253

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:66:a5:f7:b5:73:08:2b:c7:d0:aa:22:e5:15:8e:ae:73:cb:43:60:fb:40:e7:75:74:d5:81:9d:2b:c5:3e:a9
Signer

Actual PE Digest

58:66:a5:f7:b5:73:08:2b:c7:d0:aa:22:e5:15:8e:ae:73:cb:43:60:fb:40:e7:75:74:d5:81:9d:2b:c5:3e:a9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_ssl.pdb

Imports

ws2_32

select
WSAGetLastError

crypt32

CertFreeCRLContext
CertOpenStore
CertCloseStore
CertAddStoreToCollection
CertEnumCRLsInStore
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore

libcrypto-3

X509_VERIFY_PARAM_set_hostflags
X509_STORE_add_cert
X509_get0_notAfter
DH_free
ERR_get_error
BIO_read
BIO_printf
X509_get_default_cert_file_env
X509_VERIFY_PARAM_set1_ip
OBJ_obj2nid
X509_get_default_cert_dir_env
X509_get_issuer_name
RAND_status
i2t_ASN1_OBJECT
X509_get0_notBefore
PEM_write_bio_X509_AUX
ASN1_STRING_to_UTF8
ERR_reason_error_string
PEM_write_bio_X509
BIO_ctrl
X509_VERIFY_PARAM_set_flags
i2d_X509
BIO_new
OBJ_nid2sn
i2a_ASN1_INTEGER
OBJ_txt2obj
GENERAL_NAME_free
X509_NAME_get_entry
ERR_peek_last_error
ASN1_OBJECT_free
BIO_up_ref
OpenSSL_version_num
X509_NAME_ENTRY_get_data
a2i_IPADDRESS
BIO_clear_flags
i2d_X509_bio
X509_VERIFY_PARAM_set1_host
PEM_read_bio_X509
OBJ_obj2txt
COMP_get_type
BIO_s_mem
BIO_free_all
BIO_s_file
BIO_ctrl_pending
CRYPTO_free
X509_get_version
OPENSSL_sk_value
X509_verify_cert_error_string
X509_OBJECT_get0_X509
AUTHORITY_INFO_ACCESS_free
X509_NAME_ENTRY_set
OPENSSL_sk_find
X509_VERIFY_PARAM_clear_flags
RAND_bytes
GENERAL_NAME_print
BIO_new_fp
BIO_write
BIO_free
ASN1_STRING_get0_data
CRL_DIST_POINTS_free
X509_NAME_ENTRY_get_object
BIO_puts
BIO_gets
X509_up_ref
OPENSSL_sk_pop_free
OBJ_nid2obj
X509_NAME_print_ex
d2i_X509_bio
X509_subject_name_hash
OpenSSL_version
ASN1_STRING_type
X509_get_serialNumber
X509_get_default_cert_dir
X509_get_default_cert_file
RAND_add
OBJ_nid2ln
ERR_clear_error
X509_free
BIO_new_mem_buf
PEM_read_DHparams
ASN1_STRING_length
X509_get_ext_d2i
X509_OBJECT_get_type
ASN1_OCTET_STRING_free
X509_cmp
X509_STORE_get0_objects
X509_VERIFY_PARAM_get_flags
ASN1_TIME_print
OBJ_sn2nid
X509_check_ca
BIO_set_flags
X509_NAME_entry_count
OPENSSL_sk_num
X509_get_subject_name

libssl-3

d2i_SSL_SESSION
SSL_CIPHER_get_auth_nid
SSL_pending
SSL_CTX_get0_param
SSL_SESSION_get_time
SSL_set_verify
SSL_CIPHER_get_version
SSL_CTX_get_verify_mode
SSL_CTX_set_cipher_list
SSL_set_post_handshake_auth
SSL_set_accept_state
SSL_CTX_load_verify_locations
SSL_CTX_set_num_tickets
SSL_CTX_use_certificate_chain_file
SSL_CIPHER_get_name
SSL_get_peer_finished
SSL_get1_peer_certificate
SSL_get0_param
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_check_private_key
SSL_set_SSL_CTX
SSL_session_reused
SSL_shutdown
SSL_read_ex
SSL_get_current_cipher
SSL_get_verify_mode
SSL_is_init_finished
SSL_CTX_set_session_id_context
SSL_CTX_set_msg_callback
SSL_SESSION_get_ticket_lifetime_hint
TLS_server_method
SSL_CTX_set_verify
SSL_get_error
SSL_CTX_get_num_tickets
SSL_set_connect_state
SSL_get1_session
SSL_get_peer_cert_chain
TLSv1_1_method
SSL_CIPHER_get_bits
SSL_CTX_get_security_level
SSL_set_bio
SSL_CTX_get_verify_callback
SSL_SESSION_has_ticket
SSL_SESSION_get_timeout
SSL_ctrl
SSL_CTX_set_default_passwd_cb_userdata
TLSv1_2_method
SSL_CIPHER_get_cipher_nid
SSL_CTX_callback_ctrl
TLS_client_method
SSL_get_verify_result
SSL_CTX_get_options
SSL_CTX_set_post_handshake_auth
SSL_CIPHER_description
SSL_set_read_ahead
SSL_write_ex
SSL_select_next_proto
SSL_CTX_new
SSL_set_fd
SSL_CTX_use_PrivateKey_file
SSL_get_verify_callback
SSL_CIPHER_get_digest_nid
SSL_get_finished
SSL_set_ex_data
SSL_get_ex_data
SSL_get0_verified_chain
SSL_get0_alpn_selected
SSL_CTX_clear_options
SSL_get_version
SSL_CTX_ctrl
SSL_CTX_set_keylog_callback
SSL_CTX_free
SSL_new
SSL_CTX_set_alpn_protos
SSL_CTX_set_default_verify_paths
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_options
SSL_set_session
SSL_SESSION_free
SSL_CTX_get_cert_store
SSL_get_session
SSL_free
SSL_get_current_compression
TLS_method
SSL_verify_client_post_handshake
SSL_CTX_set_default_passwd_cb
TLSv1_method
SSL_get_servername
SSL_SESSION_get_id
SSL_CIPHER_is_aead
SSL_CTX_get_default_passwd_cb
SSL_get_wbio
SSL_CIPHER_get_id
i2d_SSL_SESSION
SSL_get_shutdown
SSL_get_client_ciphers
SSL_get_rbio
SSL_set_msg_callback
SSL_do_handshake
SSL_get_SSL_CTX
SSL_get_ciphers
SSL_CIPHER_get_kx_nid

kernel32

RtlCaptureContext
GetLastError
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess

python311

PyErr_ExceptionMatches
PyThread_release_lock
PyModule_AddObjectRef
PyModule_AddObject
PyObject_CheckBuffer
_PyArg_ParseTuple_SizeT
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyLong_AsLong
_PyBytes_Resize
PyUnicode_FromFormat
PyObject_GetBuffer
PyErr_BadArgument
PySet_New
PyList_New
PyType_FromSpecWithBases
PyList_Append
PyUnicode_Decode
PyUnicode_FSConverter
PyType_GetModuleState
PyDict_SetItem
PyDict_New
PyErr_NewExceptionWithDoc
PyMem_Free
_PyModule_Add
PyFrozenSet_New
PyCapsule_Import
PyErr_NoMemory
PyErr_SetFromErrnoWithFilenameObject
PyExc_OSError
PyObject_CallObject
PyErr_CheckSignals
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
_Py_NotImplementedStruct
PyGILState_Ensure
PyType_GetModuleByDef
PyUnicode_FromEncodedObject
_PyDeadline_Get
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
PyObject_Str
PyUnicode_AsUTF8String
PyTuple_Pack
_PyByteArray_empty_string
PyCallable_Check
PyMem_Malloc
PyList_AsTuple
_PyTime_AsTimeval_clamp
PyExc_UnicodeEncodeError
_PyLong_AsInt
_Py_TrueStruct
PyModule_GetState
_PyObject_GC_New
PyList_SetItem
_Py_fopen_obj
PyUnicode_FromString
PyLong_FromSize_t
_PyDeadline_Init
PyBuffer_Release
PyObject_CallNoArgs
PyByteArray_Type
PyEval_RestoreThread
PyUnicode_FromStringAndSize
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyErr_SetFromErrno
PyFloat_Type
_Py_FalseStruct
PyModule_AddStringConstant
PyModule_AddType
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WarnFormat
PyUnicode_AsASCIIString
PyErr_WriteUnraisable
PyErr_SetString
PyList_Size
_PyArg_BadArgument
PyExc_AttributeError
PySet_Add
PyWeakref_GetObject
PyBuffer_FillInfo
PyExc_TimeoutError
PyThread_acquire_lock
PyDict_SetItemString
PyType_GetModule
_PyArg_NoPositional
PyTuple_New
_Py_NoneStruct
PyGILState_Release
PyBytes_FromString
PyFloat_AsDouble
PyErr_SetFromWindowsErr
PyDict_GetItemWithError
PyExc_MemoryError
PyBuffer_IsContiguous
PyObject_GC_UnTrack
PyLong_FromLong
PyExc_RuntimeError
_PyErr_ChainExceptions
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyBytes_AsString
_PyErr_BadInternalCall
PyExc_DeprecationWarning
_PyArg_CheckPositional
_PyArg_NoKeywords
PyExc_RuntimeWarning
PyErr_WarnEx
PyModule_AddIntConstant
_PyObject_CallFunction_SizeT
PyList_Insert
_Py_BuildValue_SizeT
PyUnicode_DecodeFSDefault
PyBool_FromLong
PyErr_SetObject
PyWeakref_NewRef
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_List
_PyArg_Parse_SizeT
PyThread_allocate_lock

vcruntime140

strchr
memcpy
memcmp
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

_close
_setmode
__stdio_common_vfprintf
fseek
fgets
clearerr
fflush
__acrt_iob_func
fopen
ferror
ftell
__stdio_common_vsprintf
_open
fclose
_fileno
fwrite
_lseek
feof
fread
_write
_read

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_cexit
_errno
_execute_onexit_table

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

OPENSSL_Applink
PyInit__ssl

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_uuid.pyd
.dll windows:6 windows x64 arch:x64

368b62645c11988f8173cf8bdd0fea25

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:9a:c7:30:a6:3e:75:3d:a8:54:3f:d8:e3:99:ef:b7:c6:e7:f2:4a:e9:28:e8:27:26:94:3e:8d:5e:d1:c1:7f
Signer

Actual PE Digest

09:9a:c7:30:a6:3e:75:3d:a8:54:3f:d8:e3:99:ef:b7:c6:e7:f2:4a:e9:28:e8:27:26:94:3e:8d:5e:d1:c1:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\_uuid.pdb

Imports

rpcrt4

UuidCreateSequential

python311

PyModuleDef_Init
PyErr_SetFromWindowsErr
PyEval_SaveThread
PyModule_AddIntConstant
_Py_BuildValue_SizeT
PyEval_RestoreThread

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

Exports

Exports

PyInit__uuid

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/_win32sysloader.pyd
.dll windows:6 windows x64 arch:x64

0cc37620e20a981eff1969afb8d54d95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\_win32sysloader.pdb

Imports

python311

PyArg_ParseTuple
PyMem_Free
PyModule_Create2
PyUnicode_AsWideCharString
PyUnicode_FromWideChar
_Py_NoneStruct

kernel32

InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter

vcruntime140

memset
__current_exception_context
__std_type_info_destroy_list
__C_specific_handler
__current_exception

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_crt_at_quick_exit
_register_onexit_function
_crt_atexit
_execute_onexit_table
_cexit
terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_onexit_table

Exports

Exports

PyInit__win32sysloader

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/aiohttp/_helpers.pyd
.dll windows:6 windows x64 arch:x64

67f66815894b822eac51b7b897c090bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyExc_AttributeError
PyErr_SetString
PyErr_WarnFormat
PyDict_Next
PyErr_Format
PyTuple_Type
_Py_FalseStruct
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyExc_OverflowError
_Py_Dealloc
PyImport_GetModuleDict
PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyLong_AsLong
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyList_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyObject_RichCompareBool
PyUnicode_Decode
PyException_SetTraceback
_PyObject_GenericGetAttrWithDict
PyDict_SetItemString
PyDict_New
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyCMethod_New
PyList_Type
PyDict_GetItemString
PyObject_GetItem
PyModuleDef_Init
PyBytes_FromStringAndSize
PyExc_NotImplementedError
PyDict_DelItem
PyUnicode_Compare
PyErr_SetExcInfo
PyExc_TypeError
PyMem_Realloc
PyExc_NameError
PyTuple_Pack
PyMem_Malloc
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
PyType_Modified
PyErr_GetExcInfo
_PyType_Lookup
PyUnicode_Format
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyDict_Size
PySequence_Contains
PyTuple_New
_Py_NoneStruct
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyErr_WarnEx
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyDict_SetItem
PyBaseObject_Type

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
InitializeSListHead

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

PyInit__helpers

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/aiohttp/_http_parser.pyd
.dll windows:6 windows x64 arch:x64

60e889e0dfb7a236193b66f6981222b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyDict_Contains
PyLong_AsUnsignedLongLong
PyBytes_FromString
PyRun_StringFlags
PyBytes_AsStringAndSize
_Py_NoneStruct
PyTuple_New
PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyExc_AttributeError
PyByteArray_AsString
PyNumber_Multiply
PyErr_SetString
PyErr_WriteUnraisable
PyObject_GetIter
PyNumber_Add
PyErr_WarnFormat
PyIter_Send
PyExc_ValueError
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyCoro_Type
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyUnicode_Join
PyExc_OverflowError
_Py_Dealloc
PyImport_GetModuleDict
PyModule_GetDict
PyErr_ExceptionMatches
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyLong_AsLong
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Init
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PyUnicode_Find
PyList_New
PySlice_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyBytes_Type
PyObject_RichCompareBool
PyObject_GetAttr
PyException_SetTraceback
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyMem_Free
PyExc_StopIteration
PyCMethod_New
_PyGen_SetStopIterationValue
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyUnicode_DecodeLatin1
PyObject_GetItem
PyObject_CallObject
PyUnicode_FromKindAndData
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyByteArray_Size
PyDict_DelItem
PyUnicode_Compare
PyExc_StopAsyncIteration
PyErr_SetExcInfo
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyDict_Copy
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
PyGen_Type
_Py_TrueStruct
PyArg_UnpackTuple
PyUnicode_DecodeASCII
PyExc_SystemError
_PyObject_GC_New
PyType_Modified
PyAsyncGen_Type
PyTraceBack_Type
PyMethodDescr_Type
PyExc_GeneratorExit
PyErr_GetExcInfo
PyLong_FromSize_t
_PyType_Lookup
PyUnicode_Format
PyObject_Size
PyBuffer_Release
PyObject_Call
PyObject_Repr
PyByteArray_Type
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
Py_GetVersion
PyInterpreterState_GetID
PyDict_GetItemWithError
PyErr_SetNone
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyObject_SelfIter
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyExc_KeyError
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyFunction_Type
PyThreadState_GetFrame
PyExc_RuntimeWarning
PyErr_WarnEx
_PyObject_CallFunction_SizeT
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyBaseObject_Type
PyUnicode_Decode
PyByteArray_Resize

kernel32

GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset
memcmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
abort
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

PyInit__http_parser

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/aiohttp/_http_writer.pyd
.dll windows:6 windows x64 arch:x64

5a1c967a19dd7499f6965102e21bc27c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyErr_Format
PyDict_Type
PyTuple_Type
_Py_FalseStruct
PyModule_NewObject
PyMethod_Type
PyType_IsSubtype
PyErr_Restore
_Py_Dealloc
PyImport_GetModuleDict
PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyDescr_IsData
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyList_New
PyImport_AddModule
PyType_Ready
PyUnicode_Contains
PyObject_GetAttrString
PyErr_Clear
PyUnicode_Decode
PyException_SetTraceback
PyDict_SetItem
PyDict_New
PyUnicode_Type
_PyDict_GetItem_KnownHash
PyMem_Free
PyExc_ValueError
PyCMethod_New
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyModuleDef_Init
PyBytes_FromStringAndSize
PyUnicode_Compare
PyErr_SetExcInfo
PyExc_TypeError
PyMem_Realloc
PyObject_Str
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyMethodDescr_Type
PyErr_GetExcInfo
PyUnicode_FromString
_PyType_Lookup
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyDict_Next
PyObject_GetIter
PyErr_WriteUnraisable
PyIter_Next
PyErr_SetString
PyExc_AttributeError
PyDict_Size
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyObject_Hash
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyFrame_New
PyFunction_Type
PyErr_PrintEx
PyErr_WarnEx
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyExc_StopIteration

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
InitializeSListHead

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

PyInit__http_writer

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/aiohttp/_websocket.pyd
.dll windows:6 windows x64 arch:x64

a01af2f36e74fc2980416c0cd208b48a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyImport_AddModule
PyObject_GetAttrString
PyErr_Clear
PyBytes_Type
PyUnicode_Decode
PyDict_SetItem
PyDict_New
_PyDict_GetItem_KnownHash
PyCMethod_New
PyDict_GetItemString
PyModuleDef_Init
_Py_Dealloc
PyUnicode_Compare
PyExc_TypeError
PyMem_Realloc
PyExc_NameError
PyTuple_Pack
Py_OptimizeFlag
PyMem_Malloc
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyExc_AssertionError
PyObject_Size
PyObject_Call
PyByteArray_Type
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyImport_GetModuleDict
PyErr_Restore
PyType_IsSubtype
PyModule_NewObject
_Py_FalseStruct
PyErr_Format
PyDict_Next
PyExc_ValueError
PyErr_SetString
PyByteArray_AsString
PyExc_AttributeError
PyDict_Size
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyErr_SetNone
PyObject_Hash
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyErr_Occurred
PyBytes_AsString
PyImport_ImportModule
Py_LeaveRecursiveCall
PyFrame_New
PyErr_WarnEx
PyCode_NewEmpty
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyBytes_FromStringAndSize
PyObject_SetAttr

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_configure_narrow_argv

Exports

Exports

PyInit__websocket

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/bootux.dll
.dll windows:10 windows x64 arch:x64

3743d57b7a85109e8946ad01b46bbecc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

bootux.pdb

Imports

msvcrt

_lock
_initterm
malloc
sqrt
__C_specific_handler
__CxxFrameHandler3
_XcptFilter
free
memset
iscntrl
wcschr
_wtoi
_callnewh
_onexit
memcpy_s
__dllonexit
_amsg_exit
_unlock
memmove
floorf
ceil
_purecall
_vsnwprintf
wcscmp

api-ms-win-shcore-scaling-l1-1-0

GetScaleFactorForDevice

api-ms-win-shcore-thread-l1-1-0

SHCreateThread
SHGetThreadRef

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_Set

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileEx

shcore

ord228

shell32

SHFileOperationW
ord47
SHGetFolderPathW

shlwapi

StrCmpW
PathFileExistsW
StrToIntExW
PathFindFileNameW
StrRStrIW
PathGetDriveNumberW
StrCmpIW
ord460
StrChrW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
LoadLibraryExW
GetModuleFileNameW
LockResource
FindResourceExW
LoadResource
FreeLibrary
LoadStringW
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

CreateMutexExW
WaitForSingleObject
ReleaseMutex
OpenSemaphoreW
ReleaseSemaphore
CreateEventExW
CreateSemaphoreExW
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReleaseSRWLockShared
WaitForMultipleObjectsEx
CreateEventW
SetEvent
ResetEvent
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

TlsSetValue
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
TlsFree
TlsAlloc
TlsGetValue

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
TraceMessage
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags

api-ms-win-core-file-l1-1-0

GetDriveTypeW
GetLogicalDriveStringsW
CreateFileW
CreateDirectoryW
GetFileAttributesExW
WriteFile
DeleteFileW

api-ms-win-core-path-l1-1-0

PathCchCombine
PathCchAppend

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
CompareStringEx

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey

api-ms-win-eventing-controller-l1-1-0

StopTraceW
StartTraceW
EnableTraceEx2

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-atoms-l1-1-0

GetAtomNameW

api-ms-win-core-sidebyside-l1-1-0

DeactivateActCtx
CreateActCtxW
ActivateActCtx
ReleaseActCtx

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

uiautomationcore

UiaRaiseAutomationEvent

gdi32

CreateFontIndirectW
DeleteObject
CreateCompatibleDC
SelectObject
GetDeviceCaps
CreateDIBSection
GetStockObject
StretchDIBits
GetObjectW
DeleteDC

ntdll

WinSqmSetDWORD

ole32

CoInitialize

user32

UpdateWindow
InvalidateRect
FillRect
GetClientRect
SystemParametersInfoW
TranslateMessage
RegisterWindowMessageW
FindWindowW
GetMonitorInfoW
RemovePropW
MonitorFromPoint
DispatchMessageW
GetSystemMetrics
GetMessageW
DrawTextW
SetForegroundWindow
PostQuitMessage
SetPropW
ShowWindow
GetCursorPos
ReleaseDC
MapWindowPoints
GetDC
SetCursor
LoadCursorW
MsgWaitForMultipleObjectsEx
PeekMessageW
GetAncestor
PostMessageW
IsWindow

uxtheme

GetCurrentThemeName

dui70

?ActivateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@K@Z
?EventFromEventId@Schema@DirectUI@@SA?AW4Event@12@H@Z
?WantEvent@EventManager@DirectUI@@SA_NW4Event@Schema@2@@Z
?FWantAnyEvent@EventManager@DirectUI@@SA_NPEAVElement@2@@Z
?SetX@Element@DirectUI@@QEAAJH@Z
?GetExtent@Element@DirectUI@@QEAAPEBUtagSIZE@@PEAPEAVValue@2@@Z
?SetMargin@Element@DirectUI@@QEAAJHHHH@Z
?GetMargin@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?_Fill@Element@DirectUI@@IEAAXPEAUHDC__@@KHHHH_N@Z
?SetXMLFromResourceWithTheme@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@00@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJPEBGPEAUHINSTANCE__@@1@Z
?SetRootWindowForTheming@DUIXmlParser@DirectUI@@QEAAXPEAUHWND__@@@Z
?GetSheet@DUIXmlParser@DirectUI@@QEAAJPEBGPEAPEAVValue@2@@Z
DuiCreateObject
?AdviseEventRemoved@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?AdviseEventAdded@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?get_FragmentRoot@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderFragmentRoot@@@Z
?SetFocus@ElementProvider@DirectUI@@UEAAJXZ
?GetEmbeddedFragmentRoots@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?get_BoundingRectangle@ElementProvider@DirectUI@@UEAAJPEAUUiaRect@@@Z
?GetRuntimeId@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?Navigate@ElementProvider@DirectUI@@UEAAJW4NavigateDirection@@PEAPEAUIRawElementProviderFragment@@@Z
?ShowContextMenu@ElementProvider@DirectUI@@UEAAJXZ
?get_HostRawElementProvider@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderSimple@@@Z
?GetPropertyValue@ElementProvider@DirectUI@@UEAAJHPEAUtagVARIANT@@@Z
?get_ProviderOptions@ElementProvider@DirectUI@@UEAAJPEAW4ProviderOptions@@@Z
?AddRef@ElementProvider@DirectUI@@UEAAKXZ
?QueryInterface@ElementProvider@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?TossElement@ElementProvider@DirectUI@@UEAAXXZ
?GetElement@ElementProvider@DirectUI@@UEAAPEDVElement@2@XZ
??0ElementProvider@DirectUI@@QEAA@XZ
?CreatePatternProvider@Schema@DirectUI@@SAJW4Pattern@12@PEAVElementProvider@2@PEAPEAUIUnknown@@@Z
?IsPatternSupported@ElementProxy@DirectUI@@IEAAJW4Pattern@Schema@2@PEA_N@Z
?Init@ElementProxy@DirectUI@@MEAAXPEAVElement@2@@Z
?DoMethod@ElementProxy@DirectUI@@UEAAJHPEAD@Z
?GetProperty@ElementProxy@DirectUI@@IEAAJPEAUtagVARIANT@@H@Z
??1ElementProvider@DirectUI@@UEAA@XZ
?Release@ElementProvider@DirectUI@@UEAAKXZ
?Init@ElementProvider@DirectUI@@MEAAJPEAVElement@2@PEAVInvokeHelper@2@@Z
??1AutoLock@DirectUI@@QEAA@XZ
??0AutoLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
?DoInvoke@ElementProvider@DirectUI@@IEAAJHZZ
?PatternFromPatternId@Schema@DirectUI@@SA?AW4Pattern@12@H@Z
?GetForegroundColorRef@RichText@DirectUI@@UEAAJPEAK@Z
?GetClassInfoW@RichText@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?OnHosted@RichText@DirectUI@@UEAAXPEAVElement@2@@Z
?Paint@RichText@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnEvent@RichText@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnPropertyChanged@RichText@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??1RichText@DirectUI@@UEAA@XZ
??0RichText@DirectUI@@QEAA@XZ
?Initialize@RichText@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?SetDWriteFontCollection@RichText@DirectUI@@QEAAXPEAUIDWriteFontCollection@@@Z
?SetBackgroundColor@Element@DirectUI@@QEAAJK@Z
?SetLineSpacing@RichText@DirectUI@@QEAAJH@Z
?SetConstrainLayout@RichText@DirectUI@@QEAAJH@Z
?SetBaseline@RichText@DirectUI@@QEAAJH@Z
?GetContentAlign@Element@DirectUI@@QEAAHXZ
?SetContentAlign@Element@DirectUI@@QEAAJH@Z
?SetOverhang@Element@DirectUI@@QEAAJ_N@Z
?GetRawValue@Element@DirectUI@@QEAAPEAVValue@2@PEBUPropertyInfo@2@HPEAUUpdateCache@2@@Z
?GetElementScaledInt@Value@DirectUI@@QEAAHPEAVElement@2@@Z
?LineSpacingProp@RichText@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetContentSize@RichText@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEBGGGPEAUHINSTANCE__@@_N2@Z
?HeightProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetUnset@Value@DirectUI@@SAPEAV12@XZ
?WidthProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetWidth@Element@DirectUI@@QEAAHXZ
?DestroyAll@Element@DirectUI@@QEAAJ_N@Z
??1AccessibleButton@DirectUI@@UEAA@XZ
?OnReceivedDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?OnLostDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?DefaultAction@Button@DirectUI@@UEAAJXZ
?OnPropertyChanged@AccessibleButton@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??0AccessibleButton@DirectUI@@QEAA@XZ
?GetClassInfoPtr@AccessibleButton@DirectUI@@SAPEAUIClassInfo@2@XZ
?Initialize@AccessibleButton@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?Register@AccessibleButton@DirectUI@@SAJXZ
?Create@BorderLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?Create@ModernProgressRing@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?IDProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?CreateAtom@Value@DirectUI@@SAPEAV12@G@Z
?Create@FlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?ClassProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetTreatRightMouseButtonAsLeft@TouchButton@DirectUI@@QEAAJ_N@Z
?SetHandleEnter@TouchButton@DirectUI@@QEAAJ_N@Z
?Create@TouchButton@DirectUI@@SAJIPEAVElement@2@PEAKPEAPEAV32@@Z
?GetHeight@Element@DirectUI@@QEAAHXZ
?PressedProp@TouchButton@DirectUI@@SAPEBUPropertyInfo@2@XZ
?Click@TouchButton@DirectUI@@SA?AVUID@@XZ
?Context@Button@DirectUI@@SA?AVUID@@XZ
?GetBoolFalse@Value@DirectUI@@SAPEAV12@XZ
GetScaleFactor
?GetBorderThickness@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?OnInput@Button@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?GetPressed@Button@DirectUI@@QEAA_NXZ
?GetCaptured@Button@DirectUI@@QEAA_NXZ
?SetCaptured@Button@DirectUI@@QEAAJ_N@Z
?CreateBool@Value@DirectUI@@SAPEAV12@_N@Z
?PressedProp@Button@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetPressed@Button@DirectUI@@QEAAJ_N@Z
?GetClassInfoPtr@ModernProgressRing@DirectUI@@SAPEAUIClassInfo@2@XZ
?Create@ElementProvider@DirectUI@@SAJPEAVElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Create@HWNDElementProvider@DirectUI@@SAJPEAVHWNDElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Find@ElementProviderManager@DirectUI@@SAPEAVElementProvider@2@PEAVElement@2@@Z
?GetInvokeHelper@InvokeManager@DirectUI@@SAJPEAPEAVInvokeHelper@2@@Z
?SetY@Element@DirectUI@@QEAAJH@Z
?Create@VerticalFlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?LayoutPosProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetAccRole@Element@DirectUI@@QEAAJH@Z
?GetAccName@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?SetPasswordCharacter@TouchEditBase@DirectUI@@QEAAJH@Z
?SetMaxLength@TouchEditBase@DirectUI@@QEAAJH@Z
?Create@TouchEdit2@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?SetLayout@Element@DirectUI@@QEAAJPEAVLayout@2@@Z
?Create@FillLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?SetInputScope@TouchEdit2@DirectUI@@QEAAJW4__MIDL___MIDL_itf_inputscope_0000_0000_0001@@@Z
?Enter@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?Paste@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?SetCaretPosition@TouchEdit2@DirectUI@@QEAAJJ@Z
?GetSelection@TouchEdit2@DirectUI@@QEAAJPEAJ0@Z
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?KeyWithinProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetIntZero@Value@DirectUI@@SAPEAV12@XZ
?CreateInt@Value@DirectUI@@SAPEAV12@HW4DynamicScaleValue@@@Z
?SetAccDesc@Element@DirectUI@@QEAAJPEBG@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
UnicodeToMultiByte
?Register@Element@DirectUI@@SAJXZ
?CreateInstance@CSafeElementProxy@@SAJPEAVElement@DirectUI@@PEAPEAV1@@Z
?GetFactory@RichText@DirectUI@@QEAAPEAUIDWriteFactory@@XZ
?Create@RichText@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?Add@Element@DirectUI@@QEAAJPEAV12@@Z
?RemoveAll@Element@DirectUI@@QEAAJXZ
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?IsRoot@Element@DirectUI@@QEAAHXZ
?SetActive@Element@DirectUI@@QEAAJH@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetID@Element@DirectUI@@QEAAJPEBG@Z
?BackgroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetBackgroundStdColor@Element@DirectUI@@QEAAJH@Z
?Click@Button@DirectUI@@SA?AVUID@@XZ
?GetClass@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoW@Element@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?Detach@CSafeElementProxy@@QEAAXXZ
?GetRoot@Element@DirectUI@@QEAAPEAV12@XZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?FireEvent@Element@DirectUI@@QEAAXPEAUEvent@2@_N1@Z
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QEAA@XZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?UpdateTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?ActivateTooltip@Element@DirectUI@@MEAAXPEAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?GetClassInfoPtr@TouchHWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?CreateString@Value@DirectUI@@SAPEAV12@PEBGPEAUHINSTANCE__@@@Z
?GetStringNull@Value@DirectUI@@SAPEAV12@XZ
??0ClassInfoBase@DirectUI@@QEAA@XZ
??1ClassInfoBase@DirectUI@@UEAA@XZ
?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QEAAJXZ
?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
?AddRef@ClassInfoBase@DirectUI@@UEAAXXZ
?Release@ClassInfoBase@DirectUI@@UEAAHXZ
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
?IsValidProperty@ClassInfoBase@DirectUI@@UEBA_NPEBUPropertyInfo@2@@Z
?IsSubclassOf@ClassInfoBase@DirectUI@@UEBA_NPEAUIClassInfo@2@@Z
?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
?AddChild@ClassInfoBase@DirectUI@@UEAAXXZ
?RemoveChild@ClassInfoBase@DirectUI@@UEAAXXZ
?GetChildren@ClassInfoBase@DirectUI@@UEBAHXZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UEBAXXZ
??0Element@DirectUI@@QEAA@XZ
??1Element@DirectUI@@UEAA@XZ
?Initialize@Element@DirectUI@@QEAAJIPEAV12@PEAK@Z
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@P6APEBUPropertyInfo@2@XZHPEAUUpdateCache@2@@Z
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
?OnInput@Element@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnDestroy@Element@DirectUI@@UEAAXXZ
?BroadcastEvent@Element@DirectUI@@QEAAXPEAUEvent@2@@Z
?OnEvent@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?AddListener@Element@DirectUI@@QEAAJPEAUIElementListener@2@@Z
?RemoveListener@Element@DirectUI@@QEAAXPEAUIElementListener@2@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?_PostEvent@Element@DirectUI@@AEAAXPEAUEvent@2@H@Z
?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
?GetAccessibleImpl@Element@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?SyncDestroyWindow@NativeHWNDHost@DirectUI@@QEAAXXZ
UnInitThread
UnInitProcessPriv
?Destroy@NativeHWNDHost@DirectUI@@QEAAXXZ
??0NativeHWNDHost@DirectUI@@QEAA@XZ
?Initialize@NativeHWNDHost@DirectUI@@QEAAJPEBG0PEAUHWND__@@PEAUHICON__@@HHHHHHPEAUHINSTANCE__@@I@Z
??1NativeHWNDHost@DirectUI@@UEAA@XZ
?GetAccessibleImpl@HWNDElement@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?GetWindowClassNameAndStyle@HWNDElement@DirectUI@@UEAAXPEAPEBGPEAI@Z
?CreateStyleParser@HWNDElement@DirectUI@@UEAAJPEAPEAVDUIXmlParser@2@@Z
?OnCompositionChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnWmSettingChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnWmThemeChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnGetDlgCode@HWNDElement@DirectUI@@UEAAXPEAUtagMSG@@PEA_J@Z
?OnNoChildWithShortcutFound@HWNDElement@DirectUI@@UEAAXPEAUKeyboardEvent@2@@Z
?OnImmersiveColorSchemeChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnThemeChanged@HWNDElement@DirectUI@@UEAAXPEAUThemeChangedEvent@2@@Z
?OnGroupChanged@HWNDElement@DirectUI@@UEAAXH_N@Z
?Host@NativeHWNDHost@DirectUI@@QEAAXPEAVElement@2@@Z
?GetClassInfoPtr@TouchButton@DirectUI@@SAPEAUIClassInfo@2@XZ
StrToID
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?DefaultAction@Element@DirectUI@@UEAAJXZ
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
?EndDefer@Element@DirectUI@@QEAAXK@Z
?StartDefer@Element@DirectUI@@QEAAXPEAK@Z
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Create@Element@DirectUI@@SAJIPEAV12@PEAKPEAPEAV12@@Z
?CreateElement@DUIXmlParser@DirectUI@@QEAAJPEBGPEAVElement@2@1PEAKPEAPEAV32@@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@0@Z
?Destroy@DUIXmlParser@DirectUI@@QEAAXXZ
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?_OnUIStateChanged@TouchHWNDElement@DirectUI@@MEAAXGG@Z
??1TouchHWNDElement@DirectUI@@UEAA@XZ
??0TouchHWNDElement@DirectUI@@QEAA@XZ
?DismissIHMAsync@TouchHWNDElement@DirectUI@@QEAAJXZ
?OnDestroy@TouchHWNDElement@DirectUI@@UEAAXXZ
?IsMSAAEnabled@TouchHWNDElement@DirectUI@@UEAA_NXZ
?WndProc@TouchHWNDElement@DirectUI@@UEAA_JPEAUHWND__@@I_K_J@Z
?OnPropertyChanged@TouchHWNDElement@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnKeyFocusMoved@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@0@Z
?OnEvent@TouchHWNDElement@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnInput@TouchHWNDElement@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?MessageCallback@TouchHWNDElement@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?Initialize@TouchHWNDElement@DirectUI@@QEAAJPEAUHWND__@@_NIPEAVElement@2@PEAK@Z
?SetFlags@TouchHWNDElement@DirectUI@@QEAAJW4TouchHWNDElementFlags@2@0@Z
?GetClassInfoW@TouchHWNDElement@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?RemoveTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?CreateHostWindow@NativeHWNDHost@DirectUI@@UEAAPEAUHWND__@@KPEBG0KHHHHPEAU3@PEAUHMENU__@@PEAUHINSTANCE__@@PEAX@Z
?UpdateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?GetHWND@HWNDElement@DirectUI@@UEAAPEAUHWND__@@XZ
?CanSetFocus@HWNDElement@DirectUI@@UEAA_NXZ
?SetFont@Element@DirectUI@@QEAAJPEBG@Z
?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetHeight@Element@DirectUI@@QEAAJH@Z
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?GetFontQuality@Element@DirectUI@@QEAAHXZ
?GetFontWeight@Element@DirectUI@@QEAAHXZ
?GetFontSize@Element@DirectUI@@QEAAHXZ
?GetFontFace@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?Release@Value@DirectUI@@QEAAXXZ
InitProcessPriv
InitThread

duser

DeleteHandle
MapGadgetPoints
CreateAction
GetGadgetRect
InvalidateGadget
DUserSendEvent
InitGadgets
DUserPostEvent
DrawGadgetTree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/certifi/cacert.pem
setup_x86-64_build_4355/charset_normalizer/md.pyd
.dll windows:6 windows x64 arch:x64

f8c0f377107b03e523f21dcf227dcf24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyCapsule_Import
_Py_Dealloc
PyImport_ImportModule

kernel32

TerminateProcess
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

vcruntime140

memset
memcpy
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_execute_onexit_table

Exports

Exports

PyInit___init__
PyInit_md

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/charset_normalizer/md__mypyc.pyd
.dll windows:6 windows x64 arch:x64

b4de5d7aeff10114281218df3c8fdc6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyTuple_New
PyLong_FromString
PySequence_Contains
PyFloat_FromDouble
PySet_Add
PyExc_AttributeError
PyTuple_GetSlice
PyUnicode_New
PyUnicode_Split
PyNumber_Multiply
PyErr_SetString
PyExc_ZeroDivisionError
_PyObject_LookupAttrId
PyNumber_Add
_PyTrash_end
PyUnicode_InternInPlace
PyDict_Next
PyErr_Format
PyDict_Type
PyObject_RichCompare
PyBool_Type
PyTuple_Type
_Py_FalseStruct
PyFloat_Type
PyUnicode_Append
PyType_IsSubtype
PyNumber_Subtract
PyErr_Restore
PyExc_OverflowError
_Py_Dealloc
_PyTrash_cond
PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyObject_Vectorcall
PyUnicode_FromFormat
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PySlice_New
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
_Py_NoneStruct
PyCapsule_New
PySet_Type
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_VectorcallMethod
PyObject_IsInstance
PyType_GenericAlloc
PyFrozenSet_New
PyObject_GetItem
PyBytes_FromStringAndSize
PyImport_Import
_PyType_CalculateMetaclass
PyUnicode_Compare
PyExc_TypeError
PyObject_IsTrue
PyObject_Str
PyTuple_Pack
_PyUnicode_Ready
PyList_AsTuple
PyExc_IndexError
_Py_TrueStruct
_PyTrash_begin
PyExc_SystemError
_PyUnicode_FastCopyCharacters
PyObject_SetItem
_PyDict_GetItemStringWithError
PyNumber_TrueDivide
PyErr_SetImportError
PyUnicode_FromString
_PyUnicode_EQ
PyObject_CallNoArgs
PyUnicode_CompareWithASCIIString
PyType_Type
PyUnicode_Substring
PyUnicode_FromStringAndSize
PyFloat_AsDouble
PyObject_GetAttr
PySet_Contains
PyComplex_FromDoubles
PyDict_GetItemWithError
PyUnicode_Concat
PyObject_GC_UnTrack
PyObject_SetAttrString
_PyObject_FastCall
PyList_SetSlice
_PyErr_ChainExceptions
PyTraceBack_Here
PyNumber_Remainder
_PyUnicode_EqualToASCIIString
PySuper_Type
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModuleLevelObject
PyExc_KeyError
PyFrame_New
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyObject_SetAttr
PyBaseObject_Type
PyObject_RichCompareBool
PyModule_GetFilenameObject

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
strchr
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

api-ms-win-crt-stdio-l1-1-0

fflush
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit_md__mypyc

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/combase.dll
.dll windows:10 windows x64 arch:x64

86d63fcc59a250884fae714b325d53bf

Code Sign

33:00:00:04:5f:f3:c9:6c:1a:7f:f7:da:1d:00:00:00:00:04:5f
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:f4:7d:ff:b9:2b:ba:ea:a5:73:64:f5:82:cd:fc:23:a1:59:6a:6f:cd:56:e7:5b:09:f8:ed:43:2a:41:a8:fa
Signer

Actual PE Digest

bb:f4:7d:ff:b9:2b:ba:ea:a5:73:64:f5:82:cd:fc:23:a1:59:6a:6f:cd:56:e7:5b:09:f8:ed:43:2a:41:a8:fa

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

combase.pdb

Imports

api-ms-win-crt-string-l1-1-0

wcscmp
strnlen
memset
wcsncmp
wcsnlen

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__purecall
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
_o__stricmp
_o__strnicmp
_o__ui64tow_s
_o__wcsicmp
_o__wcslwr
_o__wcsnicmp
_o__wcstoui64
_o__wtoi
_o__wtol
memmove
_o_free
_o_malloc
_o_qsort
_o_rand_s
_o_realloc
_o_toupper
_o_wcsncpy_s
_o_wcstok
_o_wcstoul
_o_wmemcpy_s
__C_specific_handler
wcsstr
wcsrchr
__std_terminate
__CxxFrameHandler3
_o__itow_s
_o__itoa_s
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
__CxxFrameHandler4
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_CxxThrowException
_local_unwind
memcmp
memcpy

rpcrt4

RpcErrorStartEnumeration
RpcErrorGetNextRecord
RpcErrorEndEnumeration
RpcBindingInqObject
RpcRaiseException
RpcAsyncInitializeHandle
RpcAsyncGetCallStatus
RpcServerTestCancel
RpcAsyncCancelCall
RpcServerSubscribeForNotification
RpcServerUnsubscribeForNotification
RpcMgmtSetCancelTimeout
RpcCancelThreadEx
I_RpcFreeBuffer
I_RpcNegotiateTransferSyntax
I_RpcGetBufferWithObject
I_RpcGetBuffer
I_RpcSendReceive
I_RpcFixTransferSyntax
I_RpcAsyncSetHandle
I_RpcSend
I_RpcReceive
I_RpcAsyncAbortCall
RpcStringBindingParseW
RpcServerInqBindingHandle
RpcBindingToStringBindingW
RpcServerInqCallAttributesW
RpcBindingInqAuthInfoExW
RpcStringFreeW
RpcBindingSetAuthInfoExW
RpcRevertToSelfEx
RpcImpersonateClient
I_RpcBindingInqCurrentModifiedId
I_RpcSetDCOMAppId
RpcBindingInqAuthClientW
I_RpcOpenClientProcess
RpcCertGeneratePrincipalNameW
RpcServerRegisterAuthInfoW
RpcImpersonateClient2
RpcServerRegisterIf3
RpcServerUnregisterIf
I_RpcExceptionFilter
UuidFromStringW
RpcServerUseProtseqEpW
RpcServerInqBindings
RpcBindingVectorFree
RpcServerUseProtseqExW
RpcServerUseProtseqEpExW
RpcServerUseProtseqW
RpcAsyncCompleteCall
I_RpcMgmtEnableDedicatedThreadPool
I_RpcSystemHandleTypeSpecificWork
I_RpcServerGetAssociationID
I_RpcServerSubscribeForDisconnectNotification2
I_RpcServerUnsubscribeForDisconnectNotification
I_RpcBindingInqTransportType
RpcErrorAddRecord
RpcMgmtSetComTimeout
RpcMgmtInqComTimeout
MesEncodeFixedBufferHandleCreate
MesHandleFree
I_RpcGetSystemHandle
MesBufferHandleReset
NdrMesTypeDecode3
NdrMesTypeEncode3
NdrGetUserMarshalInfo
NdrDllGetClassObject
NdrOleFree
NdrClientCall3
NdrOleAllocate
NdrStubCall3
RpcBindingServerFromClient
NdrStubCall2
NdrServerInitialize
I_RpcRequestMutex
I_RpcFree
I_RpcAllocate
I_RpcClearMutex
NdrClientInitializeNew
I_RpcBCacheAllocate
NdrGetTypeFlags
SimpleTypeAlignment
NdrClearOutParameters
NdrFullPointerXlatFree
NdrFullPointerXlatInit
NdrCorrelationFree
NdrCorrelationInitialize
SimpleTypeMemorySize
I_RpcBCacheFree
SimpleTypeBufferSize
NdrConvert2
NdrClientCall2
NdrAsyncServerCall
NdrServerCall2
RpcExceptionFilter
MesDecodeIncrementalHandleCreate
MesEncodeIncrementalHandleCreate
NdrMesTypeEncode2
NdrMesTypeDecode2
NdrMesTypeFree2
NdrMesTypeAlignSize2
I_RpcFreeSystemHandleCollection
RpcBindingBind
RpcBindingCreateW
I_RpcFreeSystemHandle
I_RpcMgmtQueryDedicatedThreadPool
I_RpcBindingInqLocalClientPID
I_RpcBindingSetPrivateOption
RpcBindingFree
I_RpcSetSystemHandle
RpcBindingSetOption
ord1000
RpcBindingUnbind
RpcBindingCopy
RpcSmDestroyClientContext
UuidCreate
RpcBindingFromStringBindingW
MesDecodeBufferHandleCreate

ntdll

RtlCaptureContext
RtlImageDirectoryEntryToData
RtlGetDeviceFamilyInfoEnum
RtlUpcaseUnicodeChar
RtlCopySid
RtlLengthSid
NtQueryInformationToken
RtlWow64IsWowGuestMachineSupported
RtlWow64GetEquivalentMachineCHPE
RtlSetThreadSubProcessTag
RtlDelete
RtlApplicationVerifierStop
RtlRealSuccessor
RtlCheckForOrphanedCriticalSections
NtQueryInformationThread
NtSetInformationObject
NtQueryObject
NtQueryVolumeInformationFile
RtlCaptureStackBackTrace
EtwEventWrite
RtlVirtualUnwind
RtlInitializeCriticalSectionAndSpinCount
RtlSetThreadWorkOnBehalfTicket
RtlFreeHeap
RtlGetAppContainerNamedObjectPath
NtQueryTimerResolution
NtTerminateProcess
RtlReportException
RtlInitializeConditionVariable
RtlCompareMemory
EtwEventSetInformation
RtlIsMultiSessionSku
EvtIntReportEventAndSourceAsync
NtQuerySystemInformation
RtlQueryPackageClaims
DbgPrint
EtwEventRegister
EtwEventUnregister
RtlCheckTokenCapability
RtlInitializeCriticalSection
RtlInitializeSidEx
RtlImageNtHeader
WinSqmSetDWORD
LdrStandardizeSystemPath
RtlDllShutdownInProgress
NtQuerySystemInformationEx
EtwEventWriteTransfer
NtQuerySecurityAttributesToken
NtQueryValueKey
NtOpenKey
RtlEqualUnicodeString
NtQueryKey
RtlNtStatusToDosError
NtCreateKey
NtLoadKeyEx
RtlNtStatusToDosErrorNoTeb
RtlAdjustPrivilege
NtApphelpCacheControl
NtUnloadKey2
RtlInitUnicodeString
RtlDosPathNameToRelativeNtPathName_U_WithStatus
RtlFreeUnicodeString
RtlAppendUnicodeToString
RtlLoadString
NtQueryInformationProcess
RtlSubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
EtwTraceMessage
RtlGetAppContainerSidType
RtlSidDominates
RtlWakeAllConditionVariable
RtlSleepConditionVariableCS
EtwRegisterTraceGuidsW
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwGetTraceEnableFlags
EtwUnregisterTraceGuids
RtlDeleteCriticalSection
NtDeleteKey
RtlRealPredecessor
RtlInitUnicodeStringEx
RtlPcToFileHeader
RtlIsCriticalSectionLockedByThread
RtlLookupFunctionEntry
RtlAllocateHeap
EtwEventActivityIdControl
RtlDeleteNoSplay
RtlIsStateSeparationEnabled
RtlValidRelativeSecurityDescriptor
RtlSplay
RtlQueryPackageIdentity
wcschr
RtlGetThreadWorkOnBehalfTicket

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringA
DebugBreak
OutputDebugStringW

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
RaiseException

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-fibers-l1-1-0

FlsSetValue
FlsAlloc
FlsFree

api-ms-win-core-fibers-l1-1-1

IsThreadAFiber

api-ms-win-core-file-l1-1-0

DeleteFileW
GetFileAttributesW
CreateFileW
CreateDirectoryW
SetFileAttributesW
GetFileSizeEx
RemoveDirectoryW
GetFinalPathNameByHandleW
FindClose
FindNextFileW
FindFirstFileW
SetFileInformationByHandle
GetFileType

api-ms-win-core-handle-l1-1-0

DuplicateHandle
SetHandleInformation
CloseHandle

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapCreate
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree
GlobalAlloc
GlobalFree

api-ms-win-core-interlocked-l1-1-0

QueryDepthSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead

api-ms-win-core-libraryloader-l1-2-0

FreeLibraryAndExitThread
GetModuleHandleA
GetModuleFileNameW
GetModuleHandleExA
FreeLibrary
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress
GetModuleHandleW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
MapViewOfFile
OpenFileMappingW
VirtualAlloc
VirtualProtect
UnmapViewOfFile
VirtualQuery

api-ms-win-core-processenvironment-l1-1-0

FreeEnvironmentStringsW
ExpandEnvironmentStringsW
SearchPathW
GetEnvironmentStringsW
GetCommandLineW

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
GetCurrentProcessId
SetThreadStackGuarantee
GetProcessId
ProcessIdToSessionId
GetThreadPriority
CreateThread
SwitchToThread
GetCurrentThreadId
SetThreadToken
GetCurrentThread
TerminateProcess
OpenProcessToken
GetCurrentProcess

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
GetProcessMitigationPolicy
OpenProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegEnumValueW
RegGetValueW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegNotifyChangeKeyValue
RegLoadMUIStringW
RegOpenCurrentUser
RegDeleteTreeW
RegSetValueExA
RegDeleteKeyExA
RegOpenUserClassesRoot
RegCreateKeyExA
RegGetValueA
RegLoadAppKeyW
RegOpenKeyExW
RegSaveKeyExW
RegSetKeySecurity
RegCloseKey

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringW
CompareStringOrdinal

api-ms-win-core-synch-l1-1-0

OpenEventW
SetWaitableTimerEx
InitializeSRWLock
TryAcquireSRWLockExclusive
CreateSemaphoreExW
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
DeleteCriticalSection
CreateWaitableTimerExW
InitializeCriticalSectionAndSpinCount
SleepEx
WaitForMultipleObjectsEx
OpenEventA
CreateEventW
SetEvent
ResetEvent

api-ms-win-core-synch-l1-2-0

WakeByAddressAll
WaitOnAddress
Sleep
InitOnceExecuteOnce
InitOnceBeginInitialize
WakeByAddressSingle
InitOnceComplete

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemInfo
GetSystemDirectoryW
GetSystemWindowsDirectoryW
GetTickCount
GetComputerNameExW
GetSystemTime
GetSystemTimeAsFileTime

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolWait
CloseThreadpoolWait
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolWait
CreateThreadpoolTimer
CloseThreadpoolWork
SetEventWhenCallbackReturns
WaitForThreadpoolWorkCallbacks
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-wow64-l1-1-1

GetSystemWow64Directory2W
Wow64SetThreadDefaultGuestMachine

api-ms-win-security-base-l1-1-0

CreateWellKnownSid
GetSidSubAuthority
RevertToSelf
SetSecurityDescriptorDacl
GetLengthSid
CopySid
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
AccessCheckByType
ImpersonateAnonymousToken
MakeSelfRelativeSD
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
DuplicateToken
IsValidSecurityDescriptor
EqualSid
InitializeAcl
SetSecurityDescriptorRMControl
GetSidLengthRequired
InitializeSid
AddAccessAllowedAce
ImpersonateLoggedOnUser
CheckTokenMembership
IsValidSid
AccessCheck
GetAce
MapGenericMask
GetKernelObjectSecurity
PrivilegeCheck
SetSecurityDescriptorSacl
AddAce
InitializeSecurityDescriptor
GetTokenInformation
GetSecurityDescriptorRMControl
SetSecurityDescriptorOwner
ImpersonateSelf
SetSecurityDescriptorGroup
GetSidSubAuthorityCount
GetSecurityDescriptorSacl

api-ms-win-security-base-l1-2-0

GetAppContainerAce

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl
EventWriteEx
EventWriteTransfer
EventRegister
EventSetInformation
EventUnregister
EventProviderEnabled

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock
GlobalSize
GlobalReAlloc

api-ms-win-core-privateprofile-l1-1-0

GetProfileStringW

api-ms-win-core-sidebyside-l1-1-0

CreateActCtxW
GetCurrentActCtx
FindActCtxSectionStringW
FindActCtxSectionGuid
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
AddRefActCtx

api-ms-win-core-windowserrorreporting-l1-1-0

WerRegisterMemoryBlock
WerUnregisterMemoryBlock

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled
QuirkIsEnabledForProcess

kernelbase

GetSystemMetadataPathForPackage
OpenPackageInfoByFullNameForUser
GetStagedPackagePathByFullName2
OpenPackageInfoByFullNameForMachine
FindPackagesByPackageFamily
IsDeveloperModeEnabled
GetCurrentPackageInfo3
GetApplicationUserModelId
GetCurrentApplicationUserModelId
GetCurrentPackageFamilyName
ParseApplicationUserModelId
VerifyPackageFullName

api-ms-win-core-path-l1-1-0

PathCchRemoveFileSpec

api-ms-win-core-processsnapshot-l1-1-0

PssQuerySnapshot
PssDuplicateSnapshot
PssFreeSnapshot
PssCaptureSnapshot

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFindFileNameA

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

CLIPFORMAT_UserFree
CLIPFORMAT_UserFree64
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserMarshal64
CLIPFORMAT_UserSize
CLIPFORMAT_UserSize64
CLIPFORMAT_UserUnmarshal
CLIPFORMAT_UserUnmarshal64
CLSIDFromOle1Class
CLSIDFromProgID
CLSIDFromProgIDEx
CLSIDFromString
CStdAsyncStubBuffer2_Connect
CStdAsyncStubBuffer2_Disconnect
CStdAsyncStubBuffer2_Release
CStdAsyncStubBuffer_AddRef
CStdAsyncStubBuffer_Connect
CStdAsyncStubBuffer_Disconnect
CStdAsyncStubBuffer_Invoke
CStdAsyncStubBuffer_QueryInterface
CStdAsyncStubBuffer_Release
CStdStubBuffer2_Connect
CStdStubBuffer2_CountRefs
CStdStubBuffer2_Disconnect
CStdStubBuffer2_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
CleanupComl2StateInAllTls
CleanupOleStateInAllTls
CleanupTlsComl2State
CleanupTlsOleState
ClearCleanupFlag
CoAddRefServerProcess
CoAllowUnmarshalerCLSID
CoCancelCall
CoCopyProxy
CoCreateErrorInfo
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoCreateInstanceEx
CoCreateInstanceFromApp
CoCreateObjectInContext
CoDeactivateObject
CoDecodeProxy
CoDecrementMTAUsage
CoDisableCallCancellation
CoDisconnectContext
CoDisconnectObject
CoEnableCallCancellation
CoFileTimeNow
CoFreeUnusedLibraries
CoFreeUnusedLibrariesEx
CoGetActivationState
CoGetApartmentID
CoGetApartmentType
CoGetCallContext
CoGetCallState
CoGetCallerTID
CoGetCancelObject
CoGetClassObject
CoGetClassVersion
CoGetContextToken
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetDefaultContext
CoGetErrorInfo
CoGetInstanceFromFile
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoGetMarshalSizeMax
CoGetModuleArchitecture
CoGetModuleType
CoGetObjectContext
CoGetPSClsid
CoGetProcessIdentifier
CoGetStandardMarshal
CoGetStdMarshalEx
CoGetSystemSecurityPermissions
CoGetTreatAsClass
CoImpersonateClient
CoIncrementMTAUsage
CoInitializeEx
CoInitializeSecurity
CoInitializeWOW
CoInvalidateRemoteMachineBindings
CoIsHandlerConnected
CoLockObjectExternal
CoMarshalHresult
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoPopServiceDomain
CoPushServiceDomain
CoQueryAuthenticationServices
CoQueryClientBlanket
CoQueryProxyBlanket
CoReactivateObject
CoRegisterActivationFilter
CoRegisterClassObject
CoRegisterConsoleHandles
CoRegisterDeviceCatalog
CoRegisterInitializeSpy
CoRegisterMallocSpy
CoRegisterMessageFilter
CoRegisterPSClsid
CoRegisterRacActivationToken
CoRegisterSurrogate
CoRegisterSurrogateEx
CoReleaseMarshalData
CoReleaseServerProcess
CoResumeClassObjects
CoRetireServer
CoRevertToSelf
CoRevokeClassObject
CoRevokeConsoleHandles
CoRevokeDeviceCatalog
CoRevokeInitializeSpy
CoRevokeMallocSpy
CoRevokeRacActivationToken
CoSetCancelObject
CoSetErrorInfo
CoSetProxyBlanket
CoSuspendClassObjects
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTestCancel
CoUninitialize
CoUnloadingWOW
CoUnmarshalHresult
CoUnmarshalInterface
CoVrfCheckThreadState
CoVrfGetThreadState
CoVrfReleaseThreadState
CoWaitForMultipleHandles
CoWaitForMultipleObjects
CreateErrorInfo
CreateStreamOnHGlobal
DcomChannelSetHResult
DllDebugObjectRPCHook
DllGetActivationFactory
DllGetClassObject
EnableHookObject
FreePropVariantArray
FreePropVariantArrayWorker
GetCatalogHelper
GetErrorInfo
GetFuncDescs
GetHGlobalFromStream
GetHookInterface
GetRestrictedErrorInfo
HACCEL_UserFree
HACCEL_UserFree64
HACCEL_UserMarshal
HACCEL_UserMarshal64
HACCEL_UserSize
HACCEL_UserSize64
HACCEL_UserUnmarshal
HACCEL_UserUnmarshal64
HBITMAP_UserFree
HBITMAP_UserFree64
HBITMAP_UserMarshal
HBITMAP_UserMarshal64
HBITMAP_UserSize
HBITMAP_UserSize64
HBITMAP_UserUnmarshal
HBITMAP_UserUnmarshal64
HBRUSH_UserFree
HBRUSH_UserFree64
HBRUSH_UserMarshal
HBRUSH_UserMarshal64
HBRUSH_UserSize
HBRUSH_UserSize64
HBRUSH_UserUnmarshal
HBRUSH_UserUnmarshal64
HDC_UserFree
HDC_UserFree64
HDC_UserMarshal
HDC_UserMarshal64
HDC_UserSize
HDC_UserSize64
HDC_UserUnmarshal
HDC_UserUnmarshal64
HGLOBAL_UserFree
HGLOBAL_UserFree64
HGLOBAL_UserMarshal
HGLOBAL_UserMarshal64
HGLOBAL_UserSize
HGLOBAL_UserSize64
HGLOBAL_UserUnmarshal
HGLOBAL_UserUnmarshal64
HICON_UserFree
HICON_UserFree64
HICON_UserMarshal
HICON_UserMarshal64
HICON_UserSize
HICON_UserSize64
HICON_UserUnmarshal
HICON_UserUnmarshal64
HMENU_UserFree
HMENU_UserFree64
HMENU_UserMarshal
HMENU_UserMarshal64
HMENU_UserSize
HMENU_UserSize64
HMENU_UserUnmarshal
HMENU_UserUnmarshal64
HMONITOR_UserFree
HMONITOR_UserFree64
HMONITOR_UserMarshal
HMONITOR_UserMarshal64
HMONITOR_UserSize
HMONITOR_UserSize64
HMONITOR_UserUnmarshal
HMONITOR_UserUnmarshal64
HPALETTE_UserFree
HPALETTE_UserFree64
HPALETTE_UserMarshal
HPALETTE_UserMarshal64
HPALETTE_UserSize
HPALETTE_UserSize64
HPALETTE_UserUnmarshal
HPALETTE_UserUnmarshal64
HRGN_UserFree
HRGN_UserFree64
HRGN_UserMarshal
HRGN_UserMarshal64
HRGN_UserSize
HRGN_UserSize64
HRGN_UserUnmarshal
HRGN_UserUnmarshal64
HSTRING_UserFree
HSTRING_UserFree64
HSTRING_UserMarshal
HSTRING_UserMarshal64
HSTRING_UserSize
HSTRING_UserSize64
HSTRING_UserUnmarshal
HSTRING_UserUnmarshal64
HWND_UserFree
HWND_UserFree64
HWND_UserMarshal
HWND_UserMarshal64
HWND_UserSize
HWND_UserSize64
HWND_UserUnmarshal
HWND_UserUnmarshal64
HkOleRegisterObject
IIDFromString
InternalAppInvokeExceptionFilter
InternalCAggIdRelease
InternalCAggIdSetHandler
InternalCCFreeUnused
InternalCCGetClassInformationForDde
InternalCCGetClassInformationFromKey
InternalCCSetDdeServerWindow
InternalCMLSendReceive
InternalCMLSendReceive2
InternalCStdIdentityGetIProxyManager
InternalCStdIdentityGetInternalUnk
InternalCStdIdentityUpdateFlags
InternalCallAsProxyExceptionFilter
InternalCallFrameExceptionFilter
InternalCallerIsAppContainer
InternalCanMakeOutCall
InternalCanMakeOutCall2
InternalCoIsSurrogateProcess
InternalCoRegisterDisconnectCallback
InternalCoRegisterSurrogatedObject
InternalCoStdMarshalObject
InternalCoUnregisterDisconnectCallback
InternalCompleteObjRef
InternalCreateCAggId
InternalCreateIdentityHandler
InternalDoATClassCreate
InternalFillLocalOXIDInfo
InternalFreeObjRef
InternalGetWindowPropInterface
InternalGetWindowPropInterface2
InternalIrotEnumRunning
InternalIrotEnumRunning2
InternalIrotGetObject
InternalIrotGetObject2
InternalIrotGetObject3
InternalIrotGetTimeOfLastChange
InternalIrotGetTimeOfLastChange2
InternalIrotIsRunning
InternalIrotIsRunning2
InternalIrotNoteChangeTime
InternalIrotRegister
InternalIrotRevoke
InternalIsApartmentInitialized
InternalIsProcessInitialized
InternalMarshalObjRef
InternalNotifyDDStartOrStop
InternalOleModalLoopBlockFn
InternalRegisterWindowPropInterface
InternalRegisterWindowPropInterface2
InternalReleaseMarshalObjRef
InternalRevokeWindowPropInterface
InternalSTAInvoke
InternalServerExceptionFilter
InternalSetAptCallCtrlOnTlsIfRequired
InternalSetOleThunkWowPtr
InternalStubInvoke
InternalTlsAllocData
InternalUnmarshalObjRef
IsErrorPropagationEnabled
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrExtStubInitialize
NdrOleDllGetClassObject
NdrOleInitializeExtension
NdrProxyForwardingFunction10
NdrProxyForwardingFunction11
NdrProxyForwardingFunction12
NdrProxyForwardingFunction13
NdrProxyForwardingFunction14
NdrProxyForwardingFunction15
NdrProxyForwardingFunction16
NdrProxyForwardingFunction17
NdrProxyForwardingFunction18
NdrProxyForwardingFunction19
NdrProxyForwardingFunction20
NdrProxyForwardingFunction21
NdrProxyForwardingFunction22
NdrProxyForwardingFunction23
NdrProxyForwardingFunction24
NdrProxyForwardingFunction25
NdrProxyForwardingFunction26
NdrProxyForwardingFunction27
NdrProxyForwardingFunction28
NdrProxyForwardingFunction29
NdrProxyForwardingFunction3
NdrProxyForwardingFunction30
NdrProxyForwardingFunction31
NdrProxyForwardingFunction32
NdrProxyForwardingFunction4
NdrProxyForwardingFunction5
NdrProxyForwardingFunction6
NdrProxyForwardingFunction7
NdrProxyForwardingFunction8
NdrProxyForwardingFunction9
NdrpFindInterface
ObjectStublessClient10
ObjectStublessClient11
ObjectStublessClient12
ObjectStublessClient13
ObjectStublessClient14
ObjectStublessClient15
ObjectStublessClient16
ObjectStublessClient17
ObjectStublessClient18
ObjectStublessClient19
ObjectStublessClient20
ObjectStublessClient21
ObjectStublessClient22
ObjectStublessClient23
ObjectStublessClient24
ObjectStublessClient25
ObjectStublessClient26
ObjectStublessClient27
ObjectStublessClient28
ObjectStublessClient29
ObjectStublessClient3
ObjectStublessClient30
ObjectStublessClient31
ObjectStublessClient32
ObjectStublessClient4
ObjectStublessClient5
ObjectStublessClient6
ObjectStublessClient7
ObjectStublessClient8
ObjectStublessClient9
ProgIDFromCLSID
PropVariantClear
PropVariantCopy
ReleaseFuncDescs
RoActivateInstance
RoCaptureErrorContext
RoClearError
RoFailFastWithErrorContext
RoFailFastWithErrorContextInternal
RoFailFastWithErrorContextInternal2
RoFreeParameterizedTypeExtra
RoGetActivatableClassRegistration
RoGetActivationFactory
RoGetAgileReference
RoGetApartmentIdentifier
RoGetErrorReportingFlags
RoGetMatchingRestrictedErrorInfo
RoGetParameterizedTypeInstanceIID
RoGetServerActivatableClasses
RoInitialize
RoInspectCapturedStackBackTrace
RoInspectThreadErrorInfo
RoOriginateError
RoOriginateErrorW
RoOriginateLanguageException
RoParameterizedTypeExtraGetTypeSignature
RoRegisterActivationFactories
RoRegisterForApartmentShutdown
RoReportCapabilityCheckFailure
RoReportFailedDelegate
RoReportUnhandledError
RoResolveRestrictedErrorInfoReference
RoRevokeActivationFactories
RoSetErrorReportingFlags
RoTransformError
RoTransformErrorW
RoUninitialize
RoUnregisterForApartmentShutdown
SetCleanupFlag
SetErrorInfo
SetRestrictedErrorInfo
StringFromCLSID
StringFromGUID2
StringFromIID
UpdateDCOMSettings
UpdateProcessTracing
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserFree64
WdtpInterfacePointer_UserMarshal
WdtpInterfacePointer_UserMarshal64
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserSize64
WdtpInterfacePointer_UserUnmarshal
WdtpInterfacePointer_UserUnmarshal64
WindowsCompareStringOrdinal
WindowsConcatString
WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsDeleteStringBuffer
WindowsDuplicateString
WindowsGetStringLen
WindowsGetStringRawBuffer
WindowsInspectString
WindowsInspectString2
WindowsIsStringEmpty
WindowsPreallocateStringBuffer
WindowsPromoteStringBuffer
WindowsReplaceString
WindowsStringHasEmbeddedNull
WindowsSubstring
WindowsSubstringWithSpecifiedLength
WindowsTrimStringEnd
WindowsTrimStringStart

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.proxy
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 789KB - Virtual size: 789KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/cryptography/hazmat/bindings/_rust.pyd
.dll windows:6 windows x64 arch:x64

f25753a267a2aa590a319e2af4465b8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\runneradmin\AppData\Local\Temp\pip-req-build-csg7dlje\src\rust\target\release\deps\cryptography_rust.pdb

Imports

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentDirectoryW
GetCurrentThreadId
GetCurrentProcess
AcquireSRWLockShared
ReadConsoleW
ReadConsoleA
TerminateProcess
QueryPerformanceFrequency
SetConsoleMode
GetProcessHeap
HeapFree
AcquireSRWLockExclusive
HeapReAlloc
ReleaseMutex
GetConsoleMode
LoadLibraryW
ReleaseSRWLockShared
ReleaseSRWLockExclusive
FormatMessageW
CreateSemaphoreA
InitializeSRWLock
WriteConsoleW
WaitForSingleObjectEx
CreateMutexA
MultiByteToWideChar
GetExitCodeThread
WaitForSingleObject
ReleaseSemaphore
DeleteCriticalSection
LeaveCriticalSection
GetModuleHandleW
EnterCriticalSection
InitializeCriticalSection
WriteFile
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetFileType
GetStdHandle
ConvertThreadToFiberEx
ConvertFiberToThread
FindNextFileW
FindFirstFileW
RtlVirtualUnwind
FindClose
SystemTimeToFileTime
GetSystemTime
VirtualFree
GetEnvironmentVariableW
GetACP
SwitchToFiber
GetSystemTimeAsFileTime
GetCurrentProcessId
SetLastError
DeleteFiber
CreateFiberEx
WideCharToMultiByte
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
FormatMessageA
LoadLibraryA
FreeLibrary
GetSystemDirectoryA
GetLastError
GetModuleHandleExW
CloseHandle
GetProcAddress
GetModuleHandleA
Sleep

ws2_32

shutdown
socket
connect
closesocket
sendto
recvfrom
getpeername
send
recv
WSACleanup
WSAStartup
select
getsockopt
getsockname
ioctlsocket
setsockopt
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
ntohs
inet_ntoa
inet_addr
htons
htonl

advapi32

CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptGenRandom
CryptEnumProvidersW
SystemFunction036

user32

MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation

crypt32

CertEnumCertificatesInStore
CertCloseStore
CertGetCertificateContextProperty
CertOpenSystemStoreW
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertOpenStore

ntdll

RtlNtStatusToDosError
NtWriteFile

bcrypt

BCryptGenRandom

python3

PyExc_AttributeError
PyErr_GivenExceptionMatches
PyModule_GetName
PyUnicode_InternInPlace
PyUnicode_AsEncodedString
PyObject_CallMethod
PyObject_Repr
PyObject_Str
PyErr_Restore
Py_IsInitialized
PyGILState_Ensure
PyGILState_Release
PyBool_Type
PyList_Size
PyList_GetItem
PyList_Append
PyException_GetTraceback
PyErr_NormalizeException
PyErr_SetString
PyErr_Fetch
PyErr_SetObject
PyType_FromSpec
PyDict_SetItem
Py_GetVersion
PyException_SetTraceback
PyErr_PrintEx
PyErr_NewExceptionWithDoc
PyErr_WarnEx
PyException_GetCause
PyException_SetCause
PyErr_Print
PyObject_SetAttrString
PyLong_FromSsize_t
PyObject_GetItem
PyObject_SetItem
PyObject_DelItem
PyCMethod_New
PyTuple_Size
PyTuple_GetItem
PyObject_GetAttr
PyObject_SetAttr
PyObject_RichCompare
PyObject_IsTrue
PyObject_Size
PyObject_Hash
PySequence_Contains
PyFrozenSet_New
PySet_Add
PyNumber_Index
PyLong_AsLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyModule_New
PyDict_New
PyDict_Size
PyDict_GetItemWithError
PyDict_Next
PyObject_GetIter
PyIter_Next
PyExc_ImportError
PyExc_StopIteration
PyExc_BaseException
PyModule_Create2
PyType_GenericAlloc
PyImport_ImportModule
PyEval_RestoreThread
PyEval_SaveThread
PyArg_UnpackTuple
PyErr_Occurred
PyFloat_AsDouble
PyLong_FromVoidPtr
PyLong_FromUnsignedLong
PyLong_FromLong
PyObject_Free
PyObject_Malloc
_Py_Dealloc
PySequence_Size
PySequence_Check
PyImport_Import
PyExc_Exception
PySlice_AdjustIndices
PySlice_Unpack
PyBytes_FromStringAndSize
PyExc_IndexError
PyExc_MemoryError
PySlice_Type
PyLong_FromLongLong
PyObject_GC_UnTrack
PyErr_WriteUnraisable
PyExc_RuntimeError
PyTuple_SetItem
PyTuple_New
PyExc_OverflowError
PyObject_Call
PyList_SetItem
PyList_New
PyBytes_Size
PyBytes_AsString
PyUnicode_AsUTF8String
PyLong_Type
PyExc_NotImplementedError
PyObject_IsInstance
PyLong_FromUnsignedLongLong
_Py_FalseStruct
_Py_TrueStruct
_Py_NotImplementedStruct
_Py_NoneStruct
PyExc_TypeError
PyExc_ValueError
PyType_GetSlot
PyType_IsSubtype
PyExc_SystemError
PyType_GetFlags
PyBaseObject_Type
PyUnicode_FromStringAndSize
PyTraceBack_Print

vcruntime140

__CxxFrameHandler3
memcmp
memmove
memset
strchr
strrchr
memchr
wcsstr
strstr
_CxxThrowException
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
signal
_exit
_execute_onexit_table
_configure_narrow_argv
_initialize_narrow_environment
_wassert
_seh_filter_dll
_errno
_initterm_e
_crt_atexit
_initterm
strerror_s
_register_onexit_function
raise
_beginthreadex
_cexit

api-ms-win-crt-string-l1-1-0

strcspn
strcmp
strcpy_s
strcat_s
strncpy_s
strspn
isdigit
tolower
strncpy
isspace
strncmp
strlen

api-ms-win-crt-heap-l1-1-0

free
realloc
calloc
malloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64_s

api-ms-win-crt-stdio-l1-1-0

_wfopen
__stdio_common_vfprintf
__acrt_iob_func
fopen
_fileno
fputs
__stdio_common_vsprintf_s
_setmode
setvbuf
fwrite
__stdio_common_vswprintf
__stdio_common_vsscanf
fclose
feof
ferror
fflush
fgets
__stdio_common_vsprintf
fread
fseek
ftell

api-ms-win-crt-convert-l1-1-0

atoi
strtoul
strtol

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit__openssl
PyInit__rust

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/d2d1.dll
.dll windows:10 windows x64 arch:x64

27f7fb547267b1f94c425d9bbaae8b06

Code Sign

33:00:00:04:5f:f3:c9:6c:1a:7f:f7:da:1d:00:00:00:00:04:5f
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:c1:c4:9a:54:56:45:7a:07:41:1c:8b:e4:40:3c:90:cc:03:aa:12:29:f9:ca:c8:4e:7b:df:01:65:ae:97:6e
Signer

Actual PE Digest

3b:c1:c4:9a:54:56:45:7a:07:41:1c:8b:e4:40:3c:90:cc:03:aa:12:29:f9:ca:c8:4e:7b:df:01:65:ae:97:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d2d1.pdb

Imports

msvcrt

?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_aligned_realloc
_aligned_free
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBV0@@Z
tolower
wcstod
iswalpha
iswspace
_wcsicmp
wcsncmp
_isnan
_vsnprintf
sqrt
sqrtf
strcmp
_CxxThrowException
_aligned_malloc
time
strstr
_itow_s
_snprintf_s
swscanf_s
modff
wcschr
memcpy
memmove
tanf
_onexit
__dllonexit
_unlock
_lock
__CxxFrameHandler3
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
realloc
wcstol
memmove_s
memcpy_s
sinf
sin
powf
memset
memcmp
logf
log
fmodf
floorf
floor
expf
_vsnwprintf
_finite
_purecall
_callnewh
malloc
_wcsnicmp
free
cosf
cos
ceilf
ceil
atan2f
atan
acosf
wcscmp

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
DisableThreadLibraryCalls
GetModuleFileNameW
FindResourceExW
LockResource
FreeLibrary
LoadResource
SizeofResource

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
ReleaseSemaphore
WaitForSingleObject
LeaveCriticalSection
CreateMutexExW
CreateSemaphoreExW
InitializeCriticalSectionAndSpinCount
AcquireSRWLockShared
SetEvent
ReleaseMutex
ResetEvent
OpenSemaphoreW
DeleteCriticalSection
EnterCriticalSection
ReleaseSRWLockShared
ReleaseSRWLockExclusive
CreateEventW
AcquireSRWLockExclusive
WaitForSingleObjectEx

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegGetValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-threadpool-l1-2-0

SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CreateThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent
OutputDebugStringA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetTickCount
GetSystemInfo
GetVersionExW
GetSystemDirectoryW

api-ms-win-core-synch-l1-2-0

Sleep
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

ntdll

RtlSetBit
RtlAreBitsSet
RtlInitializeBitMap
EtwEventUnregister
EtwEventRegister
EtwEventSetInformation
vDbgPrintEx
RtlHashUnicodeString
WinSqmAddToStream
WinSqmAddToAverageDWORD
WinSqmIncrementDWORD
WinSqmIsOptedIn
WinSqmAddToStreamEx
DbgPrintEx
DbgPrint
EtwEventWriteTransfer
RtlClearBits

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalSize
GlobalLock

api-ms-win-core-heap-l2-1-0

GlobalFree
GlobalAlloc

api-ms-win-core-file-l1-1-0

ReadFile
GetFileSize
CreateFileW

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-windowserrorreporting-l1-1-0

WerRegisterMemoryBlock

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-memory-l1-1-0

MapViewOfFile
CreateFileMappingW
UnmapViewOfFile

Exports

Exports

D2D1ComputeMaximumScaleFactor
D2D1ConvertColorSpace
D2D1CreateDevice
D2D1CreateDeviceContext
D2D1CreateFactory
D2D1GetGradientMeshInteriorPointsFromCoonsPatch
D2D1InvertMatrix
D2D1IsMatrixInvertible
D2D1MakeRotateMatrix
D2D1MakeSkewMatrix
D2D1SinCos
D2D1Tan
D2D1Vec3Length

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/d3d10warp.dll
.dll windows:10 windows x64 arch:x64

113eae7f46ac04ade26e10c730a6e454

Code Sign

33:00:00:04:60:cf:42:a9:12:31:5f:6f:b3:00:00:00:00:04:60
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/11/2023, 19:20

Not After

14/11/2024, 19:20

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:67:38:eb:2a:b2:a9:db:67:bc:8a:30:fd:2b:35:83:51:33:31:9e:9c:75:95:15:02:95:9e:13:bb:36:59:00
Signer

Actual PE Digest

15:67:38:eb:2a:b2:a9:db:67:bc:8a:30:fd:2b:35:83:51:33:31:9e:9c:75:95:15:02:95:9e:13:bb:36:59:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d3d10warp.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__localtime64
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__splitpath_s
_o__stricmp
__intrinsic_setjmp
_o_abort
_o_acos
_o_asin
_o_atan
_o_atan2
_o_atoi
_o_calloc
_o_ceil
_o_cos
_o_cosh
_o_exp
_o_exp2
_o_fabs
_o_floor
_o_fmod
_o_free
_o_isalnum
_o_isalpha
_o_isdigit
_o_isprint
_o_log
_o_log10
_o_log2
_o_malloc
_o_mbstowcs_s
_o_modf
_o_pow
_o_powf
_o_qsort
_o_qsort_s
_o_sin
_o_sinh
_o_sqrt
_o_strcpy_s
_o_tan
_o_tanh
_o_terminate
_o_toupper
_o_wcscat_s
_o_wcscpy_s
memchr
_o__fpclass
_o__get_osfhandle
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
__CxxFrameHandler3
wcsrchr
longjmp
_CxxThrowException
_o__cexit
_o__callnewh
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__C_specific_handler
__CxxFrameHandler4
memcmp
memcpy
memmove

api-ms-win-crt-string-l1-1-0

memset
strncmp

ntdll

RtlAddGrowableFunctionTable
EtwEventRegister
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EtwEventUnregister
EtwEventWrite
RtlCreateServiceSid
RtlInitUnicodeString
RtlCaptureStackBackTrace
RtlDeleteGrowableFunctionTable

api-ms-win-core-synch-l1-1-0

OpenSemaphoreW
ReleaseSRWLockExclusive
WaitForSingleObjectEx
AcquireSRWLockExclusive
CreateSemaphoreExW
ReleaseSemaphore
ReleaseSRWLockShared
CreateEventW
InitializeCriticalSectionEx
WaitForMultipleObjectsEx
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
CreateMutexExW
ReleaseMutex
AcquireSRWLockShared
DeleteCriticalSection
SetEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateEventA
ResetEvent

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
DisableThreadLibraryCalls
FreeLibrary
GetModuleFileNameA
LoadLibraryExW
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-processthreads-l1-1-0

CreateProcessA
GetCurrentProcess
TerminateProcess
OpenProcessToken
ExitThread
DeleteProcThreadAttributeList
TlsGetValue
TlsFree
OpenThreadToken
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
SwitchToThread
GetCurrentThreadId
GetCurrentProcessId
CreateThread
GetProcessTimes
GetProcessId
GetCurrentThread
ExitProcess
TlsAlloc
GetThreadPriority

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemDirectoryA
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList
InitializeSListHead
InterlockedPopEntrySList

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
SetLastError
GetLastError
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
GetProcessMitigationPolicy
FlushInstructionCache
OpenProcess

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle

api-ms-win-core-memory-l1-1-0

VirtualProtect
CreateFileMappingW
MapViewOfFile
VirtualFree
VirtualFreeEx
VirtualAllocEx
VirtualAlloc
VirtualQueryEx
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
UnmapViewOfFile
VirtualQuery

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-console-l2-1-0

SetConsoleTextAttribute
GetConsoleScreenBufferInfo

api-ms-win-core-console-l1-1-0

GetConsoleMode

msvcp_win

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?uncaught_exception@std@@YA_NXZ
_Xtime_get_ticks
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPEADK@Z

api-ms-win-crt-math-l1-1-0

fminf
fmaxf
ceilf
floorf
sqrtf
_finite

api-ms-win-core-registry-l1-1-0

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolTimer
CloseThreadpoolWork
CloseThreadpool
SetThreadpoolThreadMinimum
CloseThreadpoolTimer
SetThreadpoolThreadMaximum
SetThreadpoolTimer
CreateThreadpool
CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-systemtopology-l1-1-0

GetNumaHighestNodeNumber

rpcrt4

RpcAsyncInitializeHandle
RpcBindingBind
RpcAsyncGetCallStatus
RpcExceptionFilter
RpcBindingCreateW
RpcBindingUnbind
RpcServerListen
RpcEpRegisterA
RpcServerRegisterIf3
RpcServerUseProtseqEpW
RpcBindingVectorFree
RpcServerUnregisterIf
RpcEpUnregister
RpcServerInqBindings
RpcMgmtWaitServerListen
RpcMgmtStopServerListening
RpcAsyncAbortCall
RpcAsyncCompleteCall
RpcServerTestCancel
RpcBindingFree
RpcRevertToSelf
RpcImpersonateClient
RpcServerInqCallAttributesA
NdrAsyncServerCall
NdrServerCallAll
Ndr64AsyncServerCallAll
NdrServerCall2
NdrClientCall3
Ndr64AsyncClientCall
RpcAsyncCancelCall

api-ms-win-core-wow64-l1-1-1

IsWow64Process2
GetSystemWow64Directory2A

api-ms-win-core-psapi-ansi-l1-1-0

K32GetModuleFileNameExA

api-ms-win-security-base-l1-1-0

GetLengthSid
InitializeAcl
GetTokenInformation
AddAccessAllowedAce

api-ms-win-security-sddl-ansi-l1-1-0

ConvertSidToStringSidA
ConvertStringSidToSidA

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-security-sddl-l1-1-0

ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-com-l1-1-0

CoCreateGuid

api-ms-win-core-file-l1-1-0

WriteFile
CreateFileW
ReadFile

api-ms-win-core-io-l1-1-0

GetOverlappedResult
CancelIoEx

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
WaitNamedPipeW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventSetInformation
EventProviderEnabled
EventWriteTransfer
EventUnregister

api-ms-win-core-xstate-l2-1-0

GetEnabledXStateFeatures

api-ms-win-core-processthreads-l1-1-2

GetThreadInformation
SetThreadInformation

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-memory-l1-1-3

SetProcessValidCallTargets

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

D3D11RefGetLastCreation
D3DLayerGetInterface
OpenAdapter
OpenAdapter10_2
OpenAdapter12
OpenDisplayAdapter1
QueryDListForApplication1
VSD3DDebugConnectionBuffer

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 847KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/dbgeng.dll
.dll windows:10 windows x64 arch:x64

2278b6b64d869b295d1cf97b8afc695d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

dbgeng.pdb

Imports

api-ms-win-crt-string-l1-1-0

toupper
strpbrk
strnlen
isalpha
wmemmove_s
wmemcpy_s
_stricmp
wcsnlen
_memicmp
iswupper
iswalnum
_wcsupr
wcsncpy_s
memmove_s
_strlwr_s
memcpy_s
_wcsupr_s
iswdigit
strcpy_s
strncmp
iswalpha
wcsncmp
strcmp
_wcslwr
_strlwr
iswprint
isdigit
strncat_s
strncpy_s
_wcsicmp
towlower
towupper
wcscpy_s
wcscat_s
isalnum
isspace
_wcsdup
_wcsnicmp
iswspace
isprint
iswxdigit
_strnicmp
wcscmp

api-ms-win-crt-heap-l1-1-0

_free_base
_calloc_base
malloc
calloc
_malloc_base
free
realloc
_callnewh

api-ms-win-crt-environment-l1-1-0

_wgetenv
getenv

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s
fclose
_wfopen
ftell
fgetws
feof
fgets
__stdio_common_vswscanf
__stdio_common_vsprintf_s
__stdio_common_vswprintf_s
fseek
__stdio_common_vswprintf
__stdio_common_vsscanf
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vsnprintf_s
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_cexit
abort
_initterm
_initterm_e
_crt_atexit
_invalid_parameter_noinfo
_execute_onexit_table
__doserrno
_errno
terminate
_seh_filter_dll
_set_errno
_configure_narrow_argv
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_set_invalid_parameter_handler

api-ms-win-crt-time-l1-1-0

_ctime64
_wctime64
_time64

api-ms-win-crt-convert-l1-1-0

_ui64tow_s
_strtoui64
wcstol
wcstod
atoi
_wtoi
_wcstoui64
wcstoul
_itow_s
_ultow_s
atol
_wtol
wcstoull

api-ms-win-crt-locale-l1-1-0

_unlock_locales
___lc_collate_cp_func
setlocale
_lock_locales
_wsetlocale
___mb_cur_max_func
__pctype_func
___lc_locale_name_func
___lc_codepage_func

api-ms-win-crt-utility-l1-1-0

qsort
ldiv

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s

api-ms-win-crt-math-l1-1-0

frexp
pow
log
ceilf
ldexp

api-ms-win-core-errorhandling-l1-1-0

SetErrorMode
GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-string-l1-1-0

CompareStringEx
CompareStringW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal

api-ms-win-core-processenvironment-l1-1-0

SetEnvironmentVariableA
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
SearchPathW
GetEnvironmentVariableW
GetCurrentDirectoryW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
OutputDebugStringA
DebugBreak

rpcrt4

UuidCreate

api-ms-win-core-synch-l1-1-0

CreateEventA
InitializeCriticalSection
CreateEventW
WaitForSingleObjectEx
LeaveCriticalSection
EnterCriticalSection
OpenSemaphoreW
ResetEvent
CreateMutexW
ReleaseSemaphore
SetEvent
InitializeCriticalSectionAndSpinCount
CreateSemaphoreExW
CreateMutexExW
SleepEx
WaitForSingleObject
WaitForMultipleObjectsEx
InitializeCriticalSectionEx
CreateEventExW
ReleaseMutex
ReleaseSRWLockExclusive
OpenProcess
DeleteCriticalSection
ReleaseSRWLockShared
AcquireSRWLockShared
AcquireSRWLockExclusive

api-ms-win-core-processthreads-l1-1-0

GetExitCodeThread
GetThreadId
ResumeThread
GetCurrentProcessId
GetCurrentThread
CreateProcessW
ExitThread
CreateThread
TerminateProcess
GetExitCodeProcess
GetCurrentProcess
GetProcessTimes
GetCurrentThreadId
CreateRemoteThread
OpenProcessToken
GetThreadPriority
QueueUserAPC
GetPriorityClass
SuspendThread

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
SystemTimeToTzSpecificLocalTime
GetComputerNameExW
SystemTimeToFileTime
GetVersionExW
GetSystemInfo
GetTimeZoneInformation
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetLocalTime
GetVersionExA

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-misc-l1-1-0

LocalAlloc
LocalFree
Sleep
IsWow64Process
FormatMessageW
lstrcmpiW

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapCreate
GetProcessHeap
HeapFree
HeapReAlloc
HeapDestroy

api-ms-win-core-libraryloader-l1-1-0

FreeLibrary
LoadLibraryExA
LockResource
LoadResource
GetModuleHandleExW
SizeofResource
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
DisableThreadLibraryCalls

api-ms-win-core-memory-l1-1-0

ReadProcessMemory
VirtualQueryEx
UnmapViewOfFile
VirtualFree
VirtualProtectEx
VirtualQuery
VirtualProtect
CreateFileMappingW
VirtualFreeEx
MapViewOfFile
VirtualAllocEx
VirtualAlloc
WriteProcessMemory

api-ms-win-core-localregistry-l1-1-0

RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyExA
RegGetValueW
RegQueryValueExA
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegQueryValueExW

api-ms-win-core-file-l1-1-0

FindFirstFileA
SetFilePointer
FileTimeToLocalFileTime
WriteFile
GetFileTime
GetFullPathNameW
QueryDosDeviceW
GetLogicalDriveStringsW
CreateFileW
GetFinalPathNameByHandleW
DeleteFileW
GetFileSize
GetFileAttributesW
DeleteFileA
SetFilePointerEx
GetFileSizeEx
GetTempFileNameW
ReadFile
CreateDirectoryW
FindNextFileW
GetDriveTypeW
CreateFileA
FindFirstFileW
FindClose
FileTimeToSystemTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-localization-l1-1-0

LCMapStringEx
LCMapStringW

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlVirtualUnwind
RtlPcToFileHeader
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-fibers-l1-1-0

FlsSetValue
FlsFree
FlsGetValue
FlsAlloc

dbgmodel

CreateDataModelManager

bcrypt

BCryptFinishHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptHashData
BCryptCreateHash
BCryptOpenAlgorithmProvider

dbghelp

SymEnumTypesW
SymSetScopeFromIndex
SymSetScopeFromInlineContext
SymEnumTypesByNameW
SymEnumSymbolsExW
SymEnumSymbolsForAddrW
ord1103
ord1116
SymNextW
SymPrevW
ord1119
StackWalkEx
SymCompareInlineTrace
ord1102
SymEnumLinesW
SymGetSourceFileFromTokenW
SymMatchFileNameW
SetSymLoadError
SymCleanup
SymFromInlineContextW
SymGetUnwindInfo
SymRegisterCallbackW64
SymInitializeW
RemoveInvalidModuleList
ImageDirectoryEntryToDataEx
SymFreeDiaString
dbghelp
FindExecutableImageExW
SymFindFileInPathW
ImageNtHeader
SymGetTypeInfoEx
SymGetDiaSession
SymSetDiaSession
SymUnloadModule64
GetTimestampForLoadedLibrary
SymMatchStringA
SymGetTypeFromNameW
DbgHelpCreateUserDump
SymAddSymbol
SymLoadModuleExW
SymFromNameW
SymGetOptions
SymLoadModule64
SymGetTypeInfo
SymDeleteSymbolW
SymFromIndexW
SetCheckUserInterruptShared
ReportSymbolLoadSummary
SymGetHomeDirectoryW
SymSetSearchPathW
SymAllocDiaString
SymFromAddrW
SymGetExtendedOption
SymAddSymbolW
ImageRvaToVa
SymFunctionTableAccess64
SymFromTokenW
SymRegisterCallback64
SymGetFileLineOffsets64
SymEnumSymbolsW
SymGetLineFromNameW64
SymAddrIncludeInlineTrace
SymQueryInlineTrace
ImagehlpApiVersionEx
SymSetExtendedOption
SymSetOptions
SymSearchW
SymGetModuleInfoW64
SymGetSourceFileChecksumW
SymGetSourceFileTokenW
SymGetSourceVarFromTokenW
SymMatchStringW
SymRegisterFunctionEntryCallback64

ntdll

RtlFindNextForwardRunClear
RtlNumberOfSetBits
RtlCopyContext
RtlSetBits
NtQueryVirtualMemory
NtQuerySystemInformation
NtGetNextThread
RtlInitializeBitMap
RtlAreBitsClear
RtlNtStatusToDosError
RtlReleasePrivilege
RtlAcquirePrivilege
DbgPrintEx
RtlTryAcquirePebLock
RtlReleasePebLock
NtDeviceIoControlFile
NtClose
RtlRunOnceExecuteOnce
NtFreeVirtualMemory
NtAllocateVirtualMemory
NtCreateFile
RtlUTF8ToUnicodeN
NtCreateEvent
RtlCompareMemory
NtSetTimerResolution
RtlGetVersion
RtlGetNtProductType
NtSetEvent
NtResetEvent

xmllite

CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingName
CreateXmlReader

oleaut32

VariantCopy
VariantChangeType
VarBstrFromI4
SysAllocStringLen
VariantClear
SysFreeString
VariantInit
SysAllocString
SysStringLen

api-ms-win-crt-process-l1-1-0

_spawnlp

api-ms-win-core-threadpool-l1-1-0

CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-security-base-l1-1-0

AdjustTokenPrivileges
AllocateAndInitializeSid
AddAccessDeniedAce
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
AddAccessAllowedAce
FreeSid
CheckTokenMembership

Exports

Exports

DebugConnect
DebugConnectWide
DebugCreate
DebugCreateEx

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/diagtrack.dll
.dll windows:10 windows x64 arch:x64

24751990705d88c79b78660e5d71fbf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

diagtrack.pdb

Imports

msvcp_win

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?flags@ios_base@std@@QEBAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?good@ios_base@std@@QEBA_NXZ
?uncaught_exception@std@@YA_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?precision@ios_base@std@@QEAA_J_J@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
_Thrd_id
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QEBA_WD@Z
_Mtx_trylock
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
_Wcsxfrm
_Wcscoll
?id@?$collate@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?eof@ios_base@std@@QEBA_NXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Random_device@std@@YAIXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Cnd_broadcast
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Cnd_signal
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA_W_W@Z
?setf@ios_base@std@@QEAAHHH@Z
?setf@ios_base@std@@QEAAHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_XGetLastError@std@@YAXXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Cnd_timedwait
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Throw_Cpp_error@std@@YAXH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
_Mtx_current_owns
_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xbad_function_call@std@@YAXXZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
_Cnd_wait

api-ms-win-crt-string-l1-1-0

memset
strcspn
wcscmp
strnlen
wcsnlen
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__strnicmp
_o__strtoi64
_o__ui64tow_s
_o__wcsicmp
_o__wcslwr
_o__wcsnicmp
_o__wcstoi64
_o__wcstoui64
_o__wtof
_o__wtoi
memmove
_o_calloc
_o_ceil
_o_exp
_o_floor
_o_free
_o_isspace
_o_iswalnum
_o_iswspace
_o_isxdigit
_o_log
_o_log2
_o_lround
_o_malloc
_o_memcpy_s
_o_pow
_o_rand
_o_realloc
_o_round
_o_sqrt
_o_srand
_o_strtod
_o_strtol
_o_strtoul
_o_strtoull
_o_terminate
_o_tolower
_o_towlower
_o_towupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstod
_o_wcstoll
_o_wcstoull
__C_specific_handler
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__dsign
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
wcsstr
memchr
memcmp
memcpy
__CxxFrameHandler3
wcschr
strchr
__std_type_info_compare

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleHandleW
SizeofResource
LoadLibraryExW
FreeResource
GetModuleFileNameW
LoadStringW
LockResource
FindResourceExW
LoadResource
GetModuleHandleExW
GetProcAddress
FreeLibrary
GetModuleFileNameA

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-synch-l1-1-0

SetWaitableTimer
ReleaseSRWLockExclusive
CreateEventExW
ResetEvent
InitializeCriticalSection
ReleaseMutex
WaitForSingleObject
SetEvent
OpenSemaphoreW
CreateMutexExW
InitializeCriticalSectionEx
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CreateWaitableTimerExW
ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreExW
ReleaseSRWLockShared
DeleteCriticalSection
CreateEventW
WaitForSingleObjectEx
SetWaitableTimerEx
AcquireSRWLockShared

api-ms-win-core-heap-l1-1-0

HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
RaiseException
SetUnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-threadpool-l1-2-0

CloseThreadpool
SetThreadpoolWait
SetThreadpoolTimer
WaitForThreadpoolWaitCallbacks
CreateThreadpoolTimer
CreateThreadpoolWait
CloseThreadpoolWait
CreateThreadpoolIo
CloseThreadpoolWork
CloseThreadpoolTimer
WaitForThreadpoolIoCallbacks
WaitForThreadpoolWorkCallbacks
SubmitThreadpoolWork
SetThreadpoolThreadMaximum
CreateThreadpool
CreateThreadpoolWork
CloseThreadpoolIo
CancelThreadpoolIo
WaitForThreadpoolTimerCallbacks
StartThreadpoolIo

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
GetStartupInfoW
GetCurrentThread
CreateThread
GetCurrentProcess
GetExitCodeThread
UpdateProcThreadAttribute
GetCurrentProcessId
CreateProcessAsUserW
CreateProcessW
GetCurrentThreadId
OpenProcessToken
GetThreadId
InitializeProcThreadAttributeList
SuspendThread
OpenThread
DeleteProcThreadAttributeList
TerminateProcess
ResumeThread
SetThreadPriority
GetProcessId
SetThreadPriorityBoost
GetExitCodeProcess

api-ms-win-core-localization-l1-2-0

GetSystemDefaultLCID
GetUserGeoID
FormatMessageW
GetSystemPreferredUILanguages
GetThreadLocale

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

ntdll

RtlIsDosDeviceName_U
RtlFreeHeap
RtlReleaseRelativeName
RtlDosPathNameToRelativeNtPathName_U
NtQueryInformationProcess
RtlIsStateSeparationEnabled
NtOpenThreadToken
NtOpenProcessToken
RtlCompareUnicodeString
RtlGetDeviceFamilyInfoEnum
NtDeviceIoControlFile
NtCreateFile
NtClose
NtQueryInformationThread
NtQueryInformationToken
RtlInitUnicodeString
EtwTraceMessage
RtlAllocateAndInitializeSid
RtlNtStatusToDosError
RtlGetCurrentServiceSessionId
NtSystemDebugControl
NtSetInformationFile
NtQueryLicenseValue
RtlIsMultiSessionSku
RtlReportExceptionEx
RtlCheckPortableOperatingSystem
RtlGetPersistedStateLocation
RtlGetVersion
RtlPublishWnfStateData
NtSetInformationThread
ZwQueryWnfStateData
RtlAllocateHeap
NtOpenSymbolicLinkObject
NtOpenKey
NtQuerySymbolicLinkObject
NtOpenFile
NtQueryValueKey
NtQueryBootEntryOrder
NtQueryBootOptions
NtTranslateFilePath
NtOpenDirectoryObject
NtQueryDirectoryObject
NtEnumerateBootEntries
NtAdjustPrivilegesToken
NtOpenProcessTokenEx
NtOpenThreadTokenEx
RtlImpersonateSelf
RtlNtStatusToDosErrorNoTeb
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlConvertDeviceFamilyInfoToString
NtQuerySystemInformation
NtQuerySystemInformationEx
RtlSetSystemBootStatus
RtlComputeCrc32
NtQuerySystemTime
RtlGetSystemBootStatus
RtlRestoreSystemBootStatusDefaults
NtPowerInformation
RtlCreateBootStatusDataFile
RtlCheckSystemBootStatusIntegrity
EtwCheckCoverage
NtSetInformationProcess
NtQueryWnfStateData

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegNotifyChangeKeyValue
RegOpenCurrentUser
RegCloseKey
RegGetValueW
RegDeleteValueW
RegOpenKeyExW
RegDeleteTreeW
RegCreateKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCopyTreeW

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx
DeleteTimerQueueTimer
CreateTimerQueueTimer

api-ms-win-core-processenvironment-l1-1-0

SetEnvironmentVariableW
ExpandEnvironmentStringsW

api-ms-win-core-processthreads-l1-1-1

GetThreadTimes
IsProcessorFeaturePresent
GetProcessMitigationPolicy
GetThreadContext
OpenProcess
SetProcessMitigationPolicy

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-file-l1-1-0

GetDriveTypeW
SetFilePointerEx
GetFileSize
ReadFile
GetDiskFreeSpaceExW
FindFirstVolumeW
FindVolumeClose
GetFileSizeEx
FindNextVolumeW
CreateDirectoryW
WriteFile
GetVolumePathNameW
SetEndOfFile
FindCloseChangeNotification
FindFirstFileExW
FindNextChangeNotification
RemoveDirectoryW
SetFileInformationByHandle
FindNextFileW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetFinalPathNameByHandleW
CreateFileW
FindFirstChangeNotificationW
FindClose
GetTempFileNameW
FindFirstFileW
GetFullPathNameW
GetFileAttributesExW
QueryDosDeviceW
GetFileTime
GetVolumeInformationW

api-ms-win-core-file-l2-1-0

MoveFileExW
GetFileInformationByHandleEx
CopyFileExW

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree
LocalAlloc

api-ms-win-core-path-l1-1-0

PathCchAppend
PathAllocCombine
PathCchCanonicalizeEx
PathCchCombine

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetSystemTime
GetSystemDirectoryW
GetTickCount
GetSystemInfo
GetTickCount64

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList
InterlockedPushEntrySList

api-ms-win-core-realtime-l1-1-0

QueryThreadCycleTime
QueryUnbiasedInterruptTime
QueryProcessCycleTime

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
VerSetConditionMask
GetSystemTimePreciseAsFileTime
GetProductInfo

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
GetDynamicTimeZoneInformation
SystemTimeToFileTime

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-sysinfo-l1-2-1

GetPhysicallyInstalledSystemMemory

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

iphlpapi

GetNetworkConnectivityHint
NotifyNetworkConnectivityHintChange
CancelMibChangeNotify2

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-wow64-l1-1-1

IsWow64Process2
GetSystemWow64Directory2W

api-ms-win-core-url-l1-1-0

UrlEscapeW

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-psapi-l1-1-0

K32GetProcessImageFileNameW
K32GetPerformanceInfo

api-ms-win-core-string-l2-1-0

CharLowerBuffW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-crt-math-l1-1-0

_finite
ceilf

Exports

Exports

RunDll32Main
ServiceMain
SvchostPushServiceGlobals
UtcSysprepGeneralize

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/dwmcore.dll
.dll windows:10 windows x64 arch:x64

2bdd528ed0cc56d0e84513425bf3e540

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

dwmcore.pdb

Imports

msvcp_win

?_Random_device@std@@YAIXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xoverflow_error@std@@YAXPEBD@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
??Bid@locale@std@@QEAA_KXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z

api-ms-win-crt-string-l1-1-0

wcsncmp
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_invoke_watson

api-ms-win-crt-math-l1-1-0

fmaxf
fminf
_isnan
modff
acosf
asinf
atan2f
atanf
_finite
ceilf
cosf
floorf
fmodf
log10f
logf
sinf
tanf
sqrtf

api-ms-win-crt-private-l1-1-0

_o__errno
_o__execute_onexit_table
_o__hypot
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__recalloc
_o__register_onexit_function
_o__seh_filter_dll
_o__crt_atexit
memmove
_o__wcsicmp
_o_acos
_o_ceil
_o_exp
_o_floor
_o_fmod
_o_free
_o_log
_o_log2f
_o_malloc
_o_pow
_o_powf
_o_qsort
_o_remainderf
_o_sin
_o_sqrt
_o_strcpy_s
_o_strtoul
_o_tan
_o_toupper
_o_wcscpy_s
wcschr
wcsstr
__std_type_info_compare
__CxxFrameHandler3
__std_terminate
__C_specific_handler
_o__configure_narrow_argv
_o__cexit
wcsrchr
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___std_type_info_destroy_list
_CxxThrowException
memcmp
memcpy

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleHandleW
FreeLibrary
GetModuleFileNameA
GetProcAddress

api-ms-win-core-synch-l1-1-0

ResetEvent
WaitForSingleObject
CreateEventExW
ReleaseMutex
InitializeCriticalSectionEx
LeaveCriticalSection
AcquireSRWLockExclusive
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSemaphore
ReleaseSRWLockShared
EnterCriticalSection
ReleaseSRWLockExclusive
CreateMutexExW
AcquireSRWLockShared
DeleteCriticalSection
CreateSemaphoreExW
InitializeSRWLock
SetWaitableTimer
InitializeCriticalSection
SetEvent
OpenEventW
SetWaitableTimerEx
CreateEventW
CancelWaitableTimer
SleepEx
InitializeCriticalSectionAndSpinCount

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
SubmitThreadpoolWork

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
ResumeThread
ProcessIdToSessionId
GetCurrentProcessId
GetThreadId
GetCurrentThreadId
GetCurrentThread
TlsSetValue
SetThreadPriority
CreateThread
OpenProcessToken
TlsGetValue
TerminateProcess
TlsFree
TerminateThread
TlsAlloc

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-processthreads-l1-1-3

SetThreadDescription

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryValueW

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
QueryDepthSList

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTickCount64

api-ms-win-core-kernel32-legacy-l1-1-0

PulseEvent

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW
WaitForMultipleObjects

api-ms-win-eventing-provider-l1-1-0

EventProviderEnabled
EventRegister
EventEnabled
EventSetInformation
EventUnregister
EventActivityIdControl
EventWriteTransfer

ntdll

RtlSetBits
NtQueryDirectoryObject
NtOpenDirectoryObject
RtlInitUnicodeString
EtwCheckCoverage
memmove_s
RtlFreeHeap
RtlAcquireSRWLockExclusive
RtlPublishWnfStateData
RtlReleaseSRWLockExclusive
RtlLookupElementGenericTable
RtlInitializeSRWLock
RtlAllocateHeap
RtlGetMultiTimePrecise
NtSetInformationProcess
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfStateChangeNotification
RtlInitializeBitMap
NtQuerySystemInformation
NtUnmapViewOfSection
NtCreateSection
NtMapViewOfSection
DbgPrintEx
DbgPrompt
RtlEnumerateGenericTableWithoutSplaying
RtlInitializeGenericTable
RtlInsertElementGenericTable
RtlDeleteElementGenericTable

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCompareMemory
RtlLookupFunctionEntry
RtlCaptureContext
RtlCaptureStackBackTrace

api-ms-win-power-base-l1-1-0

CallNtPowerInformation

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-realtime-l1-1-0

QueryThreadCycleTime

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
OpenFileMappingW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW
LoadLibraryA

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
GetRestrictedErrorInfo
RoOriginateError
SetRestrictedErrorInfo

api-ms-win-core-registry-l1-1-0

RegGetValueA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegGetValueW

rpcrt4

NdrClientCall3
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW

api-ms-win-core-errorhandling-l1-1-3

TerminateProcessOnMemoryExhaustion

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

d2d1

ord5
ord3
ord2
ord4
ord1

win32u

NtSetCompositionSurfaceBufferUsage
NtQueryCompositionSurfaceRenderingRealization
NtSetCompositionSurfaceAnalogExclusive
NtDCompositionGetFrameLegacyTokens
NtQueryCompositionSurfaceBinding
NtSetCompositionSurfaceIndependentFlipInfo
NtOpenCompositionSurfaceSwapChainHandleInfo
NtOpenCompositionSurfaceDirtyRegion
NtTokenManagerThread
NtDCompositionGetFrameSurfaceUpdates
NtTokenManagerOpenSectionAndEvents
NtValidateCompositionSurfaceHandle
NtDCompositionGetConnectionBatch
NtDCompositionDiscardFrame
NtDCompositionRetireFrame
NtQueryCompositionSurfaceHDRMetaData
NtDCompositionGetFrameStatistics
NtDCompositionUpdatePointerCapture
NtMITActivateInputProcessing
NtMITDeactivateInputProcessing
NtMITDispatchCompletion
NtTokenManagerGetAnalogExclusiveSurfaceUpdates
NtSetCompositionSurfaceStatistics
NtTokenManagerGetAnalogExclusiveTokenEvent
NtTokenManagerConfirmOutstandingAnalogToken
NtDCompositionConfirmFrame
NtDCompositionBeginFrame
NtDCompositionSubmitDWMBatch
NtDCompositionCreateConnection
NtDCompositionDestroyConnection
NtDCompositionReferenceSharedResourceOnDwmChannel
NtDCompositionCreateSharedResourceHandle
NtDCompositionDestroyChannel
NtDCompositionCreateDwmChannel
NtDuplicateCompositionInputSink
NtQueryCompositionInputSinkLuid
NtQueryCompositionInputIsImplicit
NtQueryCompositionInputQueueAndTransform
NtQueryCompositionInputSink
NtUpdateInputSinkTransforms
NtCloseCompositionInputSink
NtSetCompositionSurfaceDirectFlipState

dcomp

ord2002
ord2001

coremessaging

CoreUICallSend
CoreUICreate
CoreUICreateEx
CoreUICallReceive
CoreUICallCreateEndpointHost
CoreUICallCreateConversationHost

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsDeleteString
WindowsCreateString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

api-ms-win-security-base-l1-1-0

PrivilegeCheck

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-dx-d3dkmt-l1-1-0

D3DKMTQueryAdapterInfo

d3d11

D3D11CreateDevice

d3dcompiler_47

D3DCreateLinker
D3DLoadModule
D3DCreateFunctionLinkingGraph

dxgi

CreateDXGIFactory1
CreateDXGIFactory2

Exports

Exports

MilCompositionEngine_GetComposedEventId
MilCompositionEngine_Initialize
MilCompositionEngine_Uninitialize
MilConnection_CreateChannel
MilTransport_AddRef
MilTransport_Release

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/edgehtml.dll
.dll windows:10 windows x64 arch:x64

92dbd485a8f15640c0fff7b2a7c647e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

edgehtml.pdb

Imports

msvcrt

__mb_cur_max
?what@exception@@UEBAPEBDXZ
_strlwr_s
strcpy_s
wcstombs_s
strrchr
towupper
iswxdigit
_wcsdup
??8type_info@@QEBAHAEBV0@@Z
__crtCompareStringW
__crtCompareStringA
__crtLCMapStringW
__crtLCMapStringA
_wsetlocale
___lc_handle_func
setlocale
toupper
memcpy
memmove
___mb_cur_max_func
___lc_codepage_func
_ismbblead
ldexp
strcspn
??0bad_cast@@QEAA@PEBD@Z
localeconv
??0bad_cast@@QEAA@AEBV0@@Z
??1bad_cast@@UEAA@XZ
memset
__pctype_func
isupper
islower
_Getmonths
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_Gettnames
_Strftime
isspace
memchr
___lc_collate_cp_func
memcmp
sqrt
_XcptFilter
_amsg_exit
_initterm
?terminate@@YAXXZ
isdigit
isxdigit
isalpha
swscanf_s
iswspace
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
__CxxFrameHandler3
wcsncat_s
_mbsicmp
_mbscspn
_mbsspn
_mbsstr
strchr
strtol
_mbschr
_ismbcdigit
strncpy_s
_mbscmp
calloc
mbstowcs
_ultoa_s
_resetstkoflw
iswascii
iswpunct
realloc
free
malloc
_controlfp_s
_errno
_set_errno
time
_wtoi64
_stricmp
towlower
wcstok_s
_wcsrev
_wcsupr
tolower
iswcntrl
_aligned_malloc
_aligned_free
_ltow
strncmp
_fpclass
fmod
floorf
floor
expf
exp
cosf
cos
_isnan
modf
abort
_i64tow_s
__ExceptionPtrCopy
__ExceptionPtrRethrow
__ExceptionPtrToBool
__ExceptionPtrDestroy
__ExceptionPtrCreate
sprintf_s
_wcsupr_s
_itow_s
_wcstoui64
_ui64tow_s
_wcslwr
_wcslwr_s
iswalnum
wcsrchr
wcstol
wcsncpy_s
wcsstr
wcscat_s
wcscpy_s
vswprintf_s
isalnum
wcstod
wcstoul
qsort
bsearch_s
qsort_s
iswalpha
iswdigit
_finite
_ltow_s
_ultow_s
wcsnlen
_wtol
swprintf_s
bsearch
_wtof
_wtoi
wcsncmp
_wcsnicmp
wcschr
tanf
??1type_info@@UEAA@XZ
_vsnprintf
_onexit
__dllonexit
_unlock
_lock
_wcsicmp
fmodf
__C_specific_handler
??0exception@@QEAA@AEBQEBD@Z
_vsnwprintf
memcpy_s
_purecall
iswprint
_statusfp
_clearfp
iswlower
strtoul
wcsspn
wcscspn
fwrite
strnlen
wcstok
__uncaught_exception
memmove_s
tan
sqrtf
sinf
sin
log
powf
log10f
logf
_HUGE
_Getdays
_CxxThrowException
pow
strstr
__iob_func
acos
acosf
asin
asinf
atan
atan2
atan2f
atanf
ceil
ceilf
wcscmp

chakra

RecyclerNativeHeapRootAddRef
RecyclerNativeHeapAllocTraced
RecyclerNativeHeapAllocTracedFinalized
JsVarToExtension
RecyclerNativeHeapCollectGarbageInThread
JsCreateThreadService
MemProtectHeapRootAlloc
RecyclerNativeHeapGetRealAddressFromInterior
MemProtectHeapCreate
RecyclerNativeHeapCreateWeakReference
RecyclerNativeHeapGetStrongReference
RecyclerNativeHeapAddExternalMemoryUsage
RecyclerNativeHeapRootRelease
JsDiscardBackgroundParse
MemProtectHeapNotifyCurrentThreadDetach
MemProtectHeapUnrootAndZero
MemProtectHeapDestroy
MemProtectHeapSynchronizeWithCollector
MemProtectHeapUnprotectCurrentThread
MemProtectHeapReportHeapSize
MemProtectHeapProtectCurrentThread
MemProtectHeapDisableCollection
MemProtectHeapRootRealloc
JsQueueBackgroundParse

iertutil

ord151
ord79
ord110
ord600
ord681
ord134
ord178
ord177
ord792
ord325
ord793
ord57
ord682
ord111
ord700
ord701
ord791
ord910
ord870
ord58
CreateUri
ord56
CreateIUriBuilder
ord911
ord690
ord139
ord138
CreateUriWithFragment
ord85
ord74
ord102
ord174
ord466
ord82
ord76
ord49
ord688
ord661
ord651
ord655
ord657
ord650
ord678
ord653
ord660
ord677
ord658
ord652
ord663
ord654
ord163
ord597
ord594
ord26
ord820
ord795
ord398
ord796
ord209
ord32
GetIUriPriv
GetPortFromUrlScheme
ord81

ntdll

NtPowerInformation
RtlReleaseSRWLockExclusive
NtQueryInformationProcess
NtQuerySystemInformation
RtlAcquireSRWLockExclusive
RtlNtStatusToDosError
RtlIpv6AddressToStringExW
RtlIpv4AddressToStringExW
RtlDllShutdownInProgress
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlGetSuiteMask
NtClose

winhttp

WinHttpGetIEProxyConfigForCurrentUser

api-ms-win-core-libraryloader-l1-2-0

FreeLibraryAndExitThread
LoadStringW
FreeLibrary
SizeofResource
LockResource
LoadLibraryExA
FindResourceExW
LoadResource
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
GetModuleFileNameA
GetModuleHandleExW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak
OutputDebugStringA

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventActivityIdControl
EventSetInformation
EventWriteEx
EventWriteTransfer
EventWrite
EventProviderEnabled

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
WaitForSingleObject
CreateEventExW
ReleaseSemaphore
AcquireSRWLockShared
OpenSemaphoreW
ResetEvent
InitializeSRWLock
SetEvent
CreateEventW
ReleaseSRWLockShared
ReleaseSRWLockExclusive
OpenEventW
WaitForMultipleObjectsEx
CreateMutexW
InitializeCriticalSectionEx
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
CreateMutexExW
ReleaseMutex
CreateSemaphoreExW
AcquireSRWLockExclusive

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
SetErrorMode
GetLastError
UnhandledExceptionFilter
RaiseException

api-ms-win-core-processthreads-l1-1-0

ProcessIdToSessionId
TerminateProcess
CreateProcessW
CreateThread
GetCurrentThread
GetCurrentProcess
OpenProcessToken
GetThreadPriority
ResumeThread
OpenThread
CreateProcessAsUserW
SetThreadPriority
GetCurrentProcessId
GetProcessIdOfThread
GetProcessId
TlsAlloc
TlsSetValue
TlsGetValue
GetExitCodeProcess
TlsFree
GetProcessTimes
ExitProcess
OpenThreadToken
GetCurrentThreadId
QueueUserAPC

api-ms-win-core-localization-l1-2-0

GetLocaleInfoW
GetUserDefaultLocaleName
IsValidLocaleName
GetLocaleInfoEx
SetThreadPreferredUILanguages
LocaleNameToLCID
GetUserDefaultLangID
GetCPInfo
GetGeoInfoW
GetUserGeoID
IsValidCodePage
GetUserDefaultLCID
GetSystemDefaultLCID
FormatMessageW
ResolveLocaleName
IsDBCSLeadByteEx
IsDBCSLeadByte
GetACP
LCMapStringEx
GetThreadUILanguage

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapSize
HeapAlloc
GetProcessHeap
HeapFree
HeapSetInformation
HeapDestroy

api-ms-win-core-fibers-l1-1-0

FlsFree
FlsSetValue
FlsAlloc

api-ms-win-core-memory-l1-1-0

FlushViewOfFile
VirtualFree
VirtualProtect
VirtualQuery
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
VirtualAlloc
MapViewOfFileEx
OpenFileMappingW

api-ms-win-core-atoms-l1-1-0

FindAtomW
AddAtomW
DeleteAtom

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemWindowsDirectoryW
GetLocalTime
GetTickCount64
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetLogicalProcessorInformation
GetVersionExA
GetSystemTimeAdjustment
GlobalMemoryStatusEx
GetVersionExW
GetSystemInfo

api-ms-win-core-synch-l1-2-0

WaitOnAddress
InitOnceExecuteOnce
InitOnceComplete
Sleep
InitOnceInitialize
SleepConditionVariableSRW
WakeAllConditionVariable
WakeByAddressAll
SleepConditionVariableCS
InitializeConditionVariable
InitOnceBeginInitialize

api-ms-win-core-path-l1-1-0

PathCchCanonicalizeEx
PathCchAddExtension
PathCchCombine
PathCchAppendEx
PathCchCanonicalize
PathCchRemoveExtension
PathCchAppend
PathAllocCombine
PathCchCombineEx

api-ms-win-core-shlwapi-legacy-l1-1-0

PathIsUNCW
SHExpandEnvironmentStringsW
PathGetDriveNumberW
IsCharSpaceW
PathUnquoteSpacesW
PathSearchAndQualifyW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathGetCharTypeW
PathFindExtensionW
PathIsFileSpecW
PathIsRelativeW
PathMatchSpecW
PathStripPathW

api-ms-win-core-file-l1-1-0

ReadFile
FileTimeToLocalFileTime
FindNextFileW
CreateFileW
FindNextChangeNotification
FindCloseChangeNotification
FindFirstChangeNotificationW
GetFileAttributesW
CompareFileTime
RemoveDirectoryW
SetFileAttributesW
SetFilePointerEx
GetFileSize
FindClose
FindFirstFileW
GetFullPathNameW
SetFilePointer
GetDiskFreeSpaceExW
CreateDirectoryW
GetLongPathNameW
GetFileTime
GetFullPathNameA
GetFileAttributesExW
GetFileType
GetFileSizeEx
FindFirstFileExW
WriteFile
GetTempFileNameW
SetEndOfFile
DeleteFileW

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrCmpICW
StrStrIA
StrStrA
StrDupW
QISearch
StrCmpNICW
StrCSpnW
StrCmpW
StrRStrIW
StrToIntA
StrCmpIW
StrTrimW
StrChrNW
StrStrW
StrToInt64ExW
StrToIntW
StrToIntExW
StrCmpCW
StrStrIW
StrChrW
StrChrNIW
StrCmpICA
StrCmpNICA
StrCmpNCW
StrCmpNW
StrCmpNIW
StrChrA
StrPBrkW

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics
GetMonitorInfoW
EnumDisplaySettingsW
SystemParametersInfoW

api-ms-win-core-kernel32-legacy-l1-1-0

WTSGetActiveConsoleSessionId
GetComputerNameW
RegisterWaitForSingleObject

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolWorkCallbacks
TrySubmitThreadpoolCallback
CloseThreadpoolWork
SetThreadpoolTimer
CreateThreadpool
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
CreateThreadpoolTimer
CloseThreadpool
CloseThreadpoolWait
CreateThreadpoolWait
CreateThreadpoolWork
WaitForThreadpoolWaitCallbacks
CloseThreadpoolTimer
CallbackMayRunLong
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroup
SetThreadpoolWait
CloseThreadpoolCleanupGroupMembers

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-string-l2-1-0

CharNextW
CharLowerW
CharUpperW
IsCharAlphaNumericW
CharLowerBuffW

api-ms-win-core-url-l1-1-0

UrlUnescapeW
UrlApplySchemeW
UrlCanonicalizeW
UrlGetLocationW
UrlCombineW
HashData
UrlEscapeW
ParseURLW
PathCreateFromUrlW
GetAcceptLanguagesW
UrlGetPartW
UrlIsW
UrlIsNoHistoryW
PathIsURLW
UrlCreateFromPathW

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName
GetSystemDefaultLocaleName

api-ms-win-core-kernel32-legacy-l1-1-1

PowerSetRequest
PowerCreateRequest
VerifyVersionInfoW
PowerClearRequest

api-ms-win-core-processthreads-l1-1-1

GetProcessMitigationPolicy
OpenProcess

api-ms-win-security-base-l1-1-0

IsValidSid
GetLengthSid
InitializeAcl
GetTokenInformation
AddAccessAllowedAce
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
CopySid

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalReAlloc
LocalFree
GlobalFree
GlobalAlloc

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW
LoadLibraryA

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegGetValueW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteTreeW
RegOpenKeyExA
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiA
lstrcmpA
lstrcmpW
lstrcmpiW
lstrlenW

api-ms-win-core-threadpool-legacy-l1-1-0

CreateTimerQueueTimer
UnregisterWaitEx
DeleteTimerQueueTimer
QueueUserWorkItem

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringEx
MultiByteToWideChar
CompareStringOrdinal
CompareStringW
WideCharToMultiByte

api-ms-win-core-processenvironment-l1-2-0

SearchPathA

api-ms-win-core-heap-obsolete-l1-1-0

GlobalLock
GlobalFlags
GlobalUnlock
LocalSize
GlobalSize
GlobalReAlloc

api-ms-win-rtcore-ntuser-clipboard-l1-1-0

GetClipboardFormatNameW
RegisterClipboardFormatA
IsClipboardFormatAvailable
SetClipboardData
RegisterClipboardFormatW
CloseClipboard
EmptyClipboard
OpenClipboard

api-ms-win-core-sidebyside-l1-1-0

ReleaseActCtx
CreateActCtxW
ActivateActCtx
DeactivateActCtx

api-ms-win-rtcore-ole32-clipboard-l1-1-0

OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard

api-ms-win-rtcore-ntuser-draw-l1-1-0

RedrawWindow

api-ms-win-rtcore-ntuser-powermanagement-l1-1-0

RegisterPowerSettingNotification
UnregisterPowerSettingNotification

api-ms-win-security-isolatedcontainer-l1-1-0

IsProcessInIsolatedContainer

api-ms-win-security-capability-l1-1-0

CapabilityCheck

api-ms-win-ntuser-rectangle-l1-1-0

PtInRect
IsRectEmpty
IntersectRect
SetRect

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-core-processenvironment-l1-1-0

SearchPathW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
SetEnvironmentVariableW
GetCurrentDirectoryW

api-ms-win-core-privateprofile-l1-1-0

GetProfileIntA
WritePrivateProfileStringW
GetProfileIntW

api-ms-win-core-com-private-l1-1-0

CoRegisterInitializeSpy
CoRegisterMessageFilter
CoRevokeInitializeSpy

rpcrt4

RpcStringFreeW
UuidCreate
I_RpcExceptionFilter
RpcBindingBind
NdrAsyncServerCall
Ndr64AsyncServerCallAll
RpcBindingCreateW
RpcServerUnregisterIf
RpcMgmtStopServerListening
UuidToStringW
RpcBindingFree
RpcStringFreeA
RpcBindingVectorFree
RpcEpRegisterNoReplaceW
RpcExceptionFilter
RpcServerInqBindingsEx
RpcServerRegisterIf3
RpcServerUseProtseqEpW
I_RpcBindingInqLocalClientPID
RpcServerInqBindingHandle
RpcAsyncInitializeHandle
RpcStringBindingComposeA
RpcAsyncCompleteCall
UuidFromStringW
NdrClientCall3
RpcBindingSetAuthInfoA
Ndr64AsyncClientCall
RpcBindingFromStringBindingA
RpcAsyncCancelCall

api-ms-win-core-file-l1-2-0

GetTempPathW
CreateFile2

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-mm-time-l1-1-0

timeEndPeriod
timeBeginPeriod

api-ms-win-core-job-l1-1-0

IsProcessInJob

api-ms-win-core-datetime-l1-1-1

GetDateFormatEx
GetTimeFormatEx

api-ms-win-core-systemtopology-l1-1-0

GetNumaHighestNodeNumber

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetSystemTimePreciseAsFileTime

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx
MoveFileExW

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPopEntrySList
QueryDepthSList
InitializeSListHead
InterlockedPushEntrySList

api-ms-win-core-processtopology-obsolete-l1-1-0

GetActiveProcessorCount

api-ms-win-core-fibers-l2-1-0

DeleteFiber
ConvertThreadToFiber
CreateFiber
SwitchToFiber
ConvertFiberToThread

api-ms-win-core-marshal-l1-1-0

CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal
HWND_UserUnmarshal
CLIPFORMAT_UserUnmarshal
HWND_UserSize
HWND_UserMarshal64
CLIPFORMAT_UserFree
HWND_UserUnmarshal64
HWND_UserSize64
CLIPFORMAT_UserUnmarshal64
HWND_UserFree64
HWND_UserFree
CLIPFORMAT_UserSize64
CLIPFORMAT_UserFree64
HWND_UserMarshal
CLIPFORMAT_UserMarshal64

api-ms-win-rtcore-ntuser-wmpointer-l1-1-0

GetPointerFrameTouchInfo
GetCurrentInputMessageSource
GetPointerInfo
GetPointerFrameInfoHistory

api-ms-win-core-winrt-robuffer-l1-1-0

RoGetBufferMarshaler

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
GetNumberFormatW
GetSystemDefaultUILanguage
EnumUILanguagesW

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW

api-ms-win-core-registry-l2-1-0

RegEnumKeyW

api-ms-win-shlwapi-winrt-storage-l1-1-1

IUnknown_GetWindow
StrRetToBufW

api-ms-win-core-realtime-l1-1-0

QueryProcessCycleTime
QueryThreadCycleTime

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo

api-ms-win-core-interlocked-l1-2-0

InterlockedPushListSListEx

api-ms-win-shell-namespace-l1-1-0

ILFindLastID
ILFree
SHBindToParent

api-ms-win-core-stringansi-l1-1-0

CharLowerA

api-ms-win-security-cryptoapi-l1-1-0

CryptGenRandom
CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptContextAddRef

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI
ResolveDelayLoadsFromDll

api-ms-win-core-processthreads-l1-1-3

SetProcessInformation
SetThreadDescription

api-ms-win-core-registry-l1-1-1

RegDeleteKeyValueW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW

rometadata

MetaDataGetDispenser

api-ms-win-base-util-l1-1-0

IsTextUnicode

api-ms-win-ole32-ie-l1-1-0

OleRun
CoInitialize
ReleaseStgMedium
CreateBindCtx

kernelbase

OpenGlobalizationUserSettingsKey

rmclient

HamDisconnectForExtendedExecution
HamAddDependency
HamConnectForExtendedExecution

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-namedpipe-l1-1-0

CreatePipe

api-ms-win-core-localization-ansi-l1-1-0

GetStringTypeExA

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-memory-l1-1-1

VirtualUnlock

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW

api-ms-win-shell-shdirectory-l1-1-0

ord290

api-ms-win-core-windowserrorreporting-l1-1-0

WerUnregisterMemoryBlock
WerRegisterMemoryBlock

Exports

Exports

CIGTestHookLoadLibraryWorkerThread
ClearPhishingFilterData
ClearTemporaryWebDataAsync
ConvertAndEscapePostData
CreateCoreWebView
CreateDiagnosticsToolObject
CreateHTMLPropertyPage
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
Fetch_CreateOriginAgnosticFetch
GetColorValueFromString
GetWebPlatformObject
InitializeLocalHtmlEngine
MatchExactGetIDsOfNames
ShowHTMLDialog
ShowHTMLDialogEx
ShowModalDialog
ShowModelessHTMLDialog
Streams_CreateByteChunk
Streams_CreateDefaultSizedByteChunk
Streams_CreateDefaultSizedWideCharChunk
Streams_CreateReadableStream
Streams_CreateReadableStreamFromFileHandle
Streams_CreateReadableStreamFromFilePath
Streams_CreateWideCharChunk
Streams_CreateWritableStream
TravelLogCreateInstance
UninitializeLocalHtmlEngine

Sections

.text
Size: 17.5MB - Virtual size: 17.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/frozenlist/_frozenlist.pyd
.dll windows:6 windows x64 arch:x64

56f6e59bf50ead80af85f33842e1acc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyDict_SetItemString
PyDict_Size
PyGC_Disable
PyExc_AttributeError
PyTuple_GetSlice
PyErr_SetString
PyErr_WarnFormat
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyNumber_InPlaceAdd
PyFloat_Type
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyExc_OverflowError
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyCapsule_GetPointer
PyObject_GC_Del
PyErr_Fetch
PyLong_AsLong
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyVectorcall_Function
PyList_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
_PyThreadState_UncheckedGet
PyUnicode_Decode
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyMem_Free
PyClassMethod_New
PyList_Type
PySequence_Contains
PyDict_GetItemString
PyList_Reverse
PyObject_GetItem
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyDict_DelItem
PyUnicode_Compare
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
_PyObject_GC_New
PyType_Modified
PyMethodDescr_Type
PyUnicode_FromString
_PyType_Lookup
PyUnicode_Format
PyObject_Call
PyObject_DelItem
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModuleLevelObject
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyList_Insert
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyDescr_NewClassMethod
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyGC_Enable
PyBaseObject_Type
PyTuple_New
_Py_NoneStruct
PyModule_GetName
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyMethod_New
PyErr_NoMemory
PyExc_RuntimeError
PyObject_RichCompareBool
PySequence_List

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

vcruntime140

strrchr
__C_specific_handler
__std_type_info_destroy_list
memset
memcpy
memmove
memcmp

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

Exports

Exports

PyInit__frozenlist

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/libcrypto-3.dll
.dll windows:6 windows x64 arch:x64

40bce6a23883072a66c68006f08e105c

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:f1:38:b4:b8:fd:08:a1:7c:5f:64:bd:2d:ac:44:16:cf:59:58:70:a6:1d:b9:98:c1:b2:5b:ec:56:8a:a5:0b
Signer

Actual PE Digest

7b:f1:38:b4:b8:fd:08:a1:7c:5f:64:bd:2d:ac:44:16:cf:59:58:70:a6:1d:b9:98:c1:b2:5b:ec:56:8a:a5:0b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\libcrypto-3.pdb

Imports

ws2_32

WSACleanup
WSAStartup
select
getsockopt
getsockname
bind
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
htonl
gethostbyaddr
ntohs
inet_ntoa
inet_addr
htons
closesocket
connect
listen
setsockopt
socket
shutdown
recv
send
recvfrom
sendto
accept
ioctlsocket

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

IsProcessorFeaturePresent
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
TerminateProcess
GetCurrentProcess
ReadConsoleW
ReadConsoleA
IsDebuggerPresent
GetConsoleMode
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThreadId
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
FindNextFileW
FindFirstFileW
GetStartupInfoW
InitializeSListHead
SetConsoleMode
UnhandledExceptionFilter
FindClose
VirtualLock
VirtualFree
VirtualProtect
VirtualAlloc
GetSystemInfo
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiberEx
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
Sleep
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
CloseHandle
LoadLibraryW
GetEnvironmentVariableW
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetModuleHandleExW

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
wcsstr
memchr
strstr
strchr
memmove
strrchr
memcmp
memset
memcpy
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

ftell
fseek
__stdio_common_vsprintf
__stdio_common_vfprintf
__stdio_common_vsscanf
fread
__stdio_common_vswprintf
_fileno
fgets
setvbuf
_wfopen
fopen
ferror
feof
fclose
fputs
clearerr
setbuf
__acrt_iob_func
__stdio_common_vsprintf_s
fflush
fwrite
_setmode

api-ms-win-crt-convert-l1-1-0

strtol
atoi
strtoul

api-ms-win-crt-string-l1-1-0

tolower
strspn
strcspn
strncmp
isspace
_strdup
strncpy_s
strcat_s
strcpy_s
isdigit
strncpy
strcmp

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

malloc
realloc
calloc
free

api-ms-win-crt-runtime-l1-1-0

_crt_at_quick_exit
perror
_initialize_onexit_table
_initterm
strerror_s
_initialize_narrow_environment
terminate
signal
raise
_exit
_configure_narrow_argv
_execute_onexit_table
_crt_atexit
_errno
_cexit
_register_onexit_function
_initterm_e
_seh_filter_dll

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_chmod
_stat64i32

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_dup
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_dup
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_print_ex
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_dup
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_bio_ex
ASN1_item_d2i_ex
ASN1_item_d2i_fp
ASN1_item_d2i_fp_ex
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_i2d_mem_bio
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_new_ex
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_sign_ex
ASN1_item_unpack
ASN1_item_verify
ASN1_item_verify_ctx
ASN1_item_verify_ex
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_callback
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_set_status
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_debug_callback_ex
BIO_dgram_non_fatal_error
BIO_do_connect_retry
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_prefix
BIO_f_readbuffer
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_line
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_ex
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_from_core_bio
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_core
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_socket_wait
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_wait
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/libffi-8.dll
.dll windows:6 windows x64 arch:x64

3dc8b86d60f90a1851eee5f9dc191312

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:e0:f1:58:7c:1f:18:3e:64:76:e2:2b:70:a9:25:bf:ec:55:9c:6f:4b:32:d6:13:92:b3:26:65:9d:c4:0c:67
Signer

Actual PE Digest

28:e0:f1:58:7c:1f:18:3e:64:76:e2:2b:70:a9:25:bf:ec:55:9c:6f:4b:32:d6:13:92:b3:26:65:9d:c4:0c:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

ffi_call
ffi_call_go
ffi_closure_alloc
ffi_closure_free
ffi_get_struct_offsets
ffi_java_ptrarray_to_raw
ffi_java_raw_call
ffi_java_raw_size
ffi_java_raw_to_ptrarray
ffi_prep_cif
ffi_prep_cif_var
ffi_prep_closure
ffi_prep_closure_loc
ffi_prep_go_closure
ffi_prep_java_raw_closure
ffi_prep_java_raw_closure_loc
ffi_prep_raw_closure
ffi_prep_raw_closure_loc
ffi_ptrarray_to_raw
ffi_raw_call
ffi_raw_size
ffi_raw_to_ptrarray
ffi_type_double
ffi_type_float
ffi_type_pointer
ffi_type_sint16
ffi_type_sint32
ffi_type_sint64
ffi_type_sint8
ffi_type_uint16
ffi_type_uint32
ffi_type_uint64
ffi_type_uint8
ffi_type_void

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/libssl-3.dll
.dll windows:6 windows x64 arch:x64

1d40f408de60a3777846e639585fc0e8

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:db:0a:48:23:3e:b2:35:be:f4:a2:d3:34:63:45:b5:c5:6b:8b:ab:8d:13:dc:1f:74:39:db:7c:d6:b8:15:ec
Signer

Actual PE Digest

f7:db:0a:48:23:3e:b2:35:be:f4:a2:d3:34:63:45:b5:c5:6b:8b:ab:8d:13:dc:1f:74:39:db:7c:d6:b8:15:ec

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\libssl-3.pdb

Imports

libcrypto-3

COMP_CTX_free
BIO_s_mem
OSSL_PARAM_construct_octet_string
OSSL_PARAM_construct_end
EVP_MD_get_type
EVP_MD_get_size
EVP_MD_CTX_get0_md
EVP_CIPHER_get0_provider
EVP_CIPHER_get_key_length
EVP_CIPHER_get_iv_length
EVP_MD_CTX_set_params
EVP_MD_CTX_copy_ex
EVP_DigestFinal_ex
EVP_CipherInit_ex
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_reset
OPENSSL_sk_num
OPENSSL_sk_value
OPENSSL_sk_new_reserve
OPENSSL_sk_pop_free
CRYPTO_memdup
CRYPTO_strdup
EVP_PKEY_CTX_set_dh_pad
EVP_PKEY_is_a
EVP_PKEY_up_ref
EVP_PKEY_free
EVP_PKEY_CTX_new_from_name
EVP_PKEY_CTX_new_from_pkey
EVP_PKEY_CTX_free
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_derive
EVP_PKEY_encapsulate_init
EVP_PKEY_encapsulate
EVP_PKEY_decapsulate_init
EVP_PKEY_decapsulate
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EVP_PKEY_CTX_set_group_name
X509_NAME_free
X509_free
RAND_bytes_ex
X509_it
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
ASN1_OCTET_STRING_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_lock_free
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
OSSL_LIB_CTX_set0_default
BIO_s_file
BIO_snprintf
OBJ_nid2ln
OBJ_nid2sn
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_verify_cert
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new_ex
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_new_ex
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash_ex
PEM_read_bio_X509
OSSL_STORE_open
OSSL_STORE_load
OSSL_STORE_eof
OSSL_STORE_error
OSSL_STORE_close
OSSL_STORE_INFO_get_type
OSSL_STORE_INFO_get0_NAME
OSSL_STORE_INFO_get0_CERT
OSSL_STORE_INFO_free
X509_get_extension_flags
OPENSSL_sk_new
OPENSSL_sk_delete
OPENSSL_sk_unshift
OPENSSL_sk_dup
OPENSSL_sk_sort
COMP_get_type
COMP_get_name
COMP_zlib
EVP_CIPHER_get_block_size
EVP_CIPHER_get_flags
EVP_CIPHER_get_mode
EVP_CIPHER_fetch
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
EVP_SIGNATURE_free
EVP_SIGNATURE_fetch
EVP_KEYEXCH_free
EVP_KEYEXCH_fetch
CONF_parse_list
ERR_set_mark
ERR_pop_to_mark
OPENSSL_strcasecmp
OPENSSL_strncasecmp
ERR_clear_last_mark
X509_STORE_load_path
X509_STORE_load_file_ex
X509_STORE_load_store_ex
OSSL_DECODER_CTX_free
OSSL_DECODER_from_bio
OSSL_DECODER_CTX_new_for_pkey
ERR_reason_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
OPENSSL_sk_insert
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_realloc
CRYPTO_secure_zalloc
CRYPTO_secure_free
BUF_MEM_free
COMP_CTX_get_method
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
ASN1_OCTET_STRING_free
OPENSSL_LH_num_items
ERR_peek_error
OBJ_bsearch_
EVP_MD_get0_provider
EVP_CIPHER_up_ref
EVP_CIPHER_free
EVP_MD_fetch
EVP_MD_up_ref
EVP_MD_free
EVP_CIPHER_CTX_free
EVP_PKEY_get_security_bits
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_store
X509_LOOKUP_ctrl
X509_LOOKUP_ctrl_ex
X509_STORE_set_default_paths_ex
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get1_ip_asc
X509_VERIFY_PARAM_set1_ip_asc
X509_VERIFY_PARAM_get_depth
d2i_PUBKEY
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
SHA256_Transform
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
CTLOG_STORE_new_ex
CTLOG_STORE_free
CTLOG_STORE_load_file
CTLOG_STORE_load_default_file
X509_get_key_usage
a2i_IPADDRESS
RAND_priv_bytes_ex
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
COMP_CTX_new
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
ERR_peek_last_error
EVP_PKEY_can_sign
d2i_PrivateKey_ex
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_eq
d2i_X509_bio
d2i_PrivateKey_ex_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_PrivateKey_ex
RSA_free
RSA_up_ref
d2i_RSAPrivateKey
EVP_PKEY_assign
EVP_PKEY_new
d2i_RSAPrivateKey_bio
PEM_read_bio_RSAPrivateKey
OPENSSL_LH_delete
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
BIO_puts
BIO_dump_indent
BIO_printf
OSSL_PARAM_construct_int
OSSL_PARAM_construct_size_t
OSSL_PARAM_construct_utf8_string
EVP_MD_get0_name
EVP_DigestSignInit_ex
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_set_params
EVP_PKEY_new_mac_key
EVP_PKEY_new_raw_private_key_ex
EVP_KDF_free
EVP_KDF_fetch
EVP_KDF_CTX_new
EVP_KDF_CTX_free
EVP_KDF_derive
CRYPTO_memcmp
BN_free
BN_get_rfc2409_prime_1024
BN_get_rfc3526_prime_2048
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_4096
BN_get_rfc3526_prime_8192
OBJ_txt2nid
OBJ_ln2nid
OBJ_sn2nid
OSSL_PARAM_locate_const
OSSL_PARAM_get_int
OSSL_PARAM_get_uint
OSSL_PARAM_free
EVP_CIPHER_CTX_get_iv_length
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_MAC_fetch
EVP_MAC_free
EVP_MAC_CTX_new
EVP_MAC_CTX_free
EVP_MAC_CTX_get_mac_size
EVP_MAC_init
EVP_MAC_update
EVP_MAC_final
EVP_PKEY_get_id
EVP_PKEY_get_bits
EVP_PKEY_get_size
EVP_PKEY_set_type
EVP_PKEY_digestsign_supports_digest
EVP_PKEY_set1_encoded_public_key
EVP_KEYMGMT_fetch
EVP_KEYMGMT_free
EVP_KEYMGMT_get0_provider
EVP_PKEY_fromdata_init
EVP_PKEY_fromdata
EVP_PKEY_get_ec_point_conv_form
EVP_PKEY_get_field_type
EVP_PKEY_get_group_name
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
X509_NAME_cmp
OSSL_PROVIDER_do_all
OSSL_PROVIDER_get_capabilities
OSSL_PARAM_BLD_new
OSSL_PARAM_BLD_to_param
OSSL_PARAM_BLD_free
OSSL_PARAM_BLD_push_uint
OSSL_PARAM_BLD_push_BN
BIO_indent
d2i_X509_NAME
X509_NAME_print_ex
X509_print_ex
PEM_write_bio_X509
EVP_Q_mac
EC_GROUP_get_curve_name
EC_KEY_get0_group
EVP_PKEY_set1_DH
ENGINE_get_ssl_client_cert_function
ENGINE_get_cipher
ENGINE_get_digest
ENGINE_init
ENGINE_finish
ENGINE_load_ssl_client_cert
ENGINE_get_cipher_engine
ENGINE_get_digest_engine
HMAC_size
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
BN_is_zero
BN_num_bits
BN_clear_free
BN_copy
BN_bin2bn
BN_bn2bin
BN_dup
BN_ucmp
SRP_create_verifier_BN_ex
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B_ex
SRP_Verify_A_mod_N
SRP_Calc_u_ex
SRP_Calc_x_ex
SRP_Calc_A
SRP_Calc_client_key_ex
SRP_Verify_B_mod_N
EVP_CIPHER_CTX_get0_cipher
COMP_compress_block
COMP_expand_block
OSSL_PARAM_construct_octet_ptr
EVP_MD_CTX_get_pkey_ctx
EVP_CIPHER_CTX_get_block_size
EVP_Cipher
EVP_MD_CTX_ctrl
EVP_MD_CTX_copy
EVP_CipherUpdate
EVP_DigestSignUpdate
EVP_DigestSignFinal
EVP_CIPHER_CTX_get_params
EVP_PKEY_CTX_set_params
EVP_CipherFinal_ex
EVP_PKEY_get1_encoded_public_key
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_new
BUF_MEM_grow_clean
ERR_vset_error
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit_ex
EVP_PKEY_CTX_ctrl
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
EVP_PKEY_public_check
EVP_PKEY_param_check_quick
EVP_PKEY_CTX_set_rsa_padding
EVP_PKEY_CTX_set_rsa_pss_saltlen
BUF_reverse
EVP_DigestVerifyUpdate
EVP_DigestVerifyFinal
i2d_X509
ASN1_ANY_it
ASN1_TYPE_get
ASN1_item_new
OSSL_PARAM_construct_uint
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
EVP_PKEY_get_bn_param
SHA256_Init
SHA224_Init
SHA1_Transform
SHA1_Init
MD5_Transform
MD5_Init
EVP_DigestFinal
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_MD_is_a
CRYPTO_malloc
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next
BIO_next
BIO_find_type
BIO_push
BIO_callback_ctrl
BIO_ctrl
BIO_write
OPENSSL_cleanse
CRYPTO_clear_free
SHA512_Transform
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_get_init
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_method_type
BIO_clear_flags
BIO_set_flags
ERR_set_error
ERR_set_debug
ERR_new
BUF_MEM_grow
SHA512_Init
d2i_OCSP_RESPONSE
SHA384_Init
CRYPTO_free
CT_POLICY_EVAL_CTX_new_ex
CRYPTO_zalloc

kernel32

DisableThreadLibraryCalls
SetLastError
GetSystemTime
SystemTimeToFileTime
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
IsDebuggerPresent
GetStartupInfoW

vcruntime140

__C_specific_handler
memchr
memmove
__std_type_info_destroy_list
__current_exception_context
strchr
memset
memcpy
strstr
memcmp
__current_exception

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_errno

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
OSSL_default_cipher_list
OSSL_default_ciphersuites
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_dir
SSL_CTX_load_verify_file
SSL_CTX_load_verify_locations
SSL_CTX_load_verify_store
SSL_CTX_new
SSL_CTX_new_ex
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set0_tmp_dh_pkey
SSL_CTX_set1_cert_store
SSL_CTX_set1_param
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_async_callback
SSL_CTX_set_async_callback_arg
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_default_verify_store
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_ticket_key_evp_cb
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_add_store_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_isv2
SSL_client_version
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_certificate
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_verified_chain
SSL_get1_peer_certificate
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_all_async_fds
SSL_get_async_status
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_group_to_name
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_is_dtls
SSL_is_init_finished
SSL_is_server
SSL_key_update
SSL_load_client_CA_file
SSL_load_client_CA_file_ex
SSL_new
SSL_new_session_ticket
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_sendfile
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_tmp_dh_pkey
SSL_set0_wbio
SSL_set1_host
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_async_callback
SSL_set_async_callback_arg
SSL_set_bio
SSL_set_block_padding
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth
SSL_set_psk_client_callback
SSL_set_psk_find_session_callback
SSL_set_psk_server_callback
SSL_set_psk_use_session_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_record_padding_callback
SSL_set_record_padding_callback_arg
SSL_set_recv_max_early_data
SSL_set_rfd
SSL_set_security_callback
SSL_set_security_level
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_tlsext_max_fragment_length
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state_string
SSL_state_string_long
SSL_stateless
SSL_trace
SSL_up_ref
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_cert_and_key
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_chain_file
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_verify_client_post_handshake
SSL_version
SSL_waiting_for_async
SSL_want

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/mfc140u.dll
.dll windows:6 windows x64 arch:x64

7eedc677241d2accda18e4d0e39e2103

Code Sign

33:00:00:02:56:06:f5:9e:81:98:70:24:97:00:00:00:00:02:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:6c:0b:5b:52:5b:20:30:78:f4:0d:c3:18:6f:21:48:af:b2:46:79:4e:05:8c:84:04:b0:02:2d:6b:a9:d8:41
Signer

Actual PE Digest

57:6c:0b:5b:52:5b:20:30:78:f4:0d:c3:18:6f:21:48:af:b2:46:79:4e:05:8c:84:04:b0:02:2d:6b:a9:d8:41

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\a01\_work\12\s\\binaries\amd64ret\bin\amd64\\mfc140u.amd64.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
ExpandEnvironmentStringsA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LockResource
FormatMessageA
OutputDebugStringW
LoadLibraryExA
GetSystemInfo
TerminateProcess
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetLastError
DeactivateActCtx
LoadLibraryW
GetProcAddress
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
GetModuleFileNameW
GetModuleHandleExW
QueryActCtxW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
GetModuleHandleW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
VirtualQuery
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
GetTempFileNameW
VirtualProtect
RaiseException
lstrcpyA
CompareStringW
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
WritePrivateProfileStringW
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetCurrentThread
GetVersionExW
WideCharToMultiByte
GetPrivateProfileStringW
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileIntW
SizeofResource

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memcmp
wcsrchr
__C_specific_handler
wcsstr
wcschr
_purecall
memmove
memset
memcpy
__std_terminate
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_resetstkoflw
_beginthreadex
_endthreadex
__p___argc
_initterm_e
_initterm
terminate
_beginthread
abort
_invalid_parameter_noinfo
_errno
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_endthread
__doserrno
__p___wargv

api-ms-win-crt-string-l1-1-0

_wcsrev
wcscoll
strcpy_s
wcslen
_wcslwr_s
toupper
wcsnlen
wmemcpy_s
wcscmp
iswspace
_wcsupr_s
_wcsicmp
wcspbrk
wcscspn
wcsspn
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
iswalpha
iswalnum
iswprint
towupper
towlower
wcscat_s
_wcsdup
strlen
_strnicmp
wcsncpy_s
strnlen
_wcsnicmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vswprintf
fgetws
fputws
fwrite
clearerr_s
ferror
feof
fread
ftell
_open_osfhandle
_fileno
_get_osfhandle
__stdio_common_vswscanf
fflush
fclose
__stdio_common_vsprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
fseek

api-ms-win-crt-utility-l1-1-0

rand_s
labs
ldiv
abs

api-ms-win-crt-heap-l1-1-0

_recalloc
malloc
_msize
_expand
realloc
free
calloc

api-ms-win-crt-convert-l1-1-0

wcstoul
_itow_s
wcstol
_wtoi
_ltow_s
_ultow_s
_wtol
wcstod

api-ms-win-crt-math-l1-1-0

exp
ceil
sqrt
atan2
cos
sin
_fdopen
floor
fabs

api-ms-win-crt-time-l1-1-0

clock
_localtime64_s
_mktime64
_time64

api-ms-win-crt-filesystem-l1-1-0

_wmakepath_s
_wsplitpath_s
_wfullpath

api-ms-win-crt-multibyte-l1-1-0

_mbsupr_s
_mbscspn
_mbsicmp
_mbsrchr
_mbscmp
_mbsstr
_mbscoll
_ismbcspace
_mbspbrk
_mbsspn
_mbsicoll
_mbsrev
_mbslwr_s
_mbsinc
_mbschr

user32

TranslateAcceleratorW
GetSystemMetrics
DestroyMenu
LoadMenuW
GetSubMenu
PostThreadMessageW
GetClassInfoW
DefWindowProcW
GetWindow
GetMenuItemCount
GetCursorPos
IsIconic
GetForegroundWindow
DrawIcon
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
ValidateRect
SetLayeredWindowAttributes
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetUpdateRect
UnionRect
SetWindowPos
LockWindowUpdate
GetKeyState
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuW
CreatePopupMenu
IntersectRect
SetScrollPos
EnableMenuItem
GetNextDlgTabItem
GetSystemMenu
IsMenu
IsZoomed
ModifyMenuW
DeleteMenu
SetWindowRgn
DestroyAcceleratorTable
GetTopWindow
DestroyWindow
MonitorFromRect
EnumDisplayMonitors
GetSysColor
GetClassLongPtrW
IsClipboardFormatAvailable
DestroyCursor
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
CharUpperW
SetWindowTextW
GetMenuState
CheckMenuItem
SetFocus
GetMenuItemInfoW
DrawFrameControl
SubtractRect
GetLastActivePopup
GetMessageW
UpdateLayeredWindow
EnableScrollBar
GetScrollPos
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
GetDC
ReleaseDC
GetWindowRgn
FrameRect
ShowScrollBar
IsWindowEnabled
InsertMenuW
GetActiveWindow
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
DrawEdge
PostQuitMessage
UnregisterClassW
ShowOwnedPopups
GetWindowThreadProcessId
MessageBoxW
LoadAcceleratorsW
SetMenuItemBitmaps
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetWindowLongPtrW
CallWindowProcW
SetActiveWindow
CreateMenu
MoveWindow
InvalidateRgn
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowTextLengthW
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
GetWindowLongPtrW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
BeginPaint
EndPaint
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
InvalidateRect
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
GetCapture
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
LoadImageW
CopyImage
GetIconInfo
FillRect
NotifyWinEvent
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongPtrW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
SetWindowLongW
ScreenToClient
GetMenuItemID
RedrawWindow

gdi32

PtVisible
GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutW
Polyline
SetDIBColorTable
GetDIBits
SelectPalette
StretchBlt
SetBkColor
CreateBitmap
EnumFontFamiliesExW
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
DeleteDC
GetCurrentObject
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesW
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetBkColor
SetPixel
Ellipse
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetPaletteEntries
GetStockObject
TextOutW
Polygon
GetTextColor
GetObjectType
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
GetClipBox
Escape
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
RectVisible
Rectangle

ole32

CoCreateGuid
OleRegGetMiscStatus
OleRegEnumVerbs
CreateFileMoniker
OleRun
CoTaskMemAlloc
CoDisconnectObject
OleIsRunning
CoTaskMemFree
CoCreateInstance
CoRegisterMessageFilter
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
WriteClassStg
GetRunningObjectTable
OleTranslateAccelerator
IsAccelerator
OleSetClipboard
CreateBindCtx
PropVariantClear
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
GetClassFile
OleRegGetUserType
CreateDataCache
CoFreeUnusedLibraries
OleInitialize
OleGetClipboard
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
CoRegisterClassObject
ReadClassStg
OleLoad
OleSave
OleDraw
CreateStreamOnHGlobal
RevokeDragDrop
OleCreate
OleCreateLinkToFile
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
StgCreateDocfile
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
CoInitialize
CreateDataAdviseHolder
CoRevokeClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleFlushClipboard
CoUninitialize
ReleaseStgMedium
OleUninitialize
OleIsCurrentClipboard

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreatePropertyFrame
VarParseNumFromStr
SafeArrayCreateVector
VarBstrFromDec
VarDecFromStr
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SafeArrayDestroy
VariantCopy
VarBstrCmp
DispCallFunc
VariantInit
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
OleTranslateColor
SysAllocStringLen

shlwapi

PathFindFileNameW
PathRemoveExtensionW
StrFormatKBSizeW
PathIsUNCW
PathStripToRootW
UrlUnescapeW
PathRemoveFileSpecW
PathFindExtensionW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

uxtheme

DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground
GetThemeColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 949KB - Virtual size: 949KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/msftedit.dll
.dll windows:10 windows x64 arch:x64

59fa3ebfa49706b95a4166c94da477ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msftedit.pdb

Imports

api-ms-win-crt-string-l1-1-0

wcsnlen
wcsncmp
strnlen
memset
strncmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__itow_s
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o__wcsicmp
_o__wcsnicmp
_o_free
_o_iswdigit
_o_iswpunct
_o_iswspace
_o_malloc
_o_pow
_o_qsort
_o_realloc
_o_sqrt
_o_strncpy_s
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstod
_o_wmemcpy_s
__CxxFrameHandler3
__std_terminate
_CxxThrowException
_o___stdio_common_vswprintf
_o__execute_onexit_table
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o__errno
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
wcschr
wcsstr
__C_specific_handler
__CxxFrameHandler4
memcmp
_o___stdio_common_vswscanf
memcpy
_o___stdio_common_vswprintf_s

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-1-0

CreateMutexExW
LeaveCriticalSection
ReleaseMutex
ReleaseSemaphore
ReleaseSRWLockShared
SetEvent
CreateEventExW
ReleaseSRWLockExclusive
InitializeCriticalSectionAndSpinCount
ResetEvent
CreateEventW
WaitForMultipleObjectsEx
InitializeCriticalSectionEx
DeleteCriticalSection
OpenSemaphoreW
WaitForSingleObject
CreateSemaphoreExW
EnterCriticalSection
AcquireSRWLockShared
AcquireSRWLockExclusive
WaitForSingleObjectEx
InitializeSRWLock

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
RaiseException
SetLastError

api-ms-win-core-localization-l1-2-0

GetLocaleInfoW
IsValidCodePage
GetSystemDefaultLangID
LocaleNameToLCID
ResolveLocaleName
LCMapStringEx
GetUserDefaultLCID
FormatMessageW
GetLocaleInfoEx
GetThreadLocale
GetSystemDefaultLCID

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
TlsAlloc

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameA
GetModuleHandleExW
DisableThreadLibraryCalls
LoadResource
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
LoadStringW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
WaitForThreadpoolWorkCallbacks

api-ms-win-core-string-l1-1-0

GetStringTypeExW
CompareStringEx
CompareStringOrdinal
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetTickCount64
GetSystemDirectoryW

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoOriginateError
SetRestrictedErrorInfo

oleaut32

SysAllocStringByteLen
SysFreeString
VariantClear
VariantInit
SafeArrayGetElement

api-ms-win-core-file-l1-1-0

WriteFile
ReadFile
SetFilePointer
CreateFileW
GetFileType

api-ms-win-core-atoms-l1-1-0

FindAtomA

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegGetValueW
RegQueryValueExW
RegSetValueExW

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventUnregister
EventRegister

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

ntdll

WinSqmIncrementDWORD
SbSelectProcedure
WinSqmIsOptedIn

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree
GlobalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

GlobalHandle
GlobalUnlock
GlobalSize
GlobalFlags
GlobalLock
GlobalReAlloc

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

api-ms-win-core-path-l1-1-0

PathCchAppend

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-registry-l1-1-1

RegDeleteKeyValueW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

CreateTextServices
DisableOleinitCheck
DllGetActivationFactory
DllGetVersion
GetMathAlphanumeric
GetMathAlphanumericCode
IID_IRichEditOle
IID_IRichEditOleCallback
IID_IRicheditUiaNotificationOverrides
IID_IRicheditUiaOverrides
IID_IRicheditWindowlessAccessibility
IID_ITextDocument2
IID_ITextHost
IID_ITextHost2
IID_ITextServices
IID_ITextServices2
MathBuildDown
MathBuildUp
MathTranslate
RichEdit10ANSIWndProc
RichEditANSIWndProc
RichEditWndProc
SetCustomTextOutHandlerEx
SetTextServicesDpiCalculationOverride
ShutdownTextServices

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/mshtml.dll
.dll windows:10 windows x64 arch:x64

553af065af7b2fe1efd5ef3893fdefa8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

mshtml.pdb

Imports

msvcrt

wcspbrk
strncpy_s
_lock
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_XcptFilter
_amsg_exit
_initterm
tanf
_statusfp
_beginthreadex
fwprintf
_flushall
fclose
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
__CxxFrameHandler3
malloc
free
realloc
strtoul
strpbrk
bsearch_s
modf
wcstod
wcstok_s
towlower
_wtoi64
_aligned_free
_aligned_malloc
_stricmp
iswgraph
_itoa_s
swprintf_s
bsearch
_finite
_wtoi
_isnan
_ui64tow_s
_wcstoui64
_wtof
iswalnum
iswdigit
iswalpha
_wcslwr_s
_i64tow_s
wcscat_s
_ultow_s
__C_specific_handler
qsort
wcscpy_s
_vsnprintf
_wcsupr
_wcslwr
tolower
wcsncpy_s
strstr
strchr
strncmp
wcsrchr
_wcsupr_s
_itow_s
abort
wcstol
wcsncmp
_wtol
_wcsnicmp
memmove_s
memcpy_s
_errno
wcstoul
rand_s
fflush
strnlen
wcscspn
wcstombs_s
towupper
iswlower
strrchr
_strnicmp
isalpha
isxdigit
isdigit
wcsncat_s
_fpclass
_mbsicmp
_mbscspn
_mbsspn
_mbsstr
isspace
_mbschr
_ismbcdigit
_mbscmp
iswcntrl
_ultoa_s
swscanf_s
_wcsrev
wcsspn
exit
fprintf
_fileno
_isatty
fwrite
atof
atoi
strtol
qsort_s
rand
sin
powf
memset
memmove
memcpy
wcsstr
_ltow
_ltow_s
_clearfp
_controlfp_s
iswascii
calloc
_resetstkoflw
_wcsicmp
wcsnlen
sinf
sqrt
sqrtf
strcmp
tan
_vsnprintf_s
wcschr
_vsnwprintf
__iob_func
iswspace
iswpunct
_purecall
_HUGE
_CxxThrowException
_setjmp
acosf
asinf
atan2
atan2f
ceil
ceilf
cos
cosf
floor
floorf
fmod
fmodf
memcmp
wcscmp

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetModuleFileNameA
DebugBreak
GetProcAddress
IsDebuggerPresent
OutputDebugStringW
SetLastError
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
OpenSemaphoreW
QueryPerformanceCounter
GetProfileIntA
GlobalFree
GetTickCount
PowerSetRequest
PowerClearRequest
PowerCreateRequest
LoadLibraryExW
MulDiv
GetTickCount64
GetSystemTimeAsFileTime
CreateMutexExW
CreateSemaphoreExW
CreateThreadpoolTimer
WideCharToMultiByte
GlobalSize
GlobalLock
GlobalUnlock
IsDBCSLeadByteEx
MultiByteToWideChar
OpenProcess
GetCPInfo
GetSystemInfo
GetSystemDefaultLocaleName
GetUserDefaultLocaleName
GlobalMemoryStatusEx
FormatMessageW
CreateThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
SubmitThreadpoolWork
GetFullPathNameW
SetFilePointer
WriteFile
ReadFile
GlobalAlloc
GetTempPathW
GetTempFileNameW
CreateFileW
GetFileSize
DeleteFileW
GetSystemTime
SystemTimeToFileTime
FindFirstFileW
FindClose
CopyFileW
GetFileType
WaitForMultipleObjectsEx
CreateEventExW
Sleep
ResolveLocaleName
GetLocaleInfoEx
GetUserGeoID
GetGeoInfoW
IsValidLocaleName
GetEnvironmentVariableW
SetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
CreateMutexW
GetFileAttributesW
InitOnceExecuteOnce
CompareStringEx
GetSystemTimeAdjustment
GetVersionExW
TrySubmitThreadpoolCallback
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
LoadLibraryW
ResumeThread
GetUserDefaultLCID
GetLocalTime
GetACP
LocaleNameToLCID
LCIDToLocaleName
GetUserDefaultUILanguage
IsValidCodePage
GetExitCodeThread
ResetEvent
lstrcmpiA
lstrcmpA
InitOnceInitialize
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
QueryDepthSList
CompareFileTime
TerminateThread
GetActiveProcessorCount
GetFileTime
DeleteFiber
SwitchToFiber
CreateFiber
ConvertThreadToFiber
ConvertFiberToThread
CompareStringOrdinal
SetEndOfFile
CreateFileMappingW
FlushViewOfFile
lstrcmpW
GetLocaleInfoW
GetDiskFreeSpaceW
FileTimeToSystemTime
CompareStringW
LCMapStringW
GetFileSizeEx
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetCurrentThread
lstrcmpiW
VerSetConditionMask
VerifyVersionInfoW
SetThreadPreferredUILanguages
GetCommandLineW
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
HeapSetInformation
GetStringTypeExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
SleepConditionVariableSRW
WaitForSingleObjectEx
WerGetFlags
WerSetFlags
InitializeCriticalSectionEx
ReleaseSemaphore
GetLastError
ReleaseMutex
RaiseException
InitializeSRWLock
ReleaseSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockShared
AcquireSRWLockExclusive
FlsSetValue
HeapDestroy
MapViewOfFile
OpenFileMappingW
GetCurrentProcessId
HeapCreate
FlsAlloc
InitializeCriticalSection
TlsAlloc
AddAtomW
TlsSetValue
TlsGetValue
GetModuleFileNameW
LocalFree
LocalAlloc
FindAtomW
DeleteAtom
UnmapViewOfFile
TlsFree
FlsFree
RaiseFailFastException
GetModuleHandleW
DeleteCriticalSection
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetEvent
FreeLibrary
CreateThread
CreateEventW
GetModuleHandleExW
FreeLibraryAndExitThread
CloseHandle
WaitForSingleObject
GetCurrentProcess
ActivateActCtx
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
QueueUserWorkItem
GlobalFlags
FindResourceExA
LocalSize
GlobalReAlloc
WTSGetActiveConsoleSessionId
LCMapStringEx
ResolveDelayLoadedAPI
DelayLoadFailureHook
QueryPerformanceFrequency

api-ms-win-downlevel-advapi32-l1-1-0

EventRegister
EventActivityIdControl
EventWrite
EventWriteTransfer
RegCreateKeyExW
RegSetValueExW
DuplicateTokenEx
EventWriteEx
OpenProcessToken
RegGetValueW
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegDeleteTreeW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyExW
EventUnregister
CreateProcessAsUserW
OpenThreadToken
GetTokenInformation

api-ms-win-downlevel-version-l1-1-0

GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW

api-ms-win-downlevel-shlwapi-l1-1-0

StrStrIW
StrCmpNIA
IsInternetESCEnabled
PathCreateFromUrlW
PathQuoteSpacesW
StrChrNIW
StrCmpNICW
UrlEscapeW
UrlCombineW
StrCmpNIW
StrCmpICW
UrlUnescapeW
PathRemoveFileSpecW
HashData
StrCmpNCW
PathGetArgsW
StrCmpICA
StrStrA
PathRemoveBlanksW
UrlIsW
UrlCreateFromPathW
QISearch
StrChrW
PathStripPathW
StrCmpW
StrCpyNW
StrStrW
StrCmpCW
StrCmpNW
StrToIntExW
PathIsFileSpecW
ParseURLW
PathFileExistsW
StrTrimW
PathFindExtensionW
UrlGetLocationW
SHLoadIndirectString
StrPBrkW
PathIsRelativeW
PathGetCharTypeW
StrToInt64ExW
PathSearchAndQualifyW
PathUnquoteSpacesW
IsCharSpaceW
StrStrIA
StrCmpNICA
UrlApplySchemeW
PathIsURLW
StrToIntW
GetAcceptLanguagesW
StrChrA
UrlGetPartW
StrCmpCA
UrlCanonicalizeW
PathFindFileNameW
StrCmpIW
PathIsUNCW
StrCSpnW
PathGetDriveNumberW
StrDupW

api-ms-win-downlevel-user32-l1-1-0

CharLowerBuffW
CharLowerW
CharUpperW
CharNextW
LoadStringW
CharLowerA
IsCharAlphaNumericW
IsCharAlphaW

gdi32

DeleteDC
SetWorldTransform
SetGraphicsMode
CreateDIBSection
ExtTextOutW
SetTextAlign
GetTextColor
GetBkColor
SetStretchBltMode
StretchDIBits
SetDIBits
GetCurrentObject
GetClipRgn
ExtSelectClipRgn
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
Ellipse
Polyline
Polygon
LineTo
MoveToEx
PatBlt
CreatePen
SetDCPenColor
ExtCreatePen
UnrealizeObject
SetBkMode
CreateHatchBrush
SetDCBrushColor
SetROP2
GetFontUnicodeRanges
GetGlyphOutlineW
GetCharWidthW
GetFontData
GetOutlineTextMetricsW
AddFontMemResourceEx
GetTextFaceW
RemoveFontMemResourceEx
StretchBlt
GdiFlush
Rectangle
CreateSolidBrush
GetTextCharsetInfo
TranslateCharsetInfo
ExtEscape
EndDoc
StartDocW
CreateEnhMetaFileW
CloseEnhMetaFile
GetEnhMetaFileW
EqualRgn
ExtCreateRegion
GetRegionData
OffsetViewportOrgEx
RealizePalette
SelectPalette
GetPaletteEntries
DeleteObject
SelectObject
GetObjectType
GetDeviceCaps
CreateRectRgn
BitBlt
GetPixel
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgnIndirect
GetRandomRgn
OffsetRgn
GetClipBox
SetViewportOrgEx
CombineRgn
GetRgnBox
RestoreDC
SaveDC
GetViewportOrgEx
CreatePolygonRgn
EnumFontFamiliesExW
EnumFontsW
CreateFontIndirectW
GetTextCharset
SelectClipRgn
DeleteMetaFile
CreateMetaFileW
SetMapMode
SetWindowOrgEx
SetWindowExtEx
CloseMetaFile
SetViewportExtEx
PlayMetaFile
GetWindowOrgEx
GetWindowExtEx
LPtoDP
SetTextColor
SetBkColor
GetStockObject
IntersectClipRect
GetTextMetricsW
GetTextExtentPoint32W
GetObjectW
GetDIBits
GetNearestPaletteIndex
EnumObjects
GetEnhMetaFileHeader
GetDIBColorTable
SetDIBColorTable
SetMetaFileBitsEx
SetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
PlayEnhMetaFile
DeleteEnhMetaFile
AbortDoc
StartPage
EndPage
CreateICW
CreateDCW

user32

CheckMenuRadioItem
CreatePopupMenu
AppendMenuW
GetMenuStringW
ToUnicodeEx
SubtractRect
UnionRect
MsgWaitForMultipleObjects
GetCaretBlinkTime
GetComboBoxInfo
DrawFocusRect
SendMessageA
ScrollDC
GetLayeredWindowAttributes
CreateCaret
DestroyCaret
SetCaretPos
GetLastInputInfo
EnumDisplaySettingsW
DisplayConfigGetDeviceInfo
GetDisplayConfigBufferSizes
RegisterClassW
GetWindowTextW
FindWindowW
GetLastActivePopup
DrawFrameControl
ShowCaret
HideCaret
GetCaretPos
GetKeyboardLayout
InsertMenuItemW
GetMenuItemInfoW
SetWindowsHookExW
PostThreadMessageW
GetSysColorBrush
IsDlgButtonChecked
CallWindowProcW
RemovePropW
GetUpdateRect
FindWindowExW
IsWindowVisible
CopyRect
CallNextHookEx
QueryDisplayConfig
InflateRect
GetUpdateRgn
InvalidateRgn
GetWindowDC
LockWindowUpdate
DestroyIcon
AdjustWindowRectEx
BringWindowToTop
GetSystemMenu
GetWindowLongA
SetWindowLongA
GetShellWindow
GetKeyboardLayoutList
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
RegisterClipboardFormatA
GetClassInfoExW
UnregisterClassW
GetDpiForSystem
LoadBitmapW
TrackPopupMenu
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
SetRect
GetKeyboardLayoutNameW
DestroyCursor
GetIconInfo
ChildWindowFromPoint
MessageBeep
UpdateLayeredWindow
GetClassInfoW
SetCursorPos
SetRectEmpty
GetWindowRgn
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
InSendMessage
SetMenuItemInfoW
ShowCursor
TrackPopupMenuEx
DestroyAcceleratorTable
TranslateAcceleratorW
AttachThreadInput
IsClipboardFormatAvailable
GetClipboardFormatNameW
GetWindowPlacement
GetWindowLongPtrA
GetTopWindow
RemoveMenu
MoveWindow
UnhookWindowsHookEx
UnregisterClassA
GetDlgItem
LoadIconW
SendDlgItemMessageW
LoadImageW
GetWindow
SetWindowLongPtrW
DefWindowProcW
PostMessageW
GetParent
SetActiveWindow
GetWindowLongPtrW
GetKeyState
GetWindowThreadProcessId
GetDCEx
ReleaseDC
RegisterClipboardFormatW
RegisterWindowMessageW
GetDoubleClickTime
IsWindow
DestroyWindow
GetClientRect
FillRect
AllowSetForegroundWindow
GetClassNameW
IsWinEventHookInstalled
NotifyWinEvent
SetTimer
GetDesktopWindow
TranslateMessage
MessageBoxW
DialogBoxParamW
SetWindowTextW
EndDialog
GetFocus
ValidateRect
SetCursor
LoadCursorW
SendMessageW
KillTimer
EnumChildWindows
IsIconic
GetAncestor
GetSystemMetrics
GetMessageExtraInfo
GetCursorInfo
ChildWindowFromPointEx
ScreenToClient
GetCursorPos
WindowFromPoint
IsChild
MapWindowPoints
GetAsyncKeyState
GetMenuState
InsertMenuW
DeleteMenu
LoadMenuW
GetSubMenu
EnableMenuItem
DestroyMenu
GetCapture
ReleaseCapture
IsWindowUnicode
UpdateWindow
EnableWindow
SendMessageTimeoutW
EnumWindows
GetSysColor
GetForegroundWindow
WinHelpW
SetDlgItemTextW
CheckDlgButton
GetDlgItemTextW
InSendMessageEx
ShowWindow
SetWindowPos
SetForegroundWindow
SetFocus
ClientToScreen
SystemParametersInfoW
MonitorFromWindow
GetActiveWindow
GetWindowRect
GetMessagePos
PtInRect
GetKeyboardState
MapVirtualKeyExW
ToAsciiEx
IsRectEmpty
IntersectRect
LoadAcceleratorsW
CopyAcceleratorTableW
VkKeyScanW
GetMenuItemCount
GetMenuItemID
CheckMenuItem
MonitorFromRect
GetMonitorInfoW
GetMessageW
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjectsEx
PostQuitMessage
MonitorFromPoint
GetDC
RedrawWindow
CreateAcceleratorTableW
OffsetRect
EqualRect
SetWindowRgn
SetPropW
SetParent
CreateWindowExW
SetLayeredWindowAttributes
SetCapture
GetWindowLongW
SetWindowLongW
IsWindowEnabled
GetCursor
LoadCursorA
GetPropW
InvalidateRect
ValidateRgn
BeginPaint
EndPaint
WindowFromDC
GetMessageTime
WaitMessage
RegisterClassExW

iertutil

ord32
ord764
ord209
ord690
ord19
ord21
ord775
CreateIUriBuilder
ord700
ord18
ord96
ord25
ord681
GetIUriPriv
ord820
ord26
CreateUriWithFragment
ord174
ord56
ord58
ord793
ord688
ord606
ord139
ord325
ord916
ord656
ord661
ord665
ord651
ord655
ord682
ord667
ord650
ord678
ord660
ord677
ord658
ord662
ord652
ord663
ord654
ord54
ord110
ord151
ord111
ord17
ord44
ord30
ord134
IntlPercentEncodeNormalize
ord466
ord597
ord594
ord792
ord177
ord603
ord779
ord781
ord774
ord765
ord138
ord607
ord281
ord282
ord35
ord42
GetPortFromUrlScheme
ord210
ord398
ord50
ord82
ord679
ord791
ord796
ord49
CreateUri
ord701
ord657
ord600
ord605

ntdll

NtQueryLicenseValue
NtCreateFile
RtlInitUnicodeString
NtQuerySystemInformation
RtlDllShutdownInProgress
NtClose

rpcrt4

RpcAsyncInitializeHandle
Ndr64AsyncClientCall
NdrClientCall3
RpcBindingFree
RpcBindingCreateW
RpcAsyncCancelCall
RpcAsyncCompleteCall
I_RpcExceptionFilter
UuidCreate
RpcBindingBind

api-ms-win-core-path-l1-1-0

PathCchAddBackslash
PathCchCanonicalize
PathCchAppend
PathCchCombine

sspicli

GetUserNameExW

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled

api-ms-win-core-file-l1-1-0

SetFileInformationByHandle
FlushFileBuffers
GetFileInformationByHandle
CreateDirectoryW
GetDiskFreeSpaceExW
GetFullPathNameA
GetFileAttributesExW
FileTimeToLocalFileTime
SetFilePointerEx
GetLongPathNameW

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-sysinfo-l1-1-0

GetSystemWindowsDirectoryW
GetLogicalProcessorInformation
GetVersionExA

api-ms-win-core-libraryloader-l1-2-0

LoadResource
SizeofResource
FindResourceExW
LockResource
LoadLibraryExA

api-ms-win-core-processenvironment-l1-1-0

GetCurrentDirectoryW
ExpandEnvironmentStringsA
GetStdHandle
SearchPathW

api-ms-win-core-file-l2-1-0

MoveFileExW
GetFileInformationByHandleEx

api-ms-win-core-synch-l1-1-0

TryAcquireSRWLockExclusive
TryEnterCriticalSection
OpenEventW

api-ms-win-core-io-l1-1-0

GetOverlappedResult
CancelIoEx
DeviceIoControl

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolThreadMaximum
DisassociateCurrentThreadFromCallback
CloseThreadpool
CreateThreadpool

api-ms-win-core-handle-l1-1-0

DuplicateHandle

api-ms-win-core-localization-l1-2-0

GetThreadUILanguage
GetThreadPreferredUILanguages
GetSystemDefaultLCID
GetUserPreferredUILanguages
GetUserDefaultLangID
IsDBCSLeadByte

api-ms-win-core-string-l1-1-0

GetStringTypeW

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualQuery
VirtualProtect
VirtualFree

api-ms-win-core-processenvironment-l1-2-0

SearchPathA

api-ms-win-core-errorhandling-l1-1-0

SetErrorMode

api-ms-win-core-com-l1-1-0

IIDFromString
ProgIDFromCLSID
CoGetStandardMarshal

api-ms-win-core-memory-l1-1-1

ResetWriteWatch
VirtualUnlock
GetWriteWatch

api-ms-win-core-string-l2-1-0

IsCharUpperW
IsCharLowerW
CharPrevW

api-ms-win-core-processthreads-l1-1-0

SuspendThread
SwitchToThread
GetProcessTimes
OpenThread
ProcessIdToSessionId
SetThreadPriority
GetProcessIdOfThread
GetProcessId

api-ms-win-core-heap-l1-1-0

HeapUnlock
HeapSize
HeapLock
HeapReAlloc

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetProductInfo

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW

api-ms-win-core-heap-l2-1-0

LocalReAlloc

api-ms-win-power-base-l1-1-0

CallNtPowerInformation

api-ms-win-core-realtime-l1-1-0

QueryProcessCycleTime
QueryThreadCycleTime

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-datetime-l1-1-2

GetDurationFormatEx

api-ms-win-core-registry-l1-1-0

RegEnumValueW
RegDeleteValueW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadsFromDll

winhttp

WinHttpGetIEProxyConfigForCurrentUser

api-ms-win-core-wow64-l1-1-0

IsWow64Process

api-ms-win-core-processthreads-l1-1-1

GetThreadContext

api-ms-win-core-console-l2-1-0

GetConsoleScreenBufferInfo
SetConsoleTextAttribute

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace

kernelbase

EnumUILanguagesW
lstrlenW
lstrlenA
StrToIntA
OpenGlobalizationUserSettingsKey
GetSystemDefaultUILanguage
GetNumberFormatW

api-ms-win-downlevel-shell32-l1-1-0

CommandLineToArgvW

Exports

Exports

ClearPhishingFilterData
ConvertAndEscapePostData
CreateCoreWebView
CreateHTMLPropertyPage
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
GetColorValueFromString
GetWebPlatformObject
IEIsXMLNSRegistered
IERegisterXMLNS
InitializeLocalHtmlEngine
MatchExactGetIDsOfNames
PrintHTML
RunHTMLApplication
ShowHTMLDialog
ShowHTMLDialogEx
ShowModalDialog
ShowModelessHTMLDialog
TravelLogCreateInstance
TravelLogStgCreateInstance
UninitializeLocalHtmlEngine

Sections

.text
Size: 15.8MB - Virtual size: 15.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 179KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 908KB - Virtual size: 907KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 538KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/multidict/_multidict.pyd
.dll windows:6 windows x64 arch:x64

1f1d6572a871e8a013b796e8365b088c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyObject_GC_Del
PyObject_CallFunctionObjArgs
PyObject_ClearWeakRefs
PySequence_Fast
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyObject_RichCompareBool
PyMapping_Check
PyDict_SetItem
PyDict_New
PySequence_Check
PyUnicode_Type
PyObject_CallMethod
PyObject_IsInstance
PyMem_Free
PyExc_StopIteration
PyModule_AddObject
PyList_Type
PyDict_GetItem
PyList_Reverse
PyObject_GetItem
PyObject_HasAttrString
PyObject_GC_Track
_Py_NotImplementedStruct
PyArg_ParseTupleAndKeywords
PyExc_TypeError
PyMem_Realloc
PyObject_Str
PyTuple_Pack
PyMem_Malloc
_Py_TrueStruct
PyArg_UnpackTuple
_PyTrash_begin
_PyObject_GC_New
PyList_SetItem
_PyObject_CallMethodId
PyObject_Size
PyErr_ExceptionMatches
_Py_Dealloc
PyTuple_Type
PyMapping_Size
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
_PyTrash_end
PyObject_GetIter
PyIter_Next
PyErr_SetString
PyDict_Items
PyTuple_New
_Py_NoneStruct
PyErr_SetNone
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyExc_RuntimeError
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyUnicode_RichCompare
PyArg_ValidateKeywordArguments
PyErr_Occurred
PyObject_SelfIter
PySequence_GetItem
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
PyType_GenericNew
PyMapping_Items
PyBool_FromLong
PyErr_SetObject
PyThreadState_Get
PySequence_List
PySequence_Size
PyType_GenericAlloc
Py_GenericAlias

kernel32

GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
DisableThreadLibraryCalls
IsDebuggerPresent

vcruntime140

memmove
memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__multidict

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/prm0009.dll
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/pyexpat.pyd
.dll windows:6 windows x64 arch:x64

cfa32f0abc6ae85c4b2078212640c054

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:1b:23:58:eb:f3:b1:e2:93:2a:1d:06:d4:04:ac:65:c0:fa:ae:e4:f8:1e:e6:d4:c9:4d:dd:26:a2:4e:8e:2c
Signer

Actual PE Digest

45:1b:23:58:eb:f3:b1:e2:93:2a:1d:06:d4:04:ac:65:c0:fa:ae:e4:f8:1e:e6:d4:c9:4d:dd:26:a2:4e:8e:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\pyexpat.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext

python311

PyObject_GC_Track
PyBytes_FromStringAndSize
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
_PyByteArray_empty_string
PyObject_CallFunction
PyMem_Malloc
_PyLong_AsInt
PyModule_GetState
PyModuleDef_Init
PyUnicode_FromString
PyBuffer_Release
PyObject_Call
PyByteArray_Type
PyUnicode_InternFromString
PyErr_SetString
_PyArg_BadArgument
_Py_HashSecret
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyObject_Realloc
PyErr_NoMemory
PyMem_Free
_PyTraceback_Add
PyDict_New
PyDict_SetItem
PyCapsule_New
PyType_GetModuleState
PyUnicode_Decode
PyList_Append
PyModule_New
PyErr_NewException
PyList_New
PyObject_GetBuffer
PyUnicode_FromFormat
PyLong_AsLong
PyObject_GC_Del
PyModule_AddObject
_PyImport_SetModule
PyModule_AddObjectRef
PyDescr_NewGetSet
PyObject_Free
_Py_Dealloc
PyType_IsSubtype
PyModule_AddStringConstant
PyErr_Format
PyExc_ValueError
_PyObject_GC_New
_PyArg_UnpackKeywords
_PyObject_LookupAttr
PyDict_GetItemWithError
Py_BuildValue
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyModule_AddIntConstant
PyObject_Malloc
PyObject_CallOneArg
PyBool_FromLong
PyDict_SetDefault
PyErr_SetObject
_PyUnicode_Ready

vcruntime140

memcpy
memcmp
memset
__std_type_info_destroy_list
__C_specific_handler
strrchr
memmove

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_initterm_e
_initterm
_cexit
_initialize_narrow_environment
_errno
_seh_filter_dll

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit_pyexpat

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/python3.dll
.dll windows:6 windows x64 arch:x64

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:02:4a:6f:fb:4f:ad:84:62:12:c9:53:eb:9c:24:74:56:2a:21:fc:13:95:04:d0:5c:0c:9e:4c:6e:9f:1a:3a
Signer

Actual PE Digest

d4:02:4a:6f:fb:4f:ad:84:62:12:c9:53:eb:9c:24:74:56:2a:21:fc:13:95:04:d0:5c:0c:9e:4c:6e:9f:1a:3a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\python3.pdb

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyClassMethodDescr_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_GetCode
PyFrame_GetLineNumber
PyFrozenSet_New
PyFrozenSet_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGetSetDescr_Type
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_ReloadModule
PyIndex_Check
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_New
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadObjectFromString
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMemberDescr_Type
PyMember_GetOne
PyMember_SetOne
PyMemoryView_FromBuffer
PyMemoryView_FromMemory
PyMemoryView_FromObject
PyMemoryView_GetContiguous
PyMemoryView_Type
PyMethodDescr_Type
PyModuleDef_Init
PyModuleDef_Type
PyModule_AddFunctions
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddObjectRef
PyModule_AddStringConstant
PyModule_AddType
PyModule_Create2
PyModule_ExecDef
PyModule_FromDefAndSpec2
PyModule_GetDef
PyModule_GetDict
PyModule_GetFilename
PyModule_GetFilenameObject
PyModule_GetName
PyModule_GetNameObject
PyModule_GetState
PyModule_New
PyModule_NewObject
PyModule_SetDocString
PyModule_Type
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_Check
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMatrixMultiply
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Index
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_MatrixMultiply
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_ToBase
PyNumber_TrueDivide
PyNumber_Xor
PyOS_CheckStack
PyOS_FSPath
PyOS_InputHook
PyOS_InterruptOccurred
PyOS_double_to_string
PyOS_getsig
PyOS_mystricmp
PyOS_mystrnicmp
PyOS_setsig
PyOS_snprintf
PyOS_string_to_double
PyOS_strtol
PyOS_strtoul
PyOS_vsnprintf
PyObject_ASCII
PyObject_AsCharBuffer
PyObject_AsFileDescriptor
PyObject_AsReadBuffer
PyObject_AsWriteBuffer
PyObject_Bytes
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallMethodObjArgs
PyObject_CallNoArgs
PyObject_CallObject
PyObject_Calloc
PyObject_CheckBuffer
PyObject_CheckReadBuffer
PyObject_ClearWeakRefs
PyObject_CopyData
PyObject_DelItem
PyObject_DelItemString
PyObject_Dir
PyObject_Format
PyObject_Free
PyObject_GC_Del
PyObject_GC_IsFinalized
PyObject_GC_IsTracked
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericGetDict
PyObject_GenericSetAttr
PyObject_GenericSetDict
PyObject_GetAIter
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetBuffer
PyObject_GetItem
PyObject_GetIter
PyObject_HasAttr
PyObject_HasAttrString

Sections

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/python311.dll
.dll windows:6 windows x64 arch:x64

5714829f48aacde8f83e3e5f0ead1f49

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:38:e5:b0:fd:40:a0:88:24:bd:ec:c5:d9:38:d2:59:5e:67:c3:fa:23:75:4f:89:e0:c0:4f:27:78:e7:df:68
Signer

Actual PE Digest

f7:38:e5:b0:fd:40:a0:88:24:bd:ec:c5:d9:38:d2:59:5e:67:c3:fa:23:75:4f:89:e0:c0:4f:27:78:e7:df:68

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\python311.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

getsockopt
send
WSAGetLastError

api-ms-win-core-path-l1-1-0

PathCchSkipRoot
PathCchCombineEx
PathCchFindExtension

bcrypt

BCryptGenRandom

advapi32

RegEnumKeyExW
RegDeleteKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegSetValueExW
RegLoadKeyW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
RegEnumValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegSetValueW

kernel32

HeapAlloc
GetProcessHeap
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsGetValue
TlsFree
GetCurrentThread
GetModuleFileNameW
CompareStringOrdinal
GetFileAttributesW
GetLocaleInfoA
GetACP
RemoveVectoredExceptionHandler
SetErrorMode
RaiseException
AddVectoredExceptionHandler
GetCurrentProcess
SetEndOfFile
UnmapViewOfFile
DuplicateHandle
GetLastError
FlushViewOfFile
CloseHandle
GetSystemInfo
SetFilePointerEx
CreateFileMappingA
GetFileSize
OpenFileMappingA
MapViewOfFile
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
Process32First
SetHandleInformation
GetConsoleScreenBufferInfo
SetLastError
GetHandleInformation
GetFullPathNameW
FindNextFileW
GetStdHandle
DeviceIoControl
TerminateProcess
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
SetEnvironmentVariableW
CreatePipe
CreateHardLinkW
FindClose
GetVolumePathNameW
CreateFileW
OpenProcess
SetFileAttributesW
CreateToolhelp32Snapshot
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
DeleteFileW
Process32Next
LoadLibraryW
GetActiveProcessorCount
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
MoveFileExW
GetModuleHandleW
CreateSymbolicLinkW
GetSystemTimeAsFileTime
GetFileType
GetProcessTimes
GenerateConsoleCtrlEvent
SetEvent
CreateEventA
WaitForMultipleObjects
WaitForSingleObject
Sleep
GetTimeZoneInformation
TlsAlloc
SetWaitableTimerEx
ResetEvent
GetThreadTimes
CreateWaitableTimerExW
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WaitForSingleObjectEx
WriteConsoleW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
GetStringTypeW
ReadFile
CancelIo
SetNamedPipeHandleState
WaitNamedPipeA
CreateNamedPipeA
WriteFile
InitializeProcThreadAttributeList
PeekNamedPipe
OpenFileMappingW
GetModuleHandleA
GetVersion
LCMapStringEx
UpdateProcThreadAttribute
CreateFileA
DeleteProcThreadAttributeList
GetOverlappedResult
ExitProcess
CreateProcessW
CreateFileMappingW
VirtualQuery
ConnectNamedPipe
GetExitCodeProcess
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
GetErrorMode
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
FormatMessageW
FreeLibrary
LoadLibraryExW
LocalFree
GetConsoleOutputCP
GetConsoleCP
OutputDebugStringW
GetSystemTimeAdjustment
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExW
TlsSetValue
HeapFree
GetCurrentThreadId

vcruntime140

memchr
memcmp
memmove
memcpy
wcschr
wcsrchr
strchr
strrchr
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-stdio-l1-1-0

_open_osfhandle
__stdio_common_vfprintf
_wfopen
setvbuf
__stdio_common_vswprintf
fclose
__stdio_common_vsprintf
_setmode
rewind
__acrt_iob_func
_commit
_locking
_wopen
_kbhit
getc
ungetc
_lseeki64
ftell
fflush
feof
fgets
_get_osfhandle
_chsize_s
fputs
_isatty
_fileno
_lseek
_dup2
ferror
_close
fputc
fwrite
_open
_read
_dup
_write
fread
clearerr
puts

api-ms-win-crt-environment-l1-1-0

getenv
_wputenv_s
_wgetcwd
_wgetenv
__p__wenviron
_wputenv

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-string-l1-1-0

wcscmp
wcsncmp
strcmp
wcsnlen
wcsncpy_s
strncmp
isalnum
wcscat_s
tolower
toupper
strcspn
wcscoll
isxdigit
wcstok_s
wcsxfrm
isdigit
_stricmp
strncpy
_wcsicmp
wcscpy_s

api-ms-win-crt-runtime-l1-1-0

_cexit
__fpe_flt_rounds
_getpid
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_set_abort_behavior
signal
_exit
_initterm
raise
abort
_initialize_onexit_table
_beginthreadex
__sys_errlist
__sys_nerr
_endthreadex
_wsystem
exit
_errno
strerror
_execute_onexit_table
_set_thread_local_invalid_parameter_handler

api-ms-win-crt-convert-l1-1-0

mbstowcs
wcstol
strtoul
strtol
wcstombs

api-ms-win-crt-math-l1-1-0

exp2
tanh
erfc
sqrt
cbrt
cosh
erf
pow
log10
frexp
fmod
floor
tan
atan
atan2
_fdclass
_dclass
nextafter
exp
fabs
acosh
log1p
log
acos
expm1
_fdopen
atanh
asin
copysign
ldexp
hypot
asinh
modf
sin
round
sinh
cos
ceil

api-ms-win-crt-time-l1-1-0

__timezone
_tzset
strftime
clock
_time64
_mktime64
__daylight
_gmtime64_s
_localtime64_s

api-ms-win-crt-process-l1-1-0

_wexecv
_wspawnv
_wexecve
_cwait
_wspawnve

api-ms-win-crt-heap-l1-1-0

free
malloc
_heapmin
realloc
calloc

api-ms-win-crt-conio-l1-1-0

_putwch
_ungetwch
_getwche
_getche
_getch
_ungetch
_putch
_getwch

api-ms-win-crt-filesystem-l1-1-0

_umask
_wstat64i32

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyAsyncGen_New
PyAsyncGen_Type
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCMethod_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_Addr2Line
PyCode_Addr2Location
PyCode_GetCellvars
PyCode_GetCode
PyCode_GetFreevars
PyCode_GetVarnames
PyCode_New
PyCode_NewEmpty
PyCode_NewWithPosOnlyArgs
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyCompile_OpcodeStackEffect
PyCompile_OpcodeStackEffectWithJump
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyConfig_InitPythonConfig
PyConfig_Read
PyConfig_SetArgv
PyConfig_SetBytesArgv
PyConfig_SetBytesString
PyConfig_SetString
PyConfig_SetWideStringList
PyContextToken_Type
PyContextVar_Get
PyContextVar_New
PyContextVar_Reset
PyContextVar_Set
PyContextVar_Type
PyContext_Copy
PyContext_CopyCurrent
PyContext_Enter
PyContext_Exit
PyContext_New
PyContext_Type
PyCoro_New
PyCoro_Type
PyDescr_IsData
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetDefault
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ProgramTextObject
PyErr_RangedSyntaxLocationObject
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_SyntaxLocationObject
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnExplicitFormat
PyErr_WarnExplicitObject
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_OpenCode
PyFile_OpenCodeObject
PyFile_SetOpenCodeHook
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Pack2
PyFloat_Pack4
PyFloat_Pack8
PyFloat_Type
PyFloat_Unpack2
PyFloat_Unpack4
PyFloat_Unpack8
PyFrame_FastToLocals
PyFrame_FastToLocalsWithError
PyFrame_GetBack
PyFrame_GetBuiltins
PyFrame_GetCode
PyFrame_GetGenerator
PyFrame_GetGlobals
PyFrame_GetLasti
PyFrame_GetLineNumber
PyFrame_GetLocals
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Check
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_New
PyGen_NewWithQualName
PyGen_Type
PyGetSetDescr_Type
PyHash_GetFuncDef
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyIndex_Check
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_Head
PyInterpreterState_Main
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_GetAllocator
PyMem_Malloc
PyMem_RawCalloc
PyMem_RawFree
PyMem_RawMalloc
PyMem_RawRealloc
PyMem_Realloc
PyMem_SetAllocator
PyMem_SetupDebugHooks

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PyRuntim
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/pythoncom311.dll
.dll windows:6 windows x64 arch:x64

1b264cd576a6b6117b47db03980bc455

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\pythoncom.pdb

Imports

oleaut32

VariantCopyInd
SafeArrayGetElement
SafeArrayPutElement
SysStringLen
SafeArrayCreate
VariantChangeType
LHashValOfNameSys
UnRegisterTypeLi
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
QueryPathOfRegTypeLi
RegisterActiveObject
CreateTypeLi
CreateTypeLib2
GetActiveObject
RevokeActiveObject
SafeArrayGetDim
GetRecordInfoFromTypeInfo
SafeArrayGetUBound
SafeArrayGetLBound
GetRecordInfoFromGuids
SafeArrayGetRecordInfo
SafeArrayUnaccessData
SafeArrayAccessData
VariantInit
SysAllocString
VariantClear
SetErrorInfo
CreateErrorInfo
SysFreeString
GetErrorInfo
SafeArrayDestroy

ole32

CoInitialize
RevokeDragDrop
GetRunningObjectTable
CoGetObject
CoEnableCallCancellation
ProgIDFromCLSID
MkParseDisplayName
CoRevokeClassObject
OleFlushClipboard
CreateItemMoniker
CreateFileMoniker
CoFreeUnusedLibraries
CreatePointerMoniker
CoGetInterfaceAndReleaseStream
OleGetClipboard
OleLoadFromStream
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
RegisterDragDrop
CoResumeClassObjects
OleInitialize
CoDisableCallCancellation
CoReleaseMarshalData
CoUninitialize
OleIsCurrentClipboard
CoRegisterClassObject
OleSetClipboard
StringFromGUID2
DoDragDrop
CoMarshalInterface
CoTaskMemFree
OleLoad
CoTreatAsClass
CoCreateFreeThreadedMarshaler
CoCreateInstance
CreateBindCtx
CoCreateGuid
CoTaskMemAlloc
GetClassFile
OleSaveToStream
StgOpenStorageOnILockBytes
StgCreateDocfile
StgOpenStorage
ReadClassStg
CreateStreamOnHGlobal
WriteClassStm
CreateILockBytesOnHGlobal
WriteClassStg
CoGetCallContext
StgCreateDocfileOnILockBytes
PropVariantClear
StgIsStorageFile
ReadClassStm
ReleaseStgMedium

user32

TranslateMessage
PeekMessageW
DispatchMessageW
PostThreadMessageW
GetMessageW
wsprintfW

python311

PyExc_NotImplementedError
PyErr_WarnEx
_Py_FalseStruct
PyExc_PendingDeprecationWarning
PyLong_AsUnsignedLongMask
PyModule_Create2
PyErr_Format
PyErr_NewException
_Py_TrueStruct
Py_FrozenFlag
PyBytes_FromString
PyMapping_HasKey
PyDict_SetItem
PyLong_FromVoidPtr
PyRun_SimpleFileExFlags
PySys_SetObject
Py_Initialize
Py_IsInitialized
PyList_Append
PySys_SetArgv
PyUnicode_FromFormat
PyObject_GenericSetAttr
PyExc_IndexError
_PyArg_Parse_SizeT
PySequence_Tuple
PyLong_FromUnsignedLong
_PyBytes_Resize
PyFloat_AsDouble
PyLong_AsUnsignedLongLong
PyFloat_FromDouble
PyFloat_Type
PyType_IsSubtype
PyObject_IsTrue
PyLong_AsUnsignedLong
PyMem_Malloc
PyLong_FromSsize_t
PyObject_SetAttrString
PyLong_FromUnsignedLongLong
PyLong_FromLongLong
PyExc_OverflowError
PyMemoryView_Type
PyLong_AsDouble
_PyLong_Sign
PyObject_HasAttrString
PyObject_Str
PyByteArray_Type
PyNumber_Float
_PyLong_NumBits
PyEval_CallObjectWithKeywords
PyCapsule_IsValid
PyCapsule_GetPointer
PyCapsule_New
PyLong_Type
PyBytes_FromStringAndSize
PyDict_GetItemString
PyErr_NoMemory
PyObject_RichCompareBool
PyList_New
PyModule_GetDict
PyUnicode_Concat
PyUnicode_FromString
_Py_NotImplementedStruct
PyType_Ready
PyUnicode_AsUTF8
PyErr_ExceptionMatches
PyBool_FromLong
PyObject_Size
PyNumber_Check
PyTuple_SetItem
PySequence_Check
PyTuple_Size
PyTuple_GetItem
PyLong_FromDouble
_Py_VaBuildValue_SizeT
PyExc_AttributeError
PyLong_AsVoidPtr
PyDict_GetItem
PyMem_Free
PyObject_IsInstance
PyUnicode_AsWideCharString
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyLong_AsLongLong
_PyObject_CallFunction_SizeT
PyType_Type
PySeqIter_New
PyObject_IsSubclass
_Py_NewReference
PyExc_StopIteration
PyTuple_New
PyErr_SetNone
PyObject_GenericGetAttr
PySequence_GetItem
PySequence_Size
PyEval_RestoreThread
PyObject_Call
PyErr_Print
PyExc_TypeError
PyNumber_Long
PyGILState_Ensure
PyFile_WriteObject
PyDict_New
PyErr_Clear
_PyObject_CallMethod_SizeT
PyObject_GetAttrString
PyLong_AsLong
PyErr_Fetch
_PyArg_ParseTuple_SizeT
PyErr_SetString
PyDict_SetItemString
_Py_NoneStruct
PyGILState_Release
PySys_GetObject
PyExc_MemoryError
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModule
_Py_BuildValue_SizeT
PyErr_GivenExceptionMatches
PyErr_SetObject
PyObject_Repr
_Py_Dealloc
PyLong_AsSsize_t
PyErr_Restore

pywintypes311

?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
??0PyWinBufferView@@QEAA@XZ
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
??1PyWinBufferView@@QEAA@XZ
?ok@PyWinBufferView@@QEAA_NXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
?PyWinObject_FreeBstr@@YAXPEA_W@Z
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??1PyWin_AutoFreeBstr@@QEAA@XZ
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinExc_COMError@@3PEAU_object@@EA
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z

kernel32

FormatMessageW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualAlloc
VirtualFree
VirtualProtect
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
DisableThreadLibraryCalls
GetCurrentThreadId
LoadLibraryW
GetModuleHandleW
GetProcAddress
OutputDebugStringW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__C_specific_handler
__current_exception_context
__std_terminate
__std_exception_copy
__std_exception_destroy
memcpy
_CxxThrowException
memset
__std_type_info_destroy_list
_purecall

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vswprintf
__acrt_iob_func
__stdio_common_vsprintf
fclose
__stdio_common_vfprintf
__stdio_common_vfwprintf

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initterm
_crt_at_quick_exit
_initterm_e
terminate
__p___wargv
_configure_narrow_argv
_seh_filter_dll
_cexit
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

Exports

Exports

??0CPyFactory@@QEAA@AEBU_GUID@@@Z
??0CPyFactory@@QEAA@AEBV0@@Z
??0PyComEnumProviderTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z0@Z
??0PyComEnumTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyComTypeObject@@QEAA@PEBDPEAV0@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyGOleWindow@@IEAA@PEAU_object@@@Z
??0PyGOleWindow@@QEAA@$$QEAV0@@Z
??0PyGOleWindow@@QEAA@AEBV0@@Z
??0PyGPersist@@IEAA@PEAU_object@@@Z
??0PyGPersist@@QEAA@$$QEAV0@@Z
??0PyGPersist@@QEAA@AEBV0@@Z
??0PyGatewayBase@@IEAA@PEAU_object@@@Z
??0PyGatewayBase@@QEAA@AEBV0@@Z
??0PyIBase@@IEAA@XZ
??0PyIBase@@QEAA@AEBV0@@Z
??0PyIBindCtx@@IEAA@PEAUIUnknown@@@Z
??0PyIBindCtx@@QEAA@AEBV0@@Z
??0PyIClassFactory@@IEAA@PEAUIUnknown@@@Z
??0PyIClassFactory@@QEAA@AEBV0@@Z
??0PyIConnectionPoint@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPoint@@QEAA@AEBV0@@Z
??0PyIConnectionPointContainer@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPointContainer@@QEAA@AEBV0@@Z
??0PyIDispatch@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatch@@QEAA@AEBV0@@Z
??0PyIDispatchEx@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatchEx@@QEAA@AEBV0@@Z
??0PyIEnumMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumMoniker@@QEAA@AEBV0@@Z
??0PyIEnumVARIANT@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumVARIANT@@QEAA@AEBV0@@Z
??0PyIMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIMoniker@@QEAA@AEBV0@@Z
??0PyIOleWindow@@IEAA@PEAUIUnknown@@@Z
??0PyIOleWindow@@QEAA@AEBV0@@Z
??0PyIPersist@@IEAA@PEAUIUnknown@@@Z
??0PyIPersist@@QEAA@AEBV0@@Z
??0PyIPersistStream@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStream@@QEAA@AEBV0@@Z
??0PyIPersistStreamInit@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStreamInit@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo2@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo2@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo@@QEAA@AEBV0@@Z
??0PyIServiceProvider@@IEAA@PEAUIUnknown@@@Z
??0PyIServiceProvider@@QEAA@AEBV0@@Z
??0PyIStream@@IEAA@PEAUIUnknown@@@Z
??0PyIStream@@QEAA@AEBV0@@Z
??0PyITypeComp@@IEAA@PEAUIUnknown@@@Z
??0PyITypeComp@@QEAA@AEBV0@@Z
??0PyITypeInfo@@IEAA@PEAUIUnknown@@@Z
??0PyITypeInfo@@QEAA@AEBV0@@Z
??0PyITypeLib@@IEAA@PEAUIUnknown@@@Z
??0PyITypeLib@@QEAA@AEBV0@@Z
??0PyIUnknown@@IEAA@PEAUIUnknown@@@Z
??0PyIUnknown@@QEAA@AEBV0@@Z
??0PyOleArgNotFound@@QEAA@XZ
??0PyOleEmpty@@QEAA@XZ
??0PyOleMissing@@QEAA@XZ
??0PyOleNothing@@QEAA@XZ
??0PySTGMEDIUM@@QEAA@PEAUtagSTGMEDIUM@@@Z
??0PythonOleArgHelper@@QEAA@XZ
??1CPyFactory@@QEAA@XZ
??1PyComEnumProviderTypeObject@@QEAA@XZ
??1PyComEnumTypeObject@@QEAA@XZ
??1PyComTypeObject@@QEAA@XZ
??1PyGOleWindow@@UEAA@XZ
??1PyGPersist@@UEAA@XZ
??1PyGatewayBase@@MEAA@XZ
??1PyIBase@@MEAA@XZ
??1PyIBindCtx@@MEAA@XZ
??1PyIClassFactory@@MEAA@XZ
??1PyIConnectionPoint@@MEAA@XZ
??1PyIConnectionPointContainer@@MEAA@XZ
??1PyIDispatch@@MEAA@XZ
??1PyIDispatchEx@@MEAA@XZ
??1PyIEnumMoniker@@MEAA@XZ
??1PyIEnumVARIANT@@MEAA@XZ
??1PyIMoniker@@MEAA@XZ
??1PyIOleWindow@@MEAA@XZ
??1PyIPersist@@MEAA@XZ
??1PyIPersistStream@@MEAA@XZ
??1PyIPersistStreamInit@@MEAA@XZ
??1PyIProvideClassInfo2@@MEAA@XZ
??1PyIProvideClassInfo@@MEAA@XZ
??1PyIServiceProvider@@MEAA@XZ
??1PyIStream@@MEAA@XZ
??1PyITypeComp@@MEAA@XZ
??1PyITypeInfo@@MEAA@XZ
??1PyITypeLib@@MEAA@XZ
??1PyIUnknown@@MEAA@XZ
??1PySTGMEDIUM@@QEAA@XZ
??1PythonOleArgHelper@@QEAA@XZ
??4CPyFactory@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyGOleWindow@@QEAAAEAV0@$$QEAV0@@Z
??4PyGOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyGPersist@@QEAAAEAV0@$$QEAV0@@Z
??4PyGPersist@@QEAAAEAV0@AEBV0@@Z
??4PyGatewayBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBindCtx@@QEAAAEAV0@AEBV0@@Z
??4PyIClassFactory@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPoint@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPointContainer@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatch@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatchEx@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumVARIANT@@QEAAAEAV0@AEBV0@@Z
??4PyIMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyIPersist@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStream@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStreamInit@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo2@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo@@QEAAAEAV0@AEBV0@@Z
??4PyIServiceProvider@@QEAAAEAV0@AEBV0@@Z
??4PyIStream@@QEAAAEAV0@AEBV0@@Z
??4PyITypeComp@@QEAAAEAV0@AEBV0@@Z
??4PyITypeInfo@@QEAAAEAV0@AEBV0@@Z
??4PyITypeLib@@QEAAAEAV0@AEBV0@@Z
??4PyIUnknown@@QEAAAEAV0@AEBV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@AEBV0@@Z
??4PyOleEmpty@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleEmpty@@QEAAAEAV0@AEBV0@@Z
??4PyOleMissing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleMissing@@QEAAAEAV0@AEBV0@@Z
??4PyOleNothing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleNothing@@QEAAAEAV0@AEBV0@@Z
??4PySTGMEDIUM@@QEAAAEAV0@AEBV0@@Z
??4PythonOleArgHelper@@QEAAAEAV0@AEBV0@@Z
??_7CPyFactory@@6B@
??_7PyGOleWindow@@6B@
??_7PyGOleWindow@@6BIDispatchEx@@@
??_7PyGOleWindow@@6BIInternalUnwrapPythonObject@@@
??_7PyGOleWindow@@6BISupportErrorInfo@@@
??_7PyGPersist@@6B@
??_7PyGPersist@@6BIDispatchEx@@@
??_7PyGPersist@@6BIInternalUnwrapPythonObject@@@
??_7PyGPersist@@6BISupportErrorInfo@@@
??_7PyGatewayBase@@6BIDispatchEx@@@
??_7PyGatewayBase@@6BIInternalUnwrapPythonObject@@@
??_7PyGatewayBase@@6BISupportErrorInfo@@@
??_7PyIBase@@6B@
??_7PyIBindCtx@@6B@
??_7PyIClassFactory@@6B@
??_7PyIConnectionPoint@@6B@
??_7PyIConnectionPointContainer@@6B@
??_7PyIDispatch@@6B@
??_7PyIDispatchEx@@6B@
??_7PyIEnumMoniker@@6B@
??_7PyIEnumVARIANT@@6B@
??_7PyIMoniker@@6B@
??_7PyIOleWindow@@6B@
??_7PyIPersist@@6B@
??_7PyIPersistStream@@6B@
??_7PyIPersistStreamInit@@6B@
??_7PyIProvideClassInfo2@@6B@
??_7PyIProvideClassInfo@@6B@
??_7PyIServiceProvider@@6B@
??_7PyIStream@@6B@
??_7PyITypeComp@@6B@
??_7PyITypeInfo@@6B@
??_7PyITypeLib@@6B@
??_7PyIUnknown@@6B@
??_FPySTGMEDIUM@@QEAAXXZ
?AddRef@CPyFactory@@UEAAKXZ
?AddRef@PyGOleWindow@@MEAAKXZ
?AddRef@PyGPersist@@MEAAKXZ
?AddRef@PyGatewayBase@@UEAAKXZ
?Advise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?Bind@PyITypeComp@@QEAAPEAU_object@@PEA_WG@Z
?BindToObject@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindToStorage@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindType@PyITypeComp@@QEAAPEAU_object@@PEA_W@Z
?Clone@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Close@PySTGMEDIUM@@QEAAXXZ
?Commit@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ComposeWith@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?ContextSensitiveHelp@PyGOleWindow@@MEAAJH@Z
?ContextSensitiveHelp@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PySTGMEDIUM@@QEAAHPEAUtagSTGMEDIUM@@@Z
?CreateInstance@CPyFactory@@UEAAJPEAUIUnknown@@AEBU_GUID@@PEAPEAX@Z
?CreateInstance@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?CreateNewPythonInstance@CPyFactory@@IEAAJAEBU_GUID@@0PEAPEAU_object@@@Z
?DeleteMemberByDispID@PyGatewayBase@@UEAAJJ@Z
?DeleteMemberByDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DeleteMemberByName@PyGatewayBase@@UEAAJPEA_WK@Z
?DeleteMemberByName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DropOwnership@PySTGMEDIUM@@QEAAXXZ
?Enum@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?EnumConnectionPoints@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?EnumConnections@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?EnumObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?FindConnectionPoint@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?GetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetClassID@PyGPersist@@MEAAJPEAU_GUID@@@Z
?GetClassID@PyIPersist@@SAPEAU_object@@PEAU2@0@Z
?GetClassInfoW@PyIProvideClassInfo@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionInterface@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionPointContainer@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetContainingTypeLib@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetDispID@PyGatewayBase@@UEAAJPEA_WKPEAJ@Z
?GetDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetDisplayName@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?GetDocumentation@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetDocumentation@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetFuncDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetGUID@PyIProvideClassInfo2@@SAPEAU_object@@PEAU2@0@Z
?GetI@PyIBindCtx@@SAPEAUIBindCtx@@PEAU_object@@@Z
?GetI@PyIClassFactory@@SAPEAUIClassFactory@@PEAU_object@@@Z
?GetI@PyIConnectionPoint@@SAPEAUIConnectionPoint@@PEAU_object@@@Z
?GetI@PyIConnectionPointContainer@@SAPEAUIConnectionPointContainer@@PEAU_object@@@Z
?GetI@PyIDispatch@@SAPEAUIDispatch@@PEAU_object@@@Z
?GetI@PyIDispatchEx@@SAPEAUIDispatchEx@@PEAU_object@@@Z
?GetI@PyIEnumMoniker@@SAPEAUIEnumMoniker@@PEAU_object@@@Z
?GetI@PyIEnumVARIANT@@SAPEAUIEnumVARIANT@@PEAU_object@@@Z
?GetI@PyIMoniker@@SAPEAUIMoniker@@PEAU_object@@@Z
?GetI@PyIOleWindow@@SAPEAUIOleWindow@@PEAU_object@@@Z
?GetI@PyIPersist@@SAPEAUIPersist@@PEAU_object@@@Z
?GetI@PyIPersistStream@@SAPEAUIPersistStream@@PEAU_object@@@Z
?GetI@PyIPersistStreamInit@@SAPEAUIPersistStreamInit@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo2@@SAPEAUIProvideClassInfo2@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo@@SAPEAUIProvideClassInfo@@PEAU_object@@@Z
?GetI@PyIServiceProvider@@SAPEAUIServiceProvider@@PEAU_object@@@Z
?GetI@PyIStream@@SAPEAUIStream@@PEAU_object@@@Z
?GetI@PyITypeComp@@SAPEAUITypeComp@@PEAU_object@@@Z
?GetI@PyITypeInfo@@SAPEAUITypeInfo@@PEAU_object@@@Z
?GetI@PyITypeLib@@SAPEAUITypeLib@@PEAU_object@@@Z
?GetI@PyIUnknown@@SAPEAUIUnknown@@PEAU_object@@@Z
?GetIDsOfNames@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEA_WIKPEAJ@Z
?GetIDsOfNames@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetIID@PyGOleWindow@@MEAA?AU_GUID@@XZ
?GetIID@PyGPersist@@MEAA?AU_GUID@@XZ
?GetIID@PyGatewayBase@@UEAA?AU_GUID@@XZ
?GetImplTypeFlags@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetLibAttr@PyITypeLib@@QEAAPEAU_object@@XZ
?GetMemberName@PyGatewayBase@@UEAAJJPEAPEA_W@Z
?GetMemberName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetMemberProperties@PyGatewayBase@@UEAAJJKPEAK@Z
?GetMemberProperties@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetNameSpaceParent@PyGatewayBase@@UEAAJPEAPEAUIUnknown@@@Z
?GetNames@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetNextDispID@PyGatewayBase@@UEAAJKJPEAJ@Z
?GetNextDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetRefTypeInfo@PyITypeInfo@@QEAAPEAU_object@@K@Z
?GetRefTypeOfImplType@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetRunningObjectTable@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetSizeMax@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?GetTypeAttr@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfo@PyGatewayBase@@UEAAJIKPEAPEAUITypeInfo@@@Z
?GetTypeInfo@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfo@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetTypeInfoCount@PyGatewayBase@@UEAAJPEAI@Z
?GetTypeInfoCount@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfoCount@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfoOfGuid@PyITypeLib@@QEAAPEAU_object@@AEBU_GUID@@@Z
?GetTypeInfoType@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetVarDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetWindow@PyGOleWindow@@MEAAJPEAPEAUHWND__@@@Z
?GetWindow@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?Hash@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?InitNew@PyIPersistStreamInit@@SAPEAU_object@@PEAU2@0@Z
?InterfaceSupportsErrorInfo@PyGatewayBase@@UEAAJAEBU_GUID@@@Z
?Invoke@PyGatewayBase@@UEAAJJAEBU_GUID@@KGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAI@Z
?Invoke@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeEx@PyGatewayBase@@UEAAJJKGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAUIServiceProvider@@@Z
?InvokeEx@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?InvokeTypes@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeViaPolicy@PyGatewayBase@@MEAAJPEBDPEAPEAU_object@@0ZZ
?IsDirty@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?IsSystemMoniker@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?Load@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?LockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?LockServer@CPyFactory@@UEAAJH@Z
?LockServer@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?MakeBstrToObj@@YAPEAU_object@@QEA_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_WH@Z
?MakeObjToVariant@PythonOleArgHelper@@QEAAHPEAU_object@@PEAUtagVARIANT@@0@Z
?MakePythonArgumentTuples@@YAHPEAPEAU_object@@PEAPEAVPythonOleArgHelper@@01PEAUtagDISPPARAMS@@@Z
?MakeVariantToObj@PythonOleArgHelper@@QEAAPEAU_object@@PEAUtagVARIANT@@@Z
?Next@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Next@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?ParseTypeInformation@PythonOleArgHelper@@QEAAHPEAU_object@@@Z
?PyCom_BstrFromPyObject@@YAHPEAU_object@@PEAPEA_WH@Z
?PyCom_BuildInternalPyException@@YAPEAU_object@@PEAD@Z
?PyCom_BuildPyException@@YAPEAU_object@@JPEAUIUnknown@@AEBU_GUID@@@Z
?PyCom_BuildPyExceptionFromEXCEPINFO@@YAPEAU_object@@JPEAUtagEXCEPINFO@@I@Z
?PyCom_CheckIEnumNextResult@@YAJJAEBU_GUID@@@Z
?PyCom_DLLAddRef@@YAXXZ
?PyCom_DLLReleaseRef@@YAXXZ
?PyCom_EnableQuitMessage@@YAXK@Z
?PyCom_ExcepInfoFromPyException@@YAXPEAUtagEXCEPINFO@@@Z
?PyCom_ExcepInfoFromPyObject@@YAHPEAU_object@@PEAUtagEXCEPINFO@@PEAJ@Z
?PyCom_HandleIEnumNoSequence@@YAJAEBU_GUID@@@Z
?PyCom_InterfaceFromPyInstanceOrObject@@YAHPEAU_object@@AEBU_GUID@@PEAPEAXH@Z
?PyCom_IsGatewayRegistered@@YAHAEBU_GUID@@@Z
?PyCom_LogF@@YAXPEB_WZZ
?PyCom_LoggerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerNonServerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerWarning@@YAXPEAU_object@@PEB_WZZ
?PyCom_PyObjectAsSTATPROPSETSTG@@YAHPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectAsSTATSTG@@YAHPEAU_object@@PEAUtagSTATSTG@@K@Z
?PyCom_PyObjectAsSTGOPTIONS@@YAHPEAU_object@@PEAPEAUtagSTGOPTIONS@@PEAVTmpWCHAR@@@Z
?PyCom_PyObjectFromExcepInfo@@YAPEAU_object@@PEBUtagEXCEPINFO@@@Z
?PyCom_PyObjectFromSAFEARRAY@@YAPEAU_object@@PEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_PyObjectFromSTATPROPSETSTG@@YAPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectFromSTATSTG@@YAPEAU_object@@PEAUtagSTATSTG@@@Z
?PyCom_RegisterClientType@@YAHPEAU_typeobject@@PEBU_GUID@@@Z
?PyCom_RegisterExtensionSupport@@YAHPEAU_object@@PEBUPyCom_InterfaceSupportInfo@@H@Z
?PyCom_RegisterGatewayObject@@YAJAEBU_GUID@@P6AJPEAU_object@@PEAVPyGatewayBase@@PEAPEAX0@ZPEBD@Z
?PyCom_SAFEARRAYFromPyObject@@YAHPEAU_object@@PEAPEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_SetAndLogCOMErrorFromPyException@@YAJPEBDAEBU_GUID@@@Z
?PyCom_SetAndLogCOMErrorFromPyExceptionEx@@YAJPEAU_object@@PEBDAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromPyException@@YAJAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromSimple@@YAJJAEBU_GUID@@PEB_W@Z
?PyGatewayConstruct@PyGOleWindow@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGPersist@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGatewayBase@@SAJPEAU_object@@PEAV1@PEAPEAXAEBU_GUID@@@Z
?PyObConstruct@PyIBindCtx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIClassFactory@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPoint@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPointContainer@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatch@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatchEx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumVARIANT@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIOleWindow@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersist@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStreamInit@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo2@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIServiceProvider@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeComp@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeLib@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIUnknown@@SAPEAV1@PEAUIUnknown@@@Z
?PyObject_AsCurrency@@YAHPEAU_object@@PEATtagCY@@@Z
?PyObject_AsOLEMENUGROUPWIDTHS@@YAHPEAU_object@@PEAUtagOleMenuGroupWidths@@@Z
?PyObject_AsPROPVARIANT@@YAHPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromCurrency@@YAPEAU_object@@AEATtagCY@@@Z
?PyObject_FromOLEMENUGROUPWIDTHS@@YAPEAU_object@@PEBUtagOleMenuGroupWidths@@@Z
?PyObject_FromPROPVARIANT@@YAPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromPROPVARIANTs@@YAPEAU_object@@PEAUtagPROPVARIANT@@K@Z
?PyObject_FromSTGMEDIUM@@YAPEAVPySTGMEDIUM@@PEAUtagSTGMEDIUM@@@Z
?PyOleArgNotFoundType@@3U_typeobject@@A
?PyOleEmptyType@@3U_typeobject@@A
?PyOleMissingType@@3U_typeobject@@A
?PyOleNothingType@@3U_typeobject@@A
?QueryInterface@CPyFactory@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGOleWindow@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGPersist@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyIUnknown@@SAPEAU_object@@PEAU2@0@Z
?QueryService@PyIServiceProvider@@SAPEAU_object@@PEAU2@0@Z
?Read@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RegisterObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?Release@CPyFactory@@UEAAKXZ
?Release@PyGOleWindow@@MEAAKXZ
?Release@PyGPersist@@MEAAKXZ
?Release@PyGatewayBase@@UEAAKXZ
?Reset@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Reset@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Revert@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RevokeObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SafeRelease@PyIUnknown@@SAXPEAV1@@Z
?Save@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?Seek@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?SetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SetPythonCOMError@PyIConnectionPoint@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIDispatchEx@@SAPEAU_object@@PEAU2@J@Z
?SetSize@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Stat@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ThisAsIID@PyGOleWindow@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGPersist@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGatewayBase@@UEAAPEAXU_GUID@@@Z
?Type@PySTGMEDIUM@@2U_typeobject@@A
?Unadvise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?UnlockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Unwrap@PyGatewayBase@@UEAAJPEAPEAU_object@@@Z
?Write@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?cmp@PyIBase@@SAHPEAU_object@@0@Z
?compare@PyIBase@@UEAAHPEAU_object@@@Z
?compare@PyIUnknown@@UEAAHPEAU_object@@@Z
?dealloc@PyIBase@@SAXPEAU_object@@@Z
?deallocFunc@PySTGMEDIUM@@SAXPEAU_object@@@Z
?getattr@PyIBase@@UEAAPEAU_object@@PEAD@Z
?getattro@PyIBase@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySTGMEDIUM@@SAPEAU_object@@PEAU2@0@Z
?is_interface_type@PyComTypeObject@@SAHPEAU_object@@@Z
?is_object@PyIBase@@QEAAHPEAVPyComTypeObject@@@Z
?is_object@PyIBase@@SAHPEAU_object@@PEAVPyComTypeObject@@@Z
?iter@PyComEnumProviderTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyIBase@@UEAAPEAU_object@@XZ
?iternext@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iternext@PyIBase@@UEAAPEAU_object@@XZ
?methods@PySTGMEDIUM@@2PAUPyMethodDef@@A
?repr@PyIBase@@SAPEAU_object@@PEAU2@@Z
?repr@PyIBase@@UEAAPEAU_object@@XZ
?repr@PyIUnknown@@UEAAPEAU_object@@XZ
?richcmp@PyIBase@@SAPEAU_object@@PEAU2@0H@Z
?setattr@PyIBase@@UEAAHPEADPEAU_object@@@Z
?setattro@PyIBase@@SAHPEAU_object@@00@Z
?szErrMsgObjectReleased@PyIUnknown@@2PEADEA
?type@PyIBindCtx@@2VPyComTypeObject@@A
?type@PyIClassFactory@@2VPyComTypeObject@@A
?type@PyIConnectionPoint@@2VPyComTypeObject@@A
?type@PyIConnectionPointContainer@@2VPyComTypeObject@@A
?type@PyIDispatch@@2VPyComTypeObject@@A
?type@PyIDispatchEx@@2VPyComTypeObject@@A
?type@PyIEnumMoniker@@2VPyComEnumTypeObject@@A
?type@PyIEnumVARIANT@@2VPyComEnumTypeObject@@A
?type@PyIMoniker@@2VPyComEnumProviderTypeObject@@A
?type@PyIOleWindow@@2VPyComTypeObject@@A
?type@PyIPersist@@2VPyComTypeObject@@A
?type@PyIPersistStream@@2VPyComTypeObject@@A
?type@PyIPersistStreamInit@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo2@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo@@2VPyComTypeObject@@A
?type@PyIServiceProvider@@2VPyComTypeObject@@A
?type@PyIStream@@2VPyComTypeObject@@A
?type@PyITypeComp@@2VPyComTypeObject@@A
?type@PyITypeInfo@@2VPyComTypeObject@@A
?type@PyITypeLib@@2VPyComTypeObject@@A
?type@PyIUnknown@@2VPyComTypeObject@@A
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServerEx
DllUnregisterServerEx
PyCom_CoInitialize
PyCom_CoInitializeEx
PyCom_CoUninitialize
PyCom_InterfaceFromPyObject
PyCom_MakeOlePythonCall
PyCom_PyObjectFromIUnknown
PyCom_PyObjectFromVariant
PyCom_VariantFromPyObject
PyInit_pythoncom

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/pywintypes311.dll
.dll windows:6 windows x64 arch:x64

5b71a076f0c32bb52117188a36e3fec6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\pywintypes.pdb

Imports

advapi32

IsValidAcl
GetAuditedPermissionsFromAclW
GetLengthSid
InitializeAcl
AddAuditAccessAce
AddAce
DeleteAce
SetEntriesInAclW
GetAce
GetExplicitEntriesFromAclW
GetEffectiveRightsFromAclW
RegCloseKey
SetSecurityDescriptorGroup
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetAclInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSidIdentifierAuthority
InitializeSid
CopySid
GetSidSubAuthority
AllocateAndInitializeSid
GetSidSubAuthorityCount
EqualSid
IsTextUnicode

user32

wsprintfW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoCreateGuid
CLSIDFromProgID
StringFromGUID2

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SysFreeString

python311

PyExc_Exception
PyErr_SetObject
PyModule_AddIntConstant
PyRun_StringFlags
PyMemoryView_FromObject
PyLong_FromUnsignedLong
PyThreadState_New
PyLong_AsUnsignedLongMask
PyModule_GetDict
PyObject_GetBuffer
PyModule_Create2
PyUnicode_Type
PyByteArray_FromStringAndSize
PyDict_GetItemString
PyLong_AsVoidPtr
PyObject_CallObject
PyThreadState_Clear
PyCallable_Check
PyThreadState_Swap
_Py_FatalErrorFunc
PyEval_AcquireThread
PyMemoryView_FromBuffer
PyThreadState_Delete
PyEval_ReleaseThread
PyUnicode_AsUTF8
PyExc_PendingDeprecationWarning
PyLong_FromLongLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyLong_FromUnsignedLongLong
PyErr_Occurred
PyErr_WarnEx
PyBuffer_FillInfo
PyEval_RestoreThread
PyObject_Print
_Py_TrueStruct
PyUnicode_AsMBCSString
_Py_HashPointer
PyObject_GenericSetAttr
PyErr_Fetch
PyErr_Restore
_Py_FalseStruct
PyEval_SaveThread
PyBytes_FromStringAndSize
PyExc_AttributeError
PyExc_WindowsError
PyBytes_AsStringAndSize
PyArg_ParseTuple
PyBuffer_Release
PyExc_TypeError
_Py_NewReference
PyArg_ParseTupleAndKeywords
PyExc_NotImplementedError
PyTuple_SetItem
PySequence_Check
PyDict_New
PyDict_SetItem
PyMapping_Check
PyErr_Clear
PyObject_GetAttrString
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyTuple_New
_Py_NoneStruct
PyExc_MemoryError
Py_BuildValue
PyLong_FromLong
PyObject_GenericGetAttr
PySequence_GetItem
PyMapping_Items
PySequence_Size
Py_MakePendingCalls
PyMem_Malloc
PyMem_Free
PyBytes_Size
PyList_Append
PyList_New
PyUnicode_AsWideCharString
PyUnicode_FromWideChar
PyUnicode_DecodeMBCS
PyBytes_AsString
PyEval_CallObjectWithKeywords
PyBool_FromLong
PyNumber_Long
PyNumber_Check
PyObject_HasAttrString
PyCapsule_Import
PyObject_CallMethod
PyTuple_Size
PyType_Ready
PyErr_BadArgument
PyLong_AsLong
PyType_IsSubtype
PyDict_SetItemString
PyImport_ImportModule
PySequence_Tuple
PyErr_NoMemory
_PyArg_ParseTuple_SizeT
PyBytes_FromString
_Py_NotImplementedStruct
_Py_BuildValue_SizeT
PyObject_Call

kernel32

LocalFree
CloseHandle
SetLastError
lstrlenW
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalAlloc
FormatMessageW
TlsAlloc
GetLastError
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsFree
DosDateTimeToFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
memcpy
__C_specific_handler
__current_exception_context
__current_exception
__std_terminate
memcmp
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
free

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vfprintf

api-ms-win-crt-time-l1-1-0

_mktime64

api-ms-win-crt-string-l1-1-0

wcsncpy
strncpy
strcmp
_wcsdup

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

floor

Exports

Exports

??0PyACL@@QEAA@HH@Z
??0PyACL@@QEAA@PEAU_ACL@@@Z
??0PyDEVMODEW@@QEAA@G@Z
??0PyDEVMODEW@@QEAA@PEAU_devicemodeW@@@Z
??0PyDEVMODEW@@QEAA@XZ
??0PyHANDLE@@QEAA@AEBV0@@Z
??0PyHANDLE@@QEAA@PEAX@Z
??0PyHKEY@@QEAA@$$QEAV0@@Z
??0PyHKEY@@QEAA@AEBV0@@Z
??0PyHKEY@@QEAA@PEAX@Z
??0PyIID@@QEAA@AEBU_GUID@@@Z
??0PyOVERLAPPED@@QEAA@PEBVsMyOverlapped@0@@Z
??0PyOVERLAPPED@@QEAA@XZ
??0PySECURITY_ATTRIBUTES@@QEAA@AEBU_SECURITY_ATTRIBUTES@@@Z
??0PySECURITY_ATTRIBUTES@@QEAA@XZ
??0PySECURITY_DESCRIPTOR@@QEAA@PEAX@Z
??0PySECURITY_DESCRIPTOR@@QEAA@_J@Z
??0PySID@@QEAA@PEAX@Z
??0PySID@@QEAA@_JPEAX@Z
??0PyWAVEFORMATEX@@QEAA@AEBUtWAVEFORMATEX@@@Z
??0PyWAVEFORMATEX@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@AEBU_OVERLAPPED@@@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@XZ
??1PyACL@@QEAA@XZ
??1PyDEVMODEW@@IEAA@XZ
??1PyHANDLE@@UEAA@XZ
??1PyHKEY@@UEAA@XZ
??1PyOVERLAPPED@@QEAA@XZ
??1PySECURITY_ATTRIBUTES@@QEAA@XZ
??1PySECURITY_DESCRIPTOR@@QEAA@XZ
??1PySID@@QEAA@XZ
??1PyWAVEFORMATEX@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
??1PyWin_AutoFreeBstr@@QEAA@XZ
??4PyACL@@QEAAAEAV0@AEBV0@@Z
??4PyDEVMODEW@@QEAAAEAV0@AEBV0@@Z
??4PyHANDLE@@QEAAAEAV0@AEBV0@@Z
??4PyHKEY@@QEAAAEAV0@$$QEAV0@@Z
??4PyHKEY@@QEAAAEAV0@AEBV0@@Z
??4PyIID@@QEAAAEAV0@$$QEAV0@@Z
??4PyIID@@QEAAAEAV0@AEBV0@@Z
??4PyOVERLAPPED@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_ATTRIBUTES@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_DESCRIPTOR@@QEAAAEAV0@AEBV0@@Z
??4PySID@@QEAAAEAV0@AEBV0@@Z
??4PyWAVEFORMATEX@@QEAAAEAV0@AEBV0@@Z
??4PyWin_AutoFreeBstr@@QEAAAEAV0@AEBV0@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@$$QEAV01@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@AEBV01@@Z
??BPyHANDLE@@QEAAPEAXXZ
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
??_7PyHANDLE@@6B@
??_7PyHKEY@@6B@
??_FPyIID@@QEAAXXZ
??_FPySECURITY_DESCRIPTOR@@QEAAXXZ
??_FPyWin_AutoFreeBstr@@QEAAXXZ
?AddAccessAllowedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddMandatoryAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Clear@PyDEVMODEW@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@UEAAHXZ
?Close@PyHKEY@@UEAAHXZ
?DeleteAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Detach@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?GetACL@PyACL@@QEAAPEAU_ACL@@XZ
?GetAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAceCount@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclRevision@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclSize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetDEVMODE@PyDEVMODEW@@QEAAPEAU_devicemodeW@@XZ
?GetLength@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetLength@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetOverlapped@PyOVERLAPPED@@QEAAPEAU_OVERLAPPED@@XZ
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?GetSA@PySECURITY_ATTRIBUTES@@QEAAPEAU_SECURITY_ATTRIBUTES@@XZ
?GetSD@PySECURITY_DESCRIPTOR@@QEAAPEAXXZ
?GetSID@PySID@@QEAAPEAXXZ
?GetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSidIdentifierAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthorityCount@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetTypeName@PyHANDLE@@UEAAPEBDXZ
?GetTypeName@PyHKEY@@UEAAPEBDXZ
?Initialize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySID@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIID@@QEAAHAEAV1@@Z
?IsEqual@PyIID@@QEAAHAEBU_GUID@@@Z
?IsEqual@PyIID@@QEAAHPEAU_object@@@Z
?IsSelfRelative@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PyACL@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySID@@SAPEAU_object@@PEAU2@0@Z
?PyACLType@@3U_typeobject@@A
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
?PyDEVMODEWType@@3U_typeobject@@A
?PyGetAuditedPermissionsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetEffectiveRightsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetExplicitEntriesFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyHANDLEType@@3U_typeobject@@A
?PyIIDType@@3U_typeobject@@A
?PyOVERLAPPEDType@@3U_typeobject@@A
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PySECURITY_ATTRIBUTESType@@3U_typeobject@@A
?PySECURITY_DESCRIPTORType@@3U_typeobject@@A
?PySIDType@@3U_typeobject@@A
?PySetEntriesInAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PySocket_AsSOCKET@@YAHPEAU_object@@PEA_K@Z
?PyWAVEFORMATEXType@@3U_typeobject@@A
?PyWinCoreString_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinExc_COMError@@3PEAU_object@@EA
?PyWinGlobals_Ensure@@YAHXZ
?PyWinGlobals_Free@@YAXXZ
?PyWinInterpreterLock_Acquire@@YAXXZ
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinMethod_NewACL@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewHANDLE@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewOVERLAPPED@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_ATTRIBUTES@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTimeStamp@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewWAVEFORMATEX@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsACL@@YAHPEAU_object@@PEAPEAU_ACL@@H@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsChars@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsOVERLAPPED@@YAHPEAU_object@@PEAPEAU_OVERLAPPED@@H@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinObject_AsPyOVERLAPPED@@YAHPEAU_object@@PEAPEAVPyOVERLAPPED@@H@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSID@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsWAVEFORMATEX@@YAHPEAU_object@@PEAPEAUtWAVEFORMATEX@@H@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_FreeBstr@@YAXPEA_W@Z
?PyWinObject_FreeChars@@YAXPEAD@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEAD@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromOVERLAPPED@@YAPEAU_object@@PEBU_OVERLAPPED@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_FromSECURITY_ATTRIBUTES@@YAPEAU_object@@AEBU_SECURITY_ATTRIBUTES@@@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSID@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinObject_FromTimeStamp@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinThreadState_Clear@@YAXXZ
?PyWinThreadState_Ensure@@YAHXZ
?PyWinThreadState_Free@@YAXXZ
?PyWinTimeObject_Fromtime_t@@YAPEAU_object@@_J@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWin_CopyString@@YAPEADPEBD@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWin_InterpreterState@@3PEAU_is@@EA
?PyWin_MakePendingCalls@@YAXXZ
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWin_RegisterErrorMessageModule@@YAHKKPEAUHINSTANCE__@@@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_SetBasicCOMError@@YAPEAU_object@@J@Z
?SetACL@PyACL@@QEAAHPEAU_ACL@@@Z
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?SetSD@PySECURITY_DESCRIPTOR@@QEAAHPEAX@Z
?SetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?asStr@PyHANDLE@@QEAAPEAU_object@@XZ
?binaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?deallocFunc@PyACL@@SAXPEAU_object@@@Z
?deallocFunc@PyDEVMODEW@@SAXPEAU_object@@@Z
?deallocFunc@PyHANDLE@@SAXPEAU_object@@@Z
?deallocFunc@PyIID@@SAXPEAU_object@@@Z
?deallocFunc@PyOVERLAPPED@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_ATTRIBUTES@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_DESCRIPTOR@@SAXPEAU_object@@@Z
?deallocFunc@PySID@@SAXPEAU_object@@@Z
?deallocFunc@PyWAVEFORMATEX@@SAXPEAU_object@@@Z
?get_DeviceName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DriverData@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_FormName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_handle@PyHANDLE@@SAPEAU_object@@PEAU2@PEAX@Z
?getattro@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySECURITY_ATTRIBUTES@@SAPEAU_object@@PEAU2@0@Z
?getbufferinfo@PySECURITY_DESCRIPTOR@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getbufferinfo@PySID@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getset@PyDEVMODEW@@2PAUPyGetSetDef@@A
?getset@PyHANDLE@@2PAUPyGetSetDef@@A
?hash@PyHANDLE@@QEAA_JXZ
?hash@PyIID@@QEAA_JXZ
?hashFunc@PyHANDLE@@SA_JPEAU_object@@@Z
?hashFunc@PyIID@@SA_JPEAU_object@@@Z
?hashFunc@PyOVERLAPPED@@SA_JPEAU_object@@@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?intFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?len@PyWinBufferView@@QEAAKXZ
?longFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?members@PyDEVMODEW@@2PAUPyMemberDef@@A
?members@PyOVERLAPPED@@2PAUPyMemberDef@@A
?members@PySECURITY_ATTRIBUTES@@2PAUPyMemberDef@@A
?members@PyWAVEFORMATEX@@2PAUPyMemberDef@@A
?methods@PyACL@@2PAUPyMethodDef@@A
?methods@PyDEVMODEW@@2PAUPyMethodDef@@A
?methods@PyHANDLE@@2PAUPyMethodDef@@A
?methods@PySECURITY_ATTRIBUTES@@2PAUPyMethodDef@@A
?methods@PySECURITY_DESCRIPTOR@@2PAUPyMethodDef@@A
?methods@PySID@@2PAUPyMethodDef@@A
?modify_in_place@PyDEVMODEW@@QEAAXXZ
?nonzeroFunc@PyHANDLE@@SAHPEAU_object@@@Z
?ok@PyWinBufferView@@QEAA_NXZ
?print@PyHANDLE@@QEAAHPEAU_iobuf@@H@Z
?printFunc@PyHANDLE@@SAHPEAU_object@@PEAU_iobuf@@H@Z
?ptr@PyWinBufferView@@QEAAPEAXXZ
?release@PyWinBufferView@@QEAAXXZ
?repr@PyIID@@QEAAPEAU_object@@XZ
?reprFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?richcompare@PyHANDLE@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PyIID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PySID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompareFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyIID@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PySID@@SAPEAU_object@@PEAU2@0H@Z
?set_DeviceName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_DriverData@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_FormName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?setattro@PyOVERLAPPED@@SAHPEAU_object@@00@Z
?setattro@PySECURITY_ATTRIBUTES@@SAHPEAU_object@@00@Z
?str@PyIID@@QEAAPEAU_object@@XZ
?strFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?strFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?strFunc@PySID@@SAPEAU_object@@PEAU2@@Z
?ternaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@00@Z
?tp_new@PyDEVMODEW@@SAPEAU_object@@PEAU_typeobject@@PEAU2@1@Z
?unaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
DllMain
PyInit_pywintypes

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/select.pyd
.dll windows:6 windows x64 arch:x64

fc4f7d736924aa67a1bd7b7b80894df9

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c4:dc:30:b7:8a:e5:a8:e7:21:4f:8d:7b:50:2f:e6:1e:d6:fd:03:6c:b6:f8:e2:37:88:b6:ee:aa:91:9f:11:49
Signer

Actual PE Digest

c4:dc:30:b7:8a:e5:a8:e7:21:4f:8d:7b:50:2f:e6:1e:d6:fd:03:6c:b6:f8:e2:37:88:b6:ee:aa:91:9f:11:49

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\select.pdb

Imports

ws2_32

select
__WSAFDIsSet
WSAGetLastError

python311

PyModuleDef_Init
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
PyModule_GetState
PyEval_RestoreThread
_PyTime_AsTimeval
_PyDeadline_Init
PyErr_CheckSignals
PyExc_OSError
PyObject_AsFileDescriptor
PyList_New
PySequence_Fast
PyModule_AddObjectRef
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_ValueError
PyErr_SetString
_Py_NoneStruct
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
_PyTime_FromSecondsObject
PyUnicode_InternFromString
PyErr_SetExcFromWindowsErr
PyList_SetItem
_PyTime_AsTimeval_clamp

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_errno
_initterm
_initterm_e
_seh_filter_dll

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit_select

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/setup_x86-64_build_4355.exe
.exe windows:6 windows x64 arch:x64

019de23f18cefc4240c50e008c0d53c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

python311

PyExc_ModuleNotFoundError
PyNumber_Invert
PyExc_SyntaxError
PyExc_MemoryError
PyWideStringList_Append
PyList_SetSlice
Py_ExitStatusException
_PyWarnings_Init
PyConfig_SetArgv
Py_NoSiteFlag
PyList_Size
Py_NoUserSiteDirectory
Py_SetProgramName
PyStatus_Exception
Py_DontWriteBytecodeFlag
Py_DebugFlag
PyLong_AsLong
PyUnicode_AsUTF8
PyConfig_SetString
Py_BytesWarningFlag
_PyConfig_InitCompatConfig
Py_VerboseFlag
PySys_SetArgv
PyImport_FrozenModules
_PyRuntime_Initialize
Py_InitializeFromConfig
Py_OptimizeFlag
PyDict_DelItemString
Py_UTF8Mode
Py_InteractiveFlag
Py_InspectFlag
Py_IgnoreEnvironmentFlag
Py_FrozenFlag
_PyAsyncGenWrappedValue_Type
PyModule_GetFilenameObject
PySequence_List
PyNumber_InPlaceOr
PyExc_ImportWarning
PyOS_snprintf
PyMem_GetAllocator
PyDictItems_Type
PyErr_WarnEx
PyFunction_Type
_PyArg_NoKeywords
PyDictKeys_Type
PyImport_ImportModule
PyBytes_AsString
PyObject_SelfIter
PyEval_GetFuncName
PyImport_ExecCodeModuleEx
PySequence_InPlaceConcat
PyUnicode_RichCompare
PyUnicode_DecodeUTF8
_PyWeakref_CallableProxyType
PyList_Sort
_PyGen_FetchStopIterationValue
PyObject_InitVar
PyObject_SetAttrString
PyNumber_FloorDivide
PyUnicode_Concat
PyExc_UnboundLocalError
_PyErr_WriteUnraisableMsg
_PyImport_FixupExtensionObject
Py_BuildValue
PyLong_FromUnsignedLongLong
PyComplex_FromDoubles
_PyObject_LookupAttr
PyObject_GetAttr
PyModule_GetName
PyUnicode_FromOrdinal
PyBytes_FromString
PyModule_GetDef
_PyObject_GC_Resize
PyTuple_New
PyLong_FromString
PyDict_SetItemString
PyLong_FromLongLong
PyFrame_Type
PyFloat_FromDouble
PyDictValues_Type
PyUnicode_New
PyObject_LengthHint
PyUnicode_FromWideChar
_PyWeakref_ClearRef
PyMarshal_ReadObjectFromString
PyObject_CallFunction
PyIter_Next
PyObject_GetIter
PyNumber_Add
PyEval_EvalCodeEx
PyIter_Send
PyUnicode_InternInPlace
PyNumber_InPlaceLshift
PyMapping_Size
PyObject_RichCompare
PyObject_Dir
PyCoro_Type
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyNumber_Subtract
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyImport_GetModuleDict
PyObject_Free
PyImport_ImportFrozenModule
PyErr_ExceptionMatches
_PyErr_FormatFromCause
PyUnicode_FindChar
PyObject_GC_Del
PyObject_CallFunctionObjArgs
PyLong_FromUnicodeObject
PyDescr_IsData
_PyBytes_Resize
PyObject_ClearWeakRefs
PyCode_Type
PyUnicode_AsWideCharString
PyUnicode_FromFormat
PyObject_GetBuffer
PyNumber_InPlaceMultiply
PyErr_BadArgument
PyList_New
PyType_Ready
PyModule_FromDefAndSpec2
Py_CompileStringExFlags
PyList_Append
PyObject_RichCompareBool
PyMapping_Check
PySet_Type
_PyLong_New
PyObject_GenericSetAttr
PyDict_New
PyNumber_ToBase
_PyDict_MaybeUntrack
_PyErr_ChainStackItem
PyByteArray_FromStringAndSize
PyModule_ExecDef
_PyEval_EvalFrameDefault
PyLong_AsLongAndOverflow
PyCMethod_New
_PySet_NextEntry
PyErr_NoMemory
PyObject_Realloc
PyDict_GetItemString
PyEllipsis_Type
PyDict_GetItem
PyObject_CallObject
PyComplex_Type
PyBytes_FromStringAndSize
PyCode_Addr2Line
PyArg_ParseTupleAndKeywords
PyImport_ExecCodeModule
PyUnicode_FromEncodedObject
_PyWeakref_ProxyType
_PyObject_New
PyMem_Realloc
PyObject_IsTrue
PyObject_Str
PyTuple_Pack
_PyByteArray_empty_string
_PyUnicode_Ready
PyCallable_Check
PyMem_Malloc
PyFrame_GetBack
_PyErr_NormalizeException
PyModuleDef_Type
PyGen_Type
PyObject_CallMethodObjArgs
PyArg_UnpackTuple
_PyWeakref_RefType
_PyObject_GC_NewVar
PyException_SetCause
PyList_SetItem
PyAsyncGen_Type
PyErr_Print
PyTraceBack_Type
_PyTuple_MaybeUntrack
Py_GenericAliasType
_PyLong_Copy
PyUnicode_Format
PyBuffer_Release
PyObject_Call
PyNumber_Float
PyArg_ParseTuple
PySys_WriteStderr
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PyFloat_FromString
PyFrozenSet_Type
PyFilter_Type
PyExc_IOError
PyExc_EnvironmentError
PyExc_NameError
PyExc_UnicodeError
PyExc_PermissionError
PySlice_Type
PyExc_ConnectionError
PyLong_FromVoidPtr
PyExc_KeyboardInterrupt
PyEnum_Type
PyExc_UnicodeDecodeError
PyByteArray_FromObject
PyReversed_Type
PyMap_Type
PyExc_StopAsyncIteration
PyObject_DelItem
PyExc_LookupError
PySet_Add
PyFrozenSet_New
PySet_Contains
PyExc_ConnectionResetError
PyFloat_Type
PyTuple_Type
PyDict_Type
PyExc_SystemExit
_PyObject_FunctionStr
PyExc_UnicodeEncodeError
PyObject_Repr
_Py_NotImplementedStruct
PyProperty_Type
PySet_New
_Py_EllipsisObject
PyObject_SetAttr
PyBool_Type
PyExc_NotImplementedError
PyUnicode_Join
PyExc_BaseException
PyExc_Exception
PyRange_Type
PyDict_DelItem
PyLong_Type
PyExc_ZeroDivisionError
PyExc_RuntimeError
PyByteArray_Type
PyExc_ImportError
PyBytes_Type
PyExc_GeneratorExit
PyObject_GetItem
PyMemoryView_Type
PySequence_Tuple
PyDict_MergeFromSeq2
PyDict_Merge
PyNumber_Negative
PyZip_Type
PyExc_OverflowError
PyEval_AcquireThread
PyExc_AssertionError
PyObject_IsSubclass
PyExc_StopIteration
PySequence_Check
PySeqIter_Type
PyErr_WriteUnraisable
PyEval_SaveThread
Py_Exit
Py_MakePendingCalls
PyObject_SetItem
PyExc_IndexError
PyList_Type
PyLong_FromSsize_t
PyNumber_Long
_PyDict_NewPresized
PyException_GetContext
PyModule_Type
PyNumber_AsSsize_t
PyExc_OSError
_PyRuntime
PyException_SetContext
PyUnicode_Type
PyDict_SetItem
PyObject_GetAttrString
PyModule_GetDict
PyType_IsSubtype
PyExc_ValueError
PySequence_Contains
PyExc_KeyError
PyErr_PrintEx
Py_GenericAlias
PyType_Type
_PyType_Lookup
PyExc_SystemError
PyExc_TypeError
PyObject_IsInstance
PyErr_Format
PyExc_AttributeError
_Py_NoneStruct
PyCFunction_Type
PyBaseObject_Type
PyUnicode_Substring
PyUnicode_FromString
PyUnicode_GetLength
_Py_TrueStruct
PyCapsule_New
PyUnicode_Find
PySys_SetObject
_Py_FalseStruct
PyStructSequence_New
PySys_GetObject
PyStructSequence_InitType
PyLong_FromLong
_Py_PackageContext

kernel32

WriteConsoleW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetProcessHeap
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
MultiByteToWideChar
GetFileType
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapAlloc
GetStdHandle
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlPcToFileHeader
RaiseException
EncodePointer
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwindEx
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExW
FormatMessageA
GetSystemTimeAsFileTime
WideCharToMultiByte
GetCurrentProcessId
LoadResource
LockResource
GetLastError
CreateFileW
FindResourceA
GetEnvironmentVariableW
SetErrorMode
SetEnvironmentVariableW
GetModuleFileNameW
GetShortPathNameW
WriteFile
SetDllDirectoryW
SetStdHandle
CheckRemoteDebuggerPresent
IsDebuggerPresent
MapViewOfFile
CreateFileMappingA
GetProcAddress
CloseHandle
GetVersionExA
LoadLibraryA
CreateFileA
GetModuleHandleA
UnmapViewOfFile
GetModuleFileNameA

Sections

.text
Size: 15.6MB - Virtual size: 15.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/spwizimg.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:02:32:41:fb:59:99:6d:cc:4d:ff:00:00:00:00:02:32
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:24

Not After

02/05/2020, 21:24

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:3c:b0:c6:3b:b7:bd:4a:74:25:df:b7:ef:37:b9:8e:57:d0:db:7c:40:9c:53:db:0c:b1:27:5e:96:8e:41:a4
Signer

Actual PE Digest

15:3c:b0:c6:3b:b7:bd:4a:74:25:df:b7:ef:37:b9:8e:57:d0:db:7c:40:9c:53:db:0c:b1:27:5e:96:8e:41:a4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/sqlite3.dll
.dll windows:6 windows x64 arch:x64

e92f8368c515b90972eef06f208a1928

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:be:a4:92:c4:9d:21:8b:8f:df:cf:3e:38:68:76:bb:67:5c:eb:66:fa:05:b5:e0:86:66:f2:d1:68:51:4c:11
Signer

Actual PE Digest

46:be:a4:92:c4:9d:21:8b:8f:df:cf:3e:38:68:76:bb:67:5c:eb:66:fa:05:b5:e0:86:66:f2:d1:68:51:4c:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\sqlite3.pdb

Imports

kernel32

AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__C_specific_handler
strrchr
memmove
memcmp

api-ms-win-crt-math-l1-1-0

exp
tanh
pow
sqrt
cosh
asinh
acosh
cos
atan2
sinh
asin
log2
atanh
trunc
acos
ceil
sin
fmod
tan
floor
log
log10
atan

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
_initterm_e
_endthreadex
_initterm

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
_msize

api-ms-win-crt-string-l1-1-0

strcspn
strncmp
strcmp

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_is_interrupted
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_rtree_query_callback
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_encoding
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/tellib.dll
.dll windows:10 windows x64 arch:x64

24312d25942ac7e5d22705f6393e25bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

TelLib.pdb

Imports

msvcp_win

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
_Thrd_id
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QEBA_WD@Z
_Mtx_trylock
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
_Wcsxfrm
_Wcscoll
?id@?$collate@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
_Cnd_wait
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Syserror_map@std@@YAPEBDH@Z
_Xtime_get_ticks
_Mtx_current_owns
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_timedwait
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_XGetLastError@std@@YAXXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
_Query_perf_frequency
_Query_perf_counter
_Cnd_signal
?_Random_device@std@@YAIXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_broadcast
_Cnd_init_in_situ
_Cnd_destroy_in_situ
?_Xinvalid_argument@std@@YAXPEBD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z

api-ms-win-crt-string-l1-1-0

memset
wcsncmp
strcspn
wcscmp
wcsnlen
strnlen

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__strnicmp
_o__strtoi64
_o__ui64tow_s
_o__wcsicmp
_o__wcslwr
_o__wcsnicmp
_o__wcstoi64
_o__wcstoui64
_o__wtof
_o__wtoi
memmove
_o_calloc
_o_ceil
_o_exp
_o_floor
_o_free
_o_isspace
_o_iswalnum
_o_iswspace
_o_isxdigit
_o_log
_o_log2
_o_lround
_o_malloc
_o_memcpy_s
_o_pow
_o_rand
_o_realloc
_o_round
_o_sqrt
_o_srand
_o_strtod
_o_strtol
_o_strtoul
_o_strtoull
_o_terminate
_o_tolower
_o_towlower
_o_towupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstod
_o_wcstoll
_o_wcstoull
__C_specific_handler
_o__invalid_parameter_noinfo_noreturn
_CxxThrowException
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__execute_onexit_table
_o__errno
_o__dsign
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
wcsstr
memchr
memcmp
memcpy
wcschr
strchr
__std_type_info_compare
__CxxFrameHandler3

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetProcAddress
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleExW
LoadStringW
SizeofResource
FreeResource
LockResource
FindResourceExW
FreeLibrary
LoadResource
GetModuleFileNameW
GetModuleHandleW

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceBeginInitialize
Sleep

api-ms-win-core-synch-l1-1-0

AcquireSRWLockShared
CreateMutexExW
OpenSemaphoreW
SetEvent
ReleaseSRWLockShared
InitializeCriticalSectionAndSpinCount
CreateEventExW
DeleteCriticalSection
AcquireSRWLockExclusive
CreateWaitableTimerExW
ReleaseSRWLockExclusive
SetWaitableTimerEx
ReleaseSemaphore
ReleaseMutex
WaitForSingleObject
EnterCriticalSection
InitializeCriticalSectionEx
ResetEvent
SetWaitableTimer
WaitForSingleObjectEx
CreateSemaphoreExW
CreateEventW
InitializeCriticalSection
LeaveCriticalSection

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventWriteTransfer
EventUnregister

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolIo
WaitForThreadpoolTimerCallbacks
CreateThreadpoolIo
CancelThreadpoolIo
StartThreadpoolIo
CreateThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolThreadMaximum
SetThreadpoolWait
CloseThreadpoolWork
WaitForThreadpoolWorkCallbacks
CreateThreadpoolTimer
CreateThreadpoolWork
SetThreadpoolTimer
CreateThreadpool
CloseThreadpool
SubmitThreadpoolWork
CloseThreadpoolWait
WaitForThreadpoolIoCallbacks
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
OpenProcessToken
GetProcessId
SetThreadPriority
SetThreadPriorityBoost
GetCurrentProcessId
GetCurrentProcess
OpenThreadToken
GetExitCodeThread
DeleteProcThreadAttributeList
OpenThread
CreateProcessW
SuspendThread
GetThreadId
CreateProcessAsUserW
GetStartupInfoW
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
CreateThread
GetCurrentThreadId
ResumeThread
GetCurrentThread
GetExitCodeProcess

api-ms-win-core-localization-l1-2-0

GetSystemPreferredUILanguages
GetUserGeoID
GetThreadLocale
FormatMessageW
GetSystemDefaultLCID

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-registry-l1-1-0

RegOpenCurrentUser
RegDeleteTreeW
RegSetValueExW
RegCreateKeyExW
RegGetValueW
RegCopyTreeW
RegDeleteValueW
RegNotifyChangeKeyValue
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW

api-ms-win-core-processenvironment-l1-1-0

SetEnvironmentVariableW
ExpandEnvironmentStringsW

api-ms-win-core-processthreads-l1-1-1

OpenProcess
SetProcessMitigationPolicy
IsProcessorFeaturePresent
GetProcessMitigationPolicy
GetThreadContext
GetThreadTimes

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetSystemInfo
GetTickCount64
GetSystemTime
GlobalMemoryStatusEx
GetSystemDirectoryW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead
InterlockedFlushSList

api-ms-win-core-timezone-l1-1-0

GetDynamicTimeZoneInformation
FileTimeToSystemTime
SystemTimeToFileTime

api-ms-win-core-heap-l2-1-0

GlobalFree
LocalFree
LocalAlloc

api-ms-win-core-realtime-l1-1-0

QueryThreadCycleTime
QueryUnbiasedInterruptTime
QueryProcessCycleTime

api-ms-win-core-file-l1-1-0

GetFileAttributesExW
GetDiskFreeSpaceExW
FindFirstVolumeW
FindNextChangeNotification
FindCloseChangeNotification
GetTempFileNameW
SetEndOfFile
GetFileTime
FindFirstChangeNotificationW
WriteFile
CreateFileW
FindNextVolumeW
GetFileSizeEx
QueryDosDeviceW
GetVolumeInformationW
GetFileSize
FindFirstFileExW
FindVolumeClose
CreateDirectoryW
SetFilePointerEx
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileInformationByHandle
GetVolumePathNameW
FindNextFileW
ReadFile
GetFullPathNameW
DeleteFileW
GetDriveTypeW
SetFileAttributesW
GetFileAttributesW
FindFirstFileW
FindClose

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime
VerSetConditionMask
GetNativeSystemInfo
GetProductInfo

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx
CopyFileExW
MoveFileExW

api-ms-win-core-path-l1-1-0

PathCchCombine
PathAllocCombine
PathCchCanonicalizeEx
PathCchAppend

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-sysinfo-l1-2-1

GetPhysicallyInstalledSystemMemory

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer

iphlpapi

NotifyNetworkConnectivityHintChange
CancelMibChangeNotify2
GetNetworkConnectivityHint

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-wow64-l1-1-1

IsWow64Process2
GetSystemWow64Directory2W

api-ms-win-core-url-l1-1-0

UrlEscapeW

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-psapi-l1-1-0

K32GetPerformanceInfo
K32GetProcessImageFileNameW

api-ms-win-core-string-l2-1-0

CharLowerBuffW

api-ms-win-core-version-l1-1-0

VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-crt-math-l1-1-0

_finite
ceilf

ntdll

RtlIsDosDeviceName_U
RtlFreeHeap
RtlReleaseRelativeName
RtlDosPathNameToRelativeNtPathName_U
NtOpenThreadToken
NtOpenProcessToken
RtlCompareUnicodeString
RtlGetDeviceFamilyInfoEnum
NtDeviceIoControlFile
NtCreateFile
NtClose
NtQueryInformationThread
NtQueryInformationToken
RtlInitUnicodeString
EtwTraceMessage
RtlAllocateAndInitializeSid
NtQuerySystemInformation
RtlGetCurrentServiceSessionId
RtlIsStateSeparationEnabled
NtSetInformationProcess
EtwCheckCoverage
RtlCheckSystemBootStatusIntegrity
RtlCreateBootStatusDataFile
RtlRestoreSystemBootStatusDefaults
RtlGetSystemBootStatus
NtQuerySystemTime
RtlComputeCrc32
RtlSetSystemBootStatus
NtQuerySystemInformationEx
NtSetInformationThread
ZwQueryWnfStateData
RtlAllocateHeap
NtOpenSymbolicLinkObject
RtlNtStatusToDosError
NtQuerySymbolicLinkObject
NtOpenFile
NtQueryValueKey
NtQueryBootEntryOrder
NtQueryBootOptions
NtTranslateFilePath
NtOpenDirectoryObject
NtQueryDirectoryObject
NtEnumerateBootEntries
NtAdjustPrivilegesToken
NtOpenProcessTokenEx
NtOpenThreadTokenEx
RtlImpersonateSelf
RtlNtStatusToDosErrorNoTeb
NtOpenKey
RtlIsMultiSessionSku
NtSystemDebugControl
NtQueryLicenseValue
NtSetInformationFile
RtlReportExceptionEx
NtPowerInformation
RtlCheckPortableOperatingSystem
RtlGetPersistedStateLocation
RtlSubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlConvertDeviceFamilyInfoToString
RtlGetVersion
NtQueryInformationProcess
RtlPublishWnfStateData

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

TelLib_Cleanup
TelLib_ConfigureSetting
TelLib_EventWrite
TelLib_ForceUpload
TelLib_ForceUploadLatency
TelLib_Initialize
TelLib_Initialize2
TelLib_SetAgentConnectivityCallback
TelLib_SetBandwidthExceededChangedCallback
TelLib_SetBatteryState
TelLib_SetConnectedStandby
TelLib_SetCustomRequestFieldCallback
TelLib_SetDailyUploadQuota
TelLib_SetDiskActivityCallback
TelLib_SetDiskQuota
TelLib_SetGeneralQuietMode
TelLib_SetNetworkActivityCallback
TelLib_SetNetworkImpersonationContext
TelLib_SetNetworkState
TelLib_SetProxyInfo
TelLib_SetTenantToken
TelLib_SetTimerValue
TelLib_SetUploadFailedCallback
TelLib_SetUploadUrls

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 695KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/twinui.dll
.dll windows:10 windows x64 arch:x64

28a0aac53420676518c7b3312ff90576

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

twinui.pdb

Imports

msvcrt

acosf
cosf
floorf
pow
wcscmp
memcmp
memset
abort
_wsetlocale
__crtLCMapStringW
??8type_info@@QEBAHAEBV0@@Z
_wcsdup
__uncaught_exception
_ismbblead
___mb_cur_max_func
___lc_codepage_func
___lc_handle_func
__pctype_func
setlocale
memmove
memcpy
_CxxThrowException
_callnewh
toupper
iswdigit
_wcslwr_s
wcsncpy_s
wcsnlen
bsearch_s
wcscat_s
wcsncmp
swprintf_s
sprintf
??0exception@@QEAA@AEBQEBDH@Z
_vsnwprintf_s
qsort_s
_vsnprintf
swscanf_s
wcscpy_s
calloc
strncpy_s
strchr
strrchr
strtol
_errno
?what@exception@@UEBAPEBDXZ
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
strcspn
clock
__ExceptionPtrCreate
__ExceptionPtrCurrentException
__ExceptionPtrDestroy
__ExceptionPtrCopy
sprintf_s
localeconv
??0exception@@QEAA@AEBQEBD@Z
wcstol
wcscspn
realloc
wcschr
wcsstr
_free_locale
_towlower_l
_wcsnicmp
_create_locale
wcstok_s
wcsrchr
vswprintf_s
wcstoul
_wcsicmp
_ultow_s
memmove_s
_get_errno
_set_errno
sinf
sqrtf
strcmp
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_XcptFilter
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_purecall
??3@YAXPEAX@Z
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
__CxxFrameHandler3

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LoadLibraryExW
SizeofResource
LoadResource
GetProcAddress
GetModuleHandleExW
LoadStringW
FindResourceExW
FindStringOrdinal
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetModuleFileNameA
LockResource

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
WakeAllConditionVariable
Sleep
SleepConditionVariableSRW
WakeByAddressAll
InitOnceExecuteOnce
WaitOnAddress

api-ms-win-core-synch-l1-1-0

SetEvent
InitializeCriticalSection
TryEnterCriticalSection
CreateMutexExW
ResetEvent
CreateMutexW
ReleaseSRWLockShared
CreateEventExW
CreateEventW
LeaveCriticalSection
EnterCriticalSection
OpenSemaphoreW
OpenMutexW
InitializeSRWLock
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObjectEx
WaitForMultipleObjectsEx
WaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
OpenEventW
AcquireSRWLockShared
TryAcquireSRWLockExclusive
InitializeCriticalSectionEx
CreateSemaphoreExW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventActivityIdControl
EventWriteTransfer
EventProviderEnabled
EventSetInformation

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-eventing-classicprovider-l1-1-0

UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
OpenProcessToken
GetCurrentThreadId
OpenThreadToken
TlsAlloc
GetExitCodeProcess
GetExitCodeThread
TlsSetValue
GetCurrentProcess
CreateProcessAsUserW
SetThreadToken
OpenThread
GetCurrentThread
SetThreadPriority
TerminateProcess
CreateThread
GetProcessId
ProcessIdToSessionId
TlsGetValue
TlsFree

api-ms-win-core-localization-l1-2-0

GetThreadUILanguage
GetUserPreferredUILanguages
GetThreadPreferredUILanguages
LCMapStringEx
ResolveLocaleName
GetSystemPreferredUILanguages
FindNLSString
LCMapStringW
FormatMessageW
GetLocaleInfoEx
GetLocaleInfoW
LocaleNameToLCID
GetSystemDefaultLCID

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemDirectoryW
GetVersionExW
GetSystemInfo
GetTickCount
GetLocalTime
GetSystemTimeAsFileTime
GetWindowsDirectoryW
GetTickCount64
GetSystemTime

ntdll

_wcslwr
ZwQueryValueKey
RtlInitUnicodeStringEx
ZwOpenKey
ZwQuerySystemInformation
RtlGetNativeSystemInformation
RtlUpcaseUnicodeChar
ZwClose
ZwEnumerateKey
RtlReAllocateHeap
NtQueryValueKey
RtlRunOnceExecuteOnce
RtlGetNtProductType
NtOpenKey
WinSqmAddToStreamEx
RtlCheckPortableOperatingSystem
RtlNtStatusToDosErrorNoTeb
RtlCompareUnicodeString
NtQueryInformationToken
WinSqmAddToStream
WinSqmSetDWORD
WinSqmIsOptedIn
WinSqmIncrementDWORD
RtlUnsubscribeWnfNotificationWithCompletionCallback
RtlAllocateWnfSerializationGroup
RtlGUIDFromString
RtlRandomEx
RtlFreeUnicodeString
RtlUpcaseUnicodeString
NtCreateFile
RtlDosPathNameToNtPathName_U_WithStatus
EtwEventWriteTransfer
NtQuerySystemTime
RtlQueryPackageClaims
RtlGetDeviceFamilyInfoEnum
RtlUnsubscribeWnfStateChangeNotification
RtlNtStatusToDosError
NtQueryInformationProcess
RtlPublishWnfStateData
RtlDeriveCapabilitySidsFromName
RtlQueryWnfStateData
NtDeviceIoControlFile
NtOpenFile
RtlInitUnicodeString
NtClose
NtQueryObject
RtlAllocateHeap
RtlFreeHeap
EtwTraceMessage
NtQuerySystemInformation
RtlSubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
wcsspn
_wcstoui64
RtlIsMultiSessionSku
NtPowerInformation

api-ms-win-core-sidebyside-l1-1-0

QueryActCtxW
FindActCtxSectionStringW
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
ActivateActCtx

api-ms-win-core-threadpool-l1-2-0

DisassociateCurrentThreadFromCallback
SubmitThreadpoolWork
IsThreadpoolTimerSet
CreateThreadpoolTimer
CreateThreadpoolWork
SetThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpool
CloseThreadpoolWork
FreeLibraryWhenCallbackReturns
CreateThreadpool
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
CreateThreadpoolWait

api-ms-win-rtcore-ntuser-window-l1-1-0

PeekMessageW
UnregisterClassW
GetMessageExtraInfo
SetMessageExtraInfo
FindWindowExW
GetCursorPos
SetWindowLongW
SetWindowLongPtrW
GetWindowLongPtrW
RegisterClassExW
RegisterClassW
PostQuitMessage
DefWindowProcW
DestroyWindow
SetFocus
SetWindowTextW
GetParent
RegisterWindowMessageW
TranslateMessage
FindWindowW
ShowWindow
GetWindowTextW
SetForegroundWindow
CreateWindowExW
IsWindow
EnumChildWindows
PostThreadMessageW
SetTimer
GetFocus
GetMessageTime
GetMessagePos
AllowSetForegroundWindow
WindowFromPoint
SendMessageW
GetForegroundWindow
EnumWindows
IsWindowVisible
GetPropW
GetDesktopWindow
GetWindowLongW
GetAncestor
GetClientRect
ScreenToClient
SetWindowPos
SendNotifyMessageW
DispatchMessageW
GetWindowRect
RemovePropW
GetWindowThreadProcessId
KillTimer
EnableWindow
PostMessageW
GetMessageW
SetPropW
SetParent
SetCursorPos
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindow
ClientToScreen
GetClassNameW

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask
SHTaskPoolAllowThreadReuse
SHTaskPoolGetUniqueContext

api-ms-win-core-winrt-propertysetprivate-l1-1-1

RoCreatePropertySetSerializer

user32

MapVirtualKeyW
DestroyIcon
IsWindowArranged
GetRawInputData
RegisterRawInputDevices
DestroyAcceleratorTable
LoadAcceleratorsW
DefWindowProcA
IsWindowUnicode
GetKeyboardLayout
RegisterHotKey
UnregisterHotKey
FillRect
GetSystemMenu
EnableMenuItem
CreateIconIndirect
ord2535
MapVirtualKeyExW
FlashWindow
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
MapWindowPoints
ClipCursor
RealGetWindowClassW
SetWindowPlacement
SendInput
InternalGetWindowText
SetCoalescableTimer
IsImmersiveProcess
InjectKeyboardInput
ord2542
RegisterPointerDeviceNotifications
GetAutoRotationState
ShowWindowAsync
GetMenuDefaultItem
CopyImage
GetMenuInfo
SetMenuInfo
DrawIconEx
DrawTextExW
GetDpiForWindow
SetDisplayConfig
GetRawInputDeviceInfoW
LoadCursorW
SetCursor
ChangeWindowMessageFilterEx
IsZoomed
GetMenuItemInfoW
SetMenuItemInfoW
DeleteMenu
GetMenuItemCount
IsIconic
GetWindowInfo
MonitorFromWindow
GetWindowPlacement
ord2521
AdjustWindowRectEx
GetSysColor
GetKeyState
ord2514
ord2515
GetLastActivePopup
SwitchToThisWindow
GetWindowRgn
MonitorFromRect
GetPhysicalCursorPos
CalculatePopupWindowPosition
WindowFromPhysicalPoint
GetGUIThreadInfo
SetWindowRgn
UnhookWindowsHookEx
TrackMouseEvent
GetWindowRgnBox
GetCapture
ReleaseCapture
SetWindowsHookExW
SetCapture
GetAsyncKeyState
BeginPaint
EndPaint
DrawTextW
UpdateWindow
SetLayeredWindowAttributes
GetDC
ReleaseDC
CallNextHookEx
MonitorFromPoint
InvalidateRect

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
WideCharToMultiByte
GetStringTypeW
CompareStringEx
CompareStringW
MultiByteToWideChar

api-ms-win-core-registry-l1-1-0

RegOpenCurrentUser
RegQueryValueExW
RegQueryInfoKeyW
RegSetKeySecurity
RegCreateKeyExW
RegEnumValueW
RegDeleteTreeW
RegGetValueW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyExW
RegDeleteKeyExW
RegSetValueExW

api-ms-win-core-heap-l2-1-0

LocalReAlloc
LocalFree
LocalAlloc
GlobalFree
GlobalAlloc

api-ms-win-security-base-l1-1-0

GetSidSubAuthorityCount
IsValidSid
EqualSid
AllocateAndInitializeSid
FreeSid
DuplicateTokenEx
SetTokenInformation
CopySid
GetAclInformation
CreateWellKnownSid
GetAce
CreateRestrictedToken
DeleteAce
ImpersonateLoggedOnUser
GetSidSubAuthority
GetTokenInformation
AddAce
InitializeAcl
GetLengthSid

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled
QuirkIsEnabledForPackage

api-ms-win-core-debug-l1-1-1

CheckRemoteDebuggerPresent

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-file-l1-1-0

FindClose
FindNextFileW
GetFileSizeEx
FindFirstFileExW
GetTempFileNameW
ReadFile
GetFileInformationByHandle
FindFirstChangeNotificationW
FindNextChangeNotification
DeleteFileW
CreateDirectoryW
SetFilePointer
FindCloseChangeNotification
WriteFile
FindFirstFileW
CreateFileW
CompareFileTime
GetFileAttributesW

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo
VerSetConditionMask

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformationForYear
FileTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime

api-ms-win-power-setting-l1-1-0

PowerSettingUnregisterNotification
PowerWriteDCValueIndex
PowerGetActiveScheme
PowerSettingRegisterNotification
PowerWriteACValueIndex

api-ms-win-core-psapi-l1-1-0

K32GetModuleFileNameExW
QueryFullProcessImageNameW
K32EnumProcesses

api-ms-win-core-memory-l1-1-0

OpenFileMappingW
UnmapViewOfFile
ReadProcessMemory

api-ms-win-core-path-l1-1-0

PathCchRemoveBackslash
PathCchCombine
PathCchRemoveFileSpec
PathCchAddBackslash
PathAllocCombine
PathCchAppend
PathCchAddExtension

api-ms-win-core-file-l2-1-0

MoveFileExW
CopyFileExW

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-security-base-l1-2-0

GetCachedSigningLevel
SetCachedSigningLevel

rpcrt4

RpcBindingFromStringBindingW
RpcStringBindingComposeW
UuidToStringW
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
UuidCreate
NdrClientCall3

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW
RegDeleteKeyValueW

api-ms-win-core-string-l2-1-0

CharLowerBuffW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW
FindResourceW

api-ms-win-core-wow64-l1-1-1

IsWow64Process2

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-core-sysinfo-l1-2-3

GetIntegratedDisplaySize

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

gdi32

AddFontMemResourceEx
GetDIBits
GetCurrentDpiInfo
SetBkMode
CreateFontIndirectW
GetCurrentObject
ExcludeClipRect
SetStretchBltMode
D3DKMTNetDispQueryMiracastDisplayDeviceSupport
D3DKMTNetDispStartMiracastDisplayDeviceEx
GetObjectW
GetRgnBox
CreateDIBSection
CreateCompatibleDC
SelectObject
CreateRectRgnIndirect
GetDeviceCaps
CreateSolidBrush
StretchBlt
CreateCompatibleBitmap
BitBlt
DeleteDC
DeleteObject
GetStockObject
CreateRectRgn
CombineRgn
PtInRegion
GetClipBox
StretchDIBits
GdiAlphaBlend
SetTextColor
GetOutlineTextMetricsW
GetGlyphOutlineW
SetBkColor
RemoveFontMemResourceEx

dwmapi

ord163
ord164
ord162
ord147
ord138
ord145
DwmQueryThumbnailSourceSize
DwmUnregisterThumbnail
ord139
DwmSetWindowAttribute
ord159
ord141
ord160
ord140
DwmUpdateThumbnailProperties
DwmGetWindowAttribute
DwmSetIconicLivePreviewBitmap
DwmSetIconicThumbnail
ord161
DwmShowContact

pdh

PdhGetRawCounterArrayW
PdhCollectQueryData
PdhOpenQueryW
PdhAddCounterW
PdhCloseQuery

api-ms-win-security-isolatedcontainer-l1-1-1

IsProcessInWDAGContainer

api-ms-win-shell-namespace-l1-1-0

SHCreateItemFromParsingName
SHBindToFolderIDListParent
SHCreateItemWithParent
ILCombine
ILIsEqual
ILClone
SHParseDisplayName
SHCreateItemFromIDList
ILFindLastID
SHGetIDListFromObject
ILFree
ILGetSize
ILFindChild

api-ms-win-core-heap-obsolete-l1-1-0

GlobalLock
GlobalUnlock

api-ms-win-core-threadpool-legacy-l1-1-0

CreateTimerQueueTimer
UnregisterWaitEx
QueueUserWorkItem
DeleteTimerQueueTimer

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics
GetDisplayConfigBufferSizes
GetMonitorInfoW
EnumDisplayMonitors
SystemParametersInfoW
QueryDisplayConfig
EnumDisplayDevicesW
DisplayConfigGetDeviceInfo
EnumDisplaySettingsW
EnumDisplaySettingsExW

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW
UnregisterWait
RegisterWaitForSingleObject

api-ms-win-core-processtopology-obsolete-l1-1-0

GetActiveProcessorCount

api-ms-win-shcore-path-l1-1-0

ord170

api-ms-win-core-url-l1-1-0

UrlGetPartW
HashData
PathIsURLW
UrlUnescapeW

api-ms-win-shell-shdirectory-l1-1-0

ord290

api-ms-win-core-atoms-l1-1-0

GlobalDeleteAtom
GlobalAddAtomW
GlobalGetAtomNameW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW
lstrlenA
lstrlenW
lstrcmpA

api-ms-win-shcore-sysinfo-l1-1-0

IsOS

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-ntuser-rectangle-l1-1-0

IntersectRect
SubtractRect
EqualRect
CopyRect
SetRect
IsRectEmpty
OffsetRect
UnionRect
PtInRect
InflateRect
SetRectEmpty

api-ms-win-rtcore-ntuser-synch-l1-1-0

MsgWaitForMultipleObjectsEx

api-ms-win-rtcore-ntuser-clipboard-l1-1-0

OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard

api-ms-win-rtcore-ntuser-wmpointer-l1-1-0

GetPointerDevice
GetPointerDevices
GetPointerInfoHistory
GetCurrentInputMessageSource
GetPointerInfo
GetPointerFrameInfo
GetPointerDeviceRects
GetPointerFrameInfoHistory

api-ms-win-storage-exports-internal-l1-1-0

SHGetSpecialFolderLocation
SHGetKnownFolderItem
GetThreadFlags
SHGetKnownFolderIDList

api-ms-win-rtcore-ntuser-winevent-l1-1-0

UnhookWinEvent
SetWinEventHook
NotifyWinEvent

api-ms-win-rtcore-ntuser-shell-l1-1-0

DeregisterShellHookWindow
RegisterShellHookWindow
GetShellWindow

api-ms-win-core-pcw-l1-1-0

PcwCollectData
PcwCreateQuery
PcwAddQueryItem

api-ms-win-rtcore-ntuser-private-l1-1-4

ord2589
ord2592
ord2590
ord2588
ord2594

api-ms-win-rtcore-ntuser-private-l1-1-0

IsWindowInDestroy
CreateWindowInBandEx

api-ms-win-shell-shellcom-l1-1-0

SHCoCreateInstance

api-ms-win-storage-exports-external-l1-1-0

STORAGE_SHGetPathFromMsUri
STORAGE_SHValidateMSUri

api-ms-win-core-registryuserspecific-l1-1-0

SHRegGetBoolUSValueW

api-ms-win-rtcore-ntuser-wmpointer-l1-1-1

SkipPointerFrameMessages

api-ms-win-rtcore-ntuser-powermanagement-l1-1-0

RegisterPowerSettingNotification
UnregisterPowerSettingNotification

api-ms-win-shell-changenotify-l1-1-0

SHChangeNotify

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-service-private-l1-1-0

SubscribeServiceChangeNotifications
UnsubscribeServiceChangeNotifications

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-rtcore-ntuser-draw-l1-1-0

RedrawWindow

api-ms-win-core-psm-key-l1-1-0

PsmGetKeyFromToken

combase

ord65
ord157
ord90
ord140

shell32

ord2
SHGetStockIconInfo
ord4
ord779
ord782
Shell_GetCachedImageIndexW
SHGetItemFromDataObject
ord764
ShellExecuteW
SHAppBarMessage
SHGetPropertyStoreForWindow
ord6
ord940
ord930
ShellExecuteExW
SHCreateShellItemArrayFromShellItem
SHCreateItemInKnownFolder
ord765
ord644
ord645
ord54
SHCreateItemFromRelativeName
SHFileOperationW
ord791
SHGetPropertyStoreFromIDList
ord931
SHGetItemFromObject
ord924
ord923
ord68
DuplicateIcon
SHCreateAssociationRegistration
SHQueryUserNotificationState
ord727
SHAssocEnumHandlers
ord714

windows.storage

ord915
ord942
ord916

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/twinui.pcshell.dll
.dll windows:10 windows x64 arch:x64

35c65245dcf7d29886e947d12d170199

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

twinui.pcshell.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__unlock_file
_o__wcsicmp
_o__wcsnicmp
_o__wtof
_o__wtol
_o_ceil
_o_fclose
_o_fflush
_o_fgetc
_o_fgetpos
_o_fputc
_o_fread
_o_free
_o_fsetpos
_o_fwrite
_o_iswspace
_o_malloc
_o_memcpy_s
_o_pow
_o_realloc
_o_setvbuf
_o_sqrt
_o_terminate
_o_toupper
_o_towlower
_o_ungetc
_o_wcscat_s
_o_wcscpy_s
_o_wcstod
_o_wcstok_s
_o_wcstol
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__set_errno
_o__seh_filter_dll
_o__register_onexit_function
_o__purecall
wcsrchr
wcsstr
wcschr
memcpy
memmove
memcmp
_o__lock_file
_o__itow_s
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__get_stream_buffer_pointers
_o__get_errno
_o__fseeki64
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o____lc_codepage_func
__std_terminate
__CxxFrameHandler4

api-ms-win-crt-string-l1-1-0

memset
wcscspn
wcslen
_wcsrev
wcsncpy
wcsnlen
wcscmp

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LoadStringW
FindStringOrdinal
LockResource
GetProcAddress
LoadLibraryExW
LoadResource
GetModuleHandleExW
GetModuleHandleW
FreeLibrary
GetModuleFileNameW
DisableThreadLibraryCalls
GetModuleFileNameA

api-ms-win-core-synch-l1-2-0

WakeByAddressAll
WaitOnAddress
Sleep
InitOnceExecuteOnce
InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-synch-l1-1-0

OpenEventW
InitializeCriticalSectionEx
ResetEvent
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
OpenSemaphoreW
InitializeSRWLock
InitializeCriticalSectionAndSpinCount
CreateMutexExW
CreateEventExW
SetEvent
ReleaseMutex
ReleaseSemaphore
EnterCriticalSection
AcquireSRWLockShared
CreateSemaphoreExW
ReleaseSRWLockShared
WaitForSingleObject
OpenMutexW
TryAcquireSRWLockShared
AcquireSRWLockExclusive
CreateEventW
DeleteCriticalSection
WaitForSingleObjectEx
InitializeCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
WaitForMultipleObjectsEx

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetLastError
RaiseException
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-winrt-string-l1-1-0

WindowsConcatString
WindowsCompareStringOrdinal
WindowsCreateStringReference
WindowsDeleteStringBuffer
WindowsDuplicateString
WindowsCreateString
WindowsSubstringWithSpecifiedLength
WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsDeleteString
WindowsStringHasEmbeddedNull
WindowsGetStringLen
WindowsPreallocateStringBuffer
WindowsPromoteStringBuffer

api-ms-win-core-com-l1-1-0

CreateStreamOnHGlobal
CoMarshalInterThreadInterfaceInStream
CoTaskMemRealloc
CoReleaseMarshalData
CoInitializeEx
CoUninitialize
CoCancelCall
CoEnableCallCancellation
CoDisableCallCancellation
CoWaitForMultipleHandles
CoGetInterfaceAndReleaseStream
CoGetCallerTID
CoIncrementMTAUsage
CoWaitForMultipleObjects
IIDFromString
CoGetObjectContext
CoGetApartmentType
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
StringFromCLSID
CoMarshalInterface
CoGetStdMarshalEx
CoCreateGuid
CoGetContextToken
CoGetMalloc
CoGetCallContext
CoDecrementMTAUsage
PropVariantClear
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance

api-ms-win-eventing-provider-l1-1-0

EventWrite
EventActivityIdControl
EventWriteTransfer
EventRegister
EventUnregister
EventProviderEnabled
EventSetInformation
EventEnabled

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolWork
CreateThreadpoolTimer
StartThreadpoolIo
CreateThreadpoolWork
DisassociateCurrentThreadFromCallback
CloseThreadpoolIo
CloseThreadpoolTimer
TrySubmitThreadpoolCallback
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolIoCallbacks
CloseThreadpoolWait
SetThreadpoolTimer
CreateThreadpoolWait
FreeLibraryWhenCallbackReturns
IsThreadpoolTimerSet
CancelThreadpoolIo
CreateThreadpoolIo
SubmitThreadpoolWork

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
OpenThreadToken
CreateThread
SetThreadPriority
ProcessIdToSessionId
GetThreadPriority
OpenProcessToken
GetCurrentProcess
TerminateProcess
GetCurrentThread
OpenThread
GetProcessId
GetCurrentProcessId
GetProcessTimes

api-ms-win-core-winrt-error-l1-1-0

RoFailFastWithErrorContext
RoOriginateError
RoTransformError
RoOriginateErrorW
GetRestrictedErrorInfo
SetRestrictedErrorInfo

api-ms-win-core-localization-l1-2-0

GetUserPreferredUILanguages
FormatMessageW
GetThreadUILanguage
GetLocaleInfoW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

GetProcessMitigationPolicy
OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetTickCount
GetVersionExW
GetSystemTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList

user32

GetIconInfo
CreateIconIndirect
GetAsyncKeyState
DrawIconEx
GetSysColor
SetCursor
LoadCursorW
GetClassLongW
SetFocus
LoadIconW
GetPropA
UnregisterHotKey
RegisterHotKey
SetMenuInfo
GetDC
GetClassLongPtrW
ReleaseDC
CopyIcon
GetClassInfoW
RegisterClassExW
DestroyIcon
GetMenuInfo
ChangeWindowMessageFilterEx
ord2521
GetMenuItemInfoW
SetMenuItemInfoW
CalculatePopupWindowPosition
CopyImage
ord2561
GetDpiForWindow
RegisterClassW
ord2630
ord2509
GetCursorInfo
DeleteMenu
RegisterTouchHitTestingWindow
GetPhysicalCursorPos
GetWindowCompositionInfo
ord2510
InternalGetWindowText
InsertMenuW
GetKeyState
DestroyMenu
ord2631
ord2632
GetMenuItemCount
TrackPopupMenu
GetWindowMinimizeRect
GetSystemMenu
CreateWindowExW
ord2540
ord2563
ord2629
ord2628
IsWindowArranged
ord2627
ord2537
ord2511
ord2556

msvcp_win

_Cnd_broadcast
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
_Xtime_get_ticks
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setf@ios_base@std@@QEAAHHH@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?flags@ios_base@std@@QEBAHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QEBA_NXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Winerror_message@std@@YAKKPEADK@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
_Query_perf_counter
_Query_perf_frequency
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
_Cnd_wait
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Cnd_destroy_in_situ
_Cnd_init_in_situ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Mtx_init_in_situ
_Mtx_destroy_in_situ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
?seekp@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@_JH@Z
?tellp@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_XGetLastError@std@@YAXXZ
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z

api-ms-win-core-sidebyside-l1-1-0

DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx

api-ms-win-core-registry-l1-1-0

RegDeleteValueW
RegDeleteTreeW
RegOpenCurrentUser
RegSetKeySecurity
RegGetKeySecurity
RegOpenKeyExW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
RegGetValueW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask
SHTaskPoolAllowThreadReuse
SHTaskPoolGetUniqueContext

ntdll

RtlPublishWnfStateData
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlSubscribeWnfStateChangeNotification
NtQueryInformationProcess
NtQueryInformationToken
RtlAllocateHeap
RtlFreeHeap
RtlUnsubscribeWnfStateChangeNotification
NtPowerInformation
RtlGetDeviceFamilyInfoEnum
RtlQueryTokenHostIdAsUlong64
NtSetInformationProcess
RtlNtStatusToDosError
RtlQueryWnfStateData
RtlInitUnicodeString
RtlGetAppContainerSidType
RtlNtStatusToDosErrorNoTeb
RtlCompareUnicodeString

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-shcore-obsolete-l1-1-0

CommandLineToArgvW
SHStrDupW

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids

api-ms-win-core-heap-l2-1-0

LocalFree
LocalReAlloc
LocalAlloc

api-ms-win-core-atoms-l1-1-0

GlobalAddAtomW
GlobalGetAtomNameW
GlobalDeleteAtom

api-ms-win-core-winrt-l1-1-0

RoUninitialize
RoGetActivationFactory
RoActivateInstance
RoInitialize

api-ms-win-core-file-l1-1-0

CreateFileW
GetFullPathNameW
FindClose
GetFileSize
ReadFile
GetFileAttributesW
CreateDirectoryW
GetLongPathNameW
GetFileAttributesExW
FindNextFileW
WriteFile
FindFirstFileExW
DeleteFileW
CompareFileTime

api-ms-win-core-realtime-l1-1-0

QueryProcessCycleTime
QueryUnbiasedInterruptTime

api-ms-win-core-quirks-l1-1-1

QuirkIsEnabledForPackage4

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte

api-ms-win-core-psapi-l1-1-0

K32GetModuleFileNameExW
QueryFullProcessImageNameW

api-ms-win-core-winrt-error-l1-1-1

RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo
RoOriginateLanguageException
IsErrorPropagationEnabled

oleaut32

VariantChangeType
SafeArrayPutElement
SysAllocString
VariantClear
SafeArrayGetDim
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysFreeString
VariantCopy
SafeArrayCreateVector
SysStringLen
VariantInit

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFindExtensionW
PathIsRelativeW
PathFindFileNameW
PathFileExistsW
PathGetDriveNumberW
SHExpandEnvironmentStringsW
PathIsFileSpecW
PathRemoveFileSpecW
PathCommonPrefixW

api-ms-win-core-url-l1-1-0

HashData
UrlUnescapeW
PathIsURLW

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo
GetSystemTimePreciseAsFileTime
VerSetConditionMask

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-debug-l1-1-1

CheckRemoteDebuggerPresent

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-registry-l2-1-0

RegOpenKeyW
RegCreateKeyW
RegEnumKeyW
RegDeleteKeyW

api-ms-win-shcore-sysinfo-l1-1-0

IsOS

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-shcore-stream-winrt-l1-1-0

CreateStreamOverRandomAccessStream
CreateRandomAccessStreamOverStream

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-kernel32-legacy-l1-1-0

PulseEvent

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
MakeAbsoluteSD
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
CopySid
CreateWellKnownSid
CheckTokenMembership
GetLengthSid

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-core-string-obsolete-l1-1-0

lstrlenW

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabledForPackage

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-oobe-notification-l1-1-0

RegisterWaitUntilOOBECompleted
UnregisterWaitUntilOOBECompleted
OOBEComplete

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-path-l1-1-0

PathCchRenameExtension
PathAllocCombine
PathCchCombine
PathCchAppend
PathCchRemoveFileSpec

api-ms-win-shcore-registry-l1-1-0

SHSetValueW
SHGetValueW
SHRegGetValueW

rpcrt4

UuidCreate

crypt32

CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptMsgGetParam
CertFindCertificateInStore

api-ms-win-security-cryptoapi-l1-1-0

CryptHashData
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptGetHashParam

api-ms-win-core-com-private-l1-2-0

InternalGetWindowPropInterface2

userenv

GetProfileType

wkscli

NetGetJoinInformation

netutils

NetApiBufferFree

api-ms-win-core-io-l1-1-0

CancelIoEx

api-ms-win-core-file-l2-1-0

ReOpenFile
GetFileInformationByHandleEx
ReadDirectoryChangesW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-rtcore-ntuser-private-l1-1-0

IsWindowInDestroy
CreateWindowInBand
CreateWindowInBandEx
GetWindowBand

api-ms-win-rtcore-ntuser-shell-l1-1-0

GetShellWindow

api-ms-win-dx-d3dkmt-l1-1-0

D3DKMTCheckOcclusion

api-ms-win-dwmapi-l1-1-0

DwmFlush

propsys

PropVariantToStringAlloc
PropVariantToInt32
VariantToBuffer
PSCreateMemoryPropertyStore
InitVariantFromDoubleArray
PropVariantToBoolean
InitVariantFromStringArray
PSPropertyBag_WriteStr
PropVariantToUInt32
PSGetPropertyFromPropertyStorage

api-ms-win-shell-namespace-l1-1-0

ILFindChild
ILGetSize
ILIsParent
SHBindToParent
ILClone
ILFindLastID
SHCreateItemFromParsingName
SHBindToFolderIDListParentEx
SHGetNameFromIDList
SHCreateItemFromIDList
SHParseDisplayName
ILIsEqual
SHGetIDListFromObject
ILCombine

api-ms-win-rtcore-ntuser-private-l1-1-4

ord2597

api-ms-win-rtcore-ntuser-wmpointer-l1-1-0

GetCurrentInputMessageSource
GetPointerInfo
GetPointerDeviceRects
GetPointerType
GetPointerDevices

api-ms-win-appmodel-runtime-l1-1-1

FindPackagesByPackageFamily

api-ms-win-rtcore-ntuser-private-l1-1-5

ord2616

api-ms-win-rtcore-ntuser-winevent-l1-1-0

NotifyWinEvent
SetWinEventHook
UnhookWinEvent

api-ms-win-gdi-dpiinfo-l1-1-0

GetCurrentDpiInfo

dwrite

DWriteCreateFactory

api-ms-win-rtcore-ntuser-private-l1-1-10

ord2546

api-ms-win-appmodel-runtime-l1-1-0

GetApplicationUserModelId
GetPackagesByPackageFamily

api-ms-win-storage-exports-internal-l1-1-0

SHGetKnownFolderIDList
DetermineFolderDestinationParentAppID
SHGetSpecialFolderLocation

shell32

ord524
ord155
SHChangeNotify
SHGetLocalizedName
SHGetPathFromIDListW
SHFileOperationW
SHGetPropertyStoreForWindow
ord727
ShellExecuteW
ord905
ShellExecuteExW
SHCreateItemInKnownFolder
SHAppBarMessage
ord723
ord901
SHGetStockIconInfo
DragQueryFileW
SHSetLocalizedName
SHRemoveLocalizedName
ord75
ord28
SHGetPathFromIDListEx
ord894
ord941
SHBindToFolderIDListParent
ord19
SHCreateItemWithParent

combase

ord167

api-ms-win-shlwapi-ie-l1-1-0

GUIDFromStringW
SHRegGetBoolValueFromHKCUHKLM

uxtheme

ord126

shcore

ord213
ord102
ord191
ord193
ord247
ord249
ord190
ord248
ord270
ord240
ord192
ord246

dcomp

DCompositionCreateDevice2
ord1046

wincorlib

?__abi_WinRTraiseObjectDisposedException@@YAXXZ
??0ChangedStateException@Platform@@QE$AAA@XZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?__abi_WinRTraiseFailureException@@YAXXZ
??0OutOfMemoryException@Platform@@QE$AAA@XZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
??0Delegate@Platform@@QE$AAA@XZ
??0OutOfBoundsException@Platform@@QE$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?__abi_FailFast@@YAXXZ
?ReCreateFromException@Details@Platform@@YAJPE$AAVException@2@@Z
??0FailureException@Platform@@QE$AAA@XZ
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
??0DisconnectedException@Platform@@QE$AAA@XZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
??0Object@Platform@@QE$AAA@XZ
??0NotImplementedException@Platform@@QE$AAA@XZ
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetCrackUrlW
InternetOpenW
InternetOpenUrlW

cdp

CDPShutdown
CDPGetUserActivitySettings
CDPInitialize

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-security-capability-l1-1-0

CapabilityCheck

api-ms-win-shcore-unicodeansi-l1-1-0

SHAnsiToUnicode
SHUnicodeToAnsi

api-ms-win-core-heap-obsolete-l1-1-0

GlobalLock
GlobalUnlock

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-appmodel-runtime-l1-1-3

GetStagedPackagePathByFullName2

api-ms-win-rtcore-ntuser-clipboard-l1-1-0

RegisterClipboardFormatW

api-ms-win-crt-math-l1-1-0

ceilf
floorf

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/unicodedata.pyd
.dll windows:6 windows x64 arch:x64

bb6f6d951dbdd290ecf382ca57459172

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:ce:a1:05:36:1e:b3:89:8a:41:82:00:32:a7:74:70:c5:37:86:59:d0:b9:b0:89:d5:75:d7:38:bb:1b:a7:fe
Signer

Actual PE Digest

79:ce:a1:05:36:1e:b3:89:8a:41:82:00:32:a7:74:70:c5:37:86:59:d0:b9:b0:89:d5:75:d7:38:bb:1b:a7:fe

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\unicodedata.pdb

Imports

python311

PyCapsule_GetPointer
PyUnicode_FromStringAndSize
PyModule_AddObjectRef
_Py_Dealloc
PyUnicode_FromString
_Py_FalseStruct
PyModule_AddStringConstant
PyModule_AddType
PyModule_Type
_PyUnicode_Ready
_Py_TrueStruct
_PyUnicode_ToDigit
PyModule_AddObject
PyMem_Realloc
PyUnicode_Compare
PyType_FromSpec
PyObject_GC_Track
PyModuleDef_Init
PyUnicode_FromKindAndData
PyErr_NoMemory
PyMem_Free
PyCapsule_New
PyObject_GC_Del
_PyObject_GC_New
PyMem_Malloc
PyType_IsSubtype
PyErr_Format
PyExc_ValueError
PyErr_SetString
_PyArg_BadArgument
_PyUnicode_ToDecimalDigit
_PyUnicode_ToNumeric
PyFloat_FromDouble
_Py_ctype_toupper
PyUnicode_FromOrdinal
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_GenericGetAttr
PyErr_Occurred
PyExc_KeyError
_PyArg_CheckPositional
PyOS_snprintf
PyUnicode_CompareWithASCIIString
_PyArg_Parse_SizeT

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit_unicodedata

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8c
Signer

Actual PE Digest

a7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8c

Digest Algorithm

sha256

PE Digest Matches

true

a7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8c
Signer

Actual PE Digest

a7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

f241ab269df0f49a166138f5cc16a017

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:da:66:63:55:a1:0a:07:a8:eb:3b:66:cb:9f:52:d5:da:bc:44:ef:48:e5:b5:d0:44:00:61:d0:4f:63:c7:c7
Signer

Actual PE Digest

be:da:66:63:55:a1:0a:07:a8:eb:3b:66:cb:9f:52:d5:da:bc:44:ef:48:e5:b5:d0:44:00:61:d0:4f:63:c7:c7

Digest Algorithm

sha256

PE Digest Matches

true

be:da:66:63:55:a1:0a:07:a8:eb:3b:66:cb:9f:52:d5:da:bc:44:ef:48:e5:b5:d0:44:00:61:d0:4f:63:c7:c7
Signer

Actual PE Digest

be:da:66:63:55:a1:0a:07:a8:eb:3b:66:cb:9f:52:d5:da:bc:44:ef:48:e5:b5:d0:44:00:61:d0:4f:63:c7:c7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__current_exception
__C_specific_handler
_local_unwind
memmove

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
GetLastError
DeleteCriticalSection
SetLastError

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/win32api.pyd
.dll windows:6 windows x64 arch:x64

2000df8846b8f315bdc5cce6da06b275

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32api.pdb

Imports

user32

ChangeDisplaySettingsW
GetCursorPos
SetCursorPos
ShowCursor
RegisterWindowMessageW
PostQuitMessage
PostThreadMessageW
SetCursor
mouse_event
ClipCursor
LoadCursorW
WinHelpW
GetSysColor
LoadKeyboardLayoutW
GetKeyboardLayout
GetKeyboardLayoutList
SetClassWord
ExitWindowsEx
GetKeyboardLayoutNameW
VkKeyScanW
SetSysColors
MapVirtualKeyExW
VkKeyScanExA
GetAsyncKeyState
GetKeyboardState
LoadStringW
VkKeyScanA
GetWindowLongPtrW
SetClassLongPtrW
MessageBeep
GetSystemMetrics
SendMessageW
SetWindowWord
ToAsciiEx
SetWindowLongPtrW
MessageBoxExW
keybd_event
GetFocus
MapVirtualKeyW
GetKeyState
EnumDisplaySettingsW
VkKeyScanExW
PostMessageW

advapi32

InitiateSystemShutdownW
RegNotifyChangeKeyValue
RegGetKeySecurity
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
AbortSystemShutdownW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
GetUserNameW
OpenThreadToken
LookupAccountSidW
RegEnumValueW
RegQueryValueExW
RegSetValueW
GetTokenInformation

shell32

DragQueryFileW
ShellExecuteW
DragFinish
CommandLineToArgvW
FindExecutableW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

python311

PyExc_SystemError
PyLong_FromLong
Py_BuildValue
_Py_NoneStruct
PyExc_WindowsError
PyErr_SetString
PyExc_ValueError
PyErr_Format
_Py_Dealloc
PyUnicode_AsUTF8
PyList_New
PyList_Append
PyObject_GenericSetAttr
PyExc_NotImplementedError
PyArg_ParseTupleAndKeywords
_Py_NewReference
PyExc_TypeError
PyArg_ParseTuple
PyExc_Exception
PyErr_SetObject
PyBool_FromLong
_Py_BuildValue_SizeT
PyLong_AsUnsignedLong
PyModule_AddIntConstant
PyBytes_AsString
PySequence_GetItem
PyErr_Occurred
PyEval_SaveThread
PyList_SetSlice
PyExc_MemoryError
PyLong_FromUnsignedLongLong
PyGILState_Release
PyTuple_New
PyDict_SetItemString
PyList_Size
PyUnicode_FromWideChar
PyLong_FromUnsignedLong
_PyArg_ParseTupleAndKeywords_SizeT
PyTuple_GetItem
PyModule_GetDict
_PyArg_ParseTuple_SizeT
PyLong_AsLong
PyUnicode_AsWideCharString
PyModule_Create2
PyType_Ready
PyErr_Clear
PyTuple_Size
PySequence_Check
PyMem_Free
PyTuple_SetItem
PyErr_NoMemory
PyObject_CallObject
PyBytes_FromStringAndSize
PyEval_RestoreThread
PySys_WriteStderr
PyObject_Call
PyUnicode_GetLength
PyThreadState_Swap
PyErr_Print
PyObject_GenericGetAttr
PyMem_Malloc
PyCallable_Check
PyObject_IsTrue
PyObject_IsSubclass
PyGILState_Ensure

pywintypes311

?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinThreadState_Ensure@@YAHXZ
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinThreadState_Free@@YAXXZ
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?len@PyWinBufferView@@QEAAKXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?ok@PyWinBufferView@@QEAA_NXZ
??1PyWinBufferView@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
?PyWinInterpreterLock_Acquire@@YAXXZ

kernel32

GetLogicalDrives
GetVolumeInformationW
SetConsoleCtrlHandler
SizeofResource
GetConsoleTitleW
GetEnvironmentVariableW
GetSystemPowerStatus
WriteProfileStringW
GetTempPathW
GetPrivateProfileSectionW
FindClose
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
SetThreadLocale
FindFirstFileW
SearchPathW
WritePrivateProfileStringW
CompareStringW
GetSystemDefaultLCID
SetLastError
GetProfileSectionW
SetLocalTime
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetStdHandle
EnumResourceTypesW
SetTimeZoneInformation
ExpandEnvironmentStringsW
GetShortPathNameW
GetDiskFreeSpaceW
GetPrivateProfileIntW
TerminateProcess
GetProfileIntW
GetUserDefaultLangID
GetModuleFileNameW
GetThreadLocale
SetEnvironmentVariableW
SetSystemTime
EnumResourceNamesW
GetStartupInfoW
DuplicateHandle
GetSystemDefaultLangID
FindFirstChangeNotificationW
OpenProcess
GetVersion
SetFileAttributesW
GetLogicalDriveStringsW
EndUpdateResourceW
GetPrivateProfileStringW
FormatMessageW
GetTimeZoneInformation
GetTickCount64
GetLastError
OutputDebugStringW
GetUserDefaultLCID
GetDiskFreeSpaceExW
GetCurrentThread
FindCloseChangeNotification
LockResource
DeleteFileW
CloseHandle
EnumResourceLanguagesW
GetSystemInfo
WriteProfileSectionW
LoadLibraryW
FindResourceExW
LoadResource
GetLocalTime
SetStdHandle
UpdateResourceW
FindNextChangeNotification
GetWindowsDirectoryW
Beep
GetProcAddress
LocalFree
GetTimeFormatW
MoveFileExW
GetComputerNameW
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
CopyFileW
GetProfileStringW
SleepEx
SetErrorMode
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualQuery
VirtualProtect
RaiseException
GenerateConsoleCtrlEvent
LoadLibraryExW
OpenThread
MoveFileW
SetConsoleTitleW
GetDateFormatW
DebugBreak
GlobalMemoryStatus
GetSystemTime
GetTempFileNameW
BeginUpdateResourceW
WritePrivateProfileSectionW
WinExec

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__current_exception
__current_exception_context
memset
_CxxThrowException
memcpy

api-ms-win-crt-convert-l1-1-0

_itow

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_at_quick_exit
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

?PyDISPLAY_DEVICEType@@3U_typeobject@@A
PyInit_win32api

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/win32kfull.sys
.sys windows:10 windows x64 arch:x64

bc6efc804032a9db906eca5711d38ab6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

win32kfull.pdb

Imports

ntoskrnl.exe

PsReferenceKernelStack
PsSetProcessWin32Process
PsGetProcessWin32Process
ExFreePoolWithTag
ExAllocatePoolWithTag
KeIsAttachedProcess
PsGetCurrentProcess
ObfReferenceObject
PsGetProcessSessionIdEx
PsDereferenceKernelStack
PsGetCurrentProcessId
ExEnterCriticalRegionAndAcquireFastMutexUnsafe
ExReleaseFastMutexUnsafeAndLeaveCriticalRegion
PsSetThreadWin32Thread
ExAcquireFastMutex
ExReleaseFastMutex
KeQueryTimeIncrement
RtlCompareUnicodeStrings
PsDetachSiloFromCurrentThread
ZwQueryInformationJobObject
PsAttachSiloToCurrentThread
PsGetHostSilo
PsIsCurrentThreadInServerSilo
MmUnloadSystemImage
MmLoadSystemImage
RtlFindExportedRoutineByName
KeResetEvent
InitializeSListHead
ExpInterlockedFlushSList
ZwQueryInformationThread
RtlCaptureStackBackTrace
ExAllocatePoolWithTagPriority
ExAllocatePoolWithQuotaTag
ExDeletePagedLookasideList
ExQueryDepthSList
ExpInterlockedPushEntrySList
ExpInterlockedPopEntrySList
ExInitializePagedLookasideList
RtlFindMostSignificantBit
IoBuildAsynchronousFsdRequest
IoQueueThreadIrp
ZwTerminateProcess
MmMapViewInSessionSpaceEx
ZwUnmapViewOfSection
PsGetCurrentThreadPreviousMode
LpcPortObjectType
ZwSecureConnectPort
PsDereferenceImpersonationToken
PsIsThreadImpersonating
RtlRandom
MmAddVerifierThunks
MmIsVerifierEnabled
wcsspn
wcscspn
wcstoul
iswdigit
RtlCreateRegistryKey
wcsstr
KeInitializeMutex
KeInitializeSemaphore
wcscat_s
RtlInitializeGenericTableAvl
RtlAppendStringToString
wcsncpy_s
wcscpy_s
RtlCreateUnicodeString
ZwSetInformationFile
ZwQueryVolumeInformationFile
IoSetThreadHardErrorMode
MmHighestUserAddress
RtlPrefixString
RtlInsertElementGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlEnumerateGenericTableAvl
RtlGetCurrentServiceSessionId
RtlEqualSid
PsDereferencePrimaryToken
SeQueryInformationToken
RtlClearBits
RtlSetBits
KeReleaseMutex
RtlCustomCPToUnicodeN
LdrResFindResourceDirectory
ZwDeleteFile
RtlGetDefaultCodePage
RtlInitCodePageTable
LdrResFindResource
RtlUnicodeToCustomCPN
ZwReadFile
KeReadStateEvent
RtlTimeToTimeFields
KeExpandKernelStackAndCallout
MmUnsecureVirtualMemory
MmSecureVirtualMemory
IoWriteErrorLogEntry
IoAllocateErrorLogEntry
strncmp
RtlNtStatusToDosErrorNoTeb
RtlUpcaseUnicodeString
swprintf_s
wcsnlen
wcsncmp
RtlLookupElementGenericTableAvl
RtlInitializeGenericTable
RtlDeleteElementGenericTable
RtlInsertElementGenericTable
KeExpandKernelStackAndCalloutEx
RtlLookupElementGenericTable
ObDuplicateObject
KeAreApcsDisabled
PsIsWin32KFilterAuditEnabled
PsIsWin32KFilterEnabled
DbgPrint
EtwWrite
ZwAlpcConnectPort
ZwQueryWnfStateNameInformation
EtwEventEnabled
ZwAlpcSendWaitReceivePort
ZwWaitForSingleObject
ZwOpenEvent
RtlWriteRegistryValue
NlsAnsiCodePage
ZwQueryInformationFile
IoCreateFile
KdDebuggerEnabled
ExAcquireSpinLockExclusive
ExAcquireSpinLockSharedAtDpcLevel
ExAcquireSpinLockShared
ExReleaseSpinLockShared
ExQueueWorkItem
ExReleaseSpinLockSharedFromDpcLevel
ExTryAcquirePushLockExclusiveEx
ExAllocateTimer
ExDeleteTimer
ExReleaseSpinLockExclusive
ExSetTimer
KeIsExecutingDpc
ZwCancelIoFile
IoSetDevicePropertyData
ZwFlushBuffersFile
ZwWriteFile
ExRawInputManagerObjectType
DbgPrintEx
ExGetSharedWaiterCount
ExGetExclusiveWaiterCount
MmCommitSessionMappedView
ZwSetInformationVirtualMemory
RtlGetThreadLangIdByIndex
PsGetCurrentThreadProcessId
KeUserModeCallback
RtlUnicodeToMultiByteSize
RtlMultiByteToUnicodeSize
RtlSetActiveConsoleId
RtlQueryRegistryValues
RtlSetConsoleSessionForegroundProcessId
RtlGetActiveConsoleId
PsSetProcessPriorityClass
PsGetProcessPriorityClass
PsSetProcessPriorityByClass
RtlGetNtProductType
IoGetDeviceProperty
PsGetProcessJob
ZwDeleteValueKey
DbgkWerCaptureLiveKernelDump
RtlInt64ToUnicodeString
PsReferenceImpersonationToken
qsort
PsGetProcessWow64Process
RtlCompareUnicodeString
RtlMultiByteToUnicodeN
IoGetStackLimits
ZwPowerInformation
SeImpersonateClientEx
KeInsertQueueApc
KeInitializeApc
ZwCreateFile
IoWMIRegistrationControl
MmGetSystemRoutineAddress
KeSetKernelStackSwapEnable
PsSetProcessFaultInformation
RtlGUIDFromString
RtlStringFromGUID
RtlFormatCurrentUserKeyPath
ZwDeviceIoControlFile
IoQueryDeviceDescription
PsIsWin32KFilterAuditEnabledForProcess
PsIsWin32KFilterEnabledForProcess
ZwAllocateReserveObject
RtlCapabilityCheck
SeTokenObjectType
ObfDereferenceObject
SeCreateClientSecurity
SeTokenType
RtlIntegerToUnicode
RtlIntegerToUnicodeString
PsGetJobUIRestrictionsClass
PsGetJobLock
PsJobType
PsGetProcessCreateTimeQuadPart
SeCaptureSecurityDescriptor
SeReleaseSecurityDescriptor
RtlUnicodeToMultiByteN
ZwQuerySystemInformation
ZwQueryLicenseValue
IoGetDevicePropertyData
RtlQueryPackageIdentity
EtwUnregister
EtwRegister
EtwSetInformation
sqrt
PsGetProcessWin32WindowStation
ExReleaseRundownProtection
RtlDestroyAtomTable
ObInsertObject
RtlCopySid
SeExports
ExAcquireRundownProtection
ObCreateObject
ZwOpenDirectoryObject
LpcRequestPort
KeSetCoalescableTimer
KeSetTimer
RtlAreAnyAccessesGranted
ZwSetSecurityObject
ZwDuplicateObject
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
ZwOpenProcess
KePulseEvent
PsIsSystemThread
ObFindHandleForObject
PsIsSystemProcess
MmCreateSection
ObDeleteCapturedInsertInfo
RtlDestroyHeap
ObOpenObjectByName
RtlMapGenericMask
ObCheckCreateObjectAccess
ZwSetInformationProcess
ObQueryNameString
RtlFindSetBits
RtlRandomEx
RtlClearAllBits
RtlInitializeBitMap
RtlFindClearBits
RtlSetBit
RtlClearBit
RtlTestBit
KeBugCheck
RtlIntegerToChar
RtlUnicodeStringToAnsiString
RtlAllocateHeap
PsGetProcessSequenceNumber
RtlGetNtSystemRoot
ZwQueryInformationProcess
PsWow64GetProcessMachine
KeSetPriorityThread
wcsrchr
PsReleaseProcessExitSynchronization
KeUnstackDetachProcess
KeStackAttachProcess
PsGetProcessPeb
PsAcquireProcessExitSynchronization
PsIsProtectedProcessLight
PsIsProtectedProcess
SeSinglePrivilegeCheck
MmUnmapViewOfSection
MmMapViewOfSection
ExRaiseStatus
_wcsnicmp
KeDetachProcess
KeAttachProcess
RtlFreeHeap
PsGetWin32KFilterSet
MmSystemRangeStart
PsGetThreadFreezeCount
RtlUnicodeStringToInteger
RtlFreeUnicodeString
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
PsIsThreadTerminating
ObWaitForSingleObject
PoRequestShutdownEvent
KeInitializeTimerEx
KeInitializeTimer
ZwSetSystemInformation
IoWMIQueryAllData
IoWMIOpenBlock
ZwFreeVirtualMemory
ZwAllocateVirtualMemory
KeReleaseSemaphore
ExReleaseResourceAndLeaveCriticalRegion
ExEnterCriticalRegionAndAcquireResourceExclusive
ZwSetEvent
ZwQueryObject
PsCreateSystemThread
ExRundownCompleted
ExWaitForRundownProtectionRelease
PoSetUserPresent
LpcSendWaitReceivePort
ZwUpdateWnfStateData
PsGetCurrentThreadWin32Thread
IoOpenDeviceRegistryKey
IoGetRelatedDeviceObject
IoFileObjectType
ZwOpenFile
IoBuildSynchronousFsdRequest
RtlCompareMemory
ProbeForWrite
ExRaiseAccessViolation
ObSetHandleAttributes
ObQueryNameInfo
ObGetObjectType
SeReleaseSubjectContext
SeUnlockSubjectContext
SePrivilegeObjectAuditAlarm
SePrivilegeCheck
SeLockSubjectContext
SeCaptureSubjectContext
RtlAreAllAccessesGranted
ExWindowStationObjectType
ObReferenceObjectByName
ZwQueryInformationToken
RtlEqualUnicodeString
RtlUnregisterFeatureConfigurationChangeNotification
RtlQueryFeatureConfigurationChangeStamp
RtlRegisterFeatureConfigurationChangeNotification
ExRaiseHardError
ZwQueryDefaultUILanguage
ZwSetDefaultUILanguage
ZwSetDefaultLocale
ZwQueryKey
ZwQueryDefaultLocale
ZwEnumerateKey
ZwEnumerateValueKey
_wcsicmp
RtlGetIntegerAtom
MmUnmapViewInSessionSpace
MmMapViewInSessionSpace
ZwOpenSection
ZwCreateSection
ZwFlushKey
ExAcquirePushLockSharedEx
ExReleasePushLockSharedEx
PsGetThreadTeb
RtlNtStatusToDosError
ObWaitForMultipleObjects
ZwSetIoCompletionEx
ZwRemoveIoCompletionEx
ZwAssociateWaitCompletionPacket
ZwCancelWaitCompletionPacket
ProbeForRead
ExRaiseDatatypeMisalignment
KeDelayExecutionThread
PsThreadType
PsProcessType
SeSecurityAttributePresent
RtlInitUnicodeStringEx
RtlAnsiStringToUnicodeString
PsGetThreadProcess
PsGetProcessImageFileName
RtlInitAnsiString
ObCloseHandle
ExDesktopObjectType
ObReferenceObjectByPointer
ExEventObjectType
ObReferenceObjectByHandle
PsGetProcessExitProcessCalled
PsGetCurrentProcessWow64Process
KeSetEvent
ExIsResourceAcquiredExclusiveLite
ExIsResourceAcquiredSharedLite
KeWaitForMultipleObjects
PsGetProcessCommonJob
KeClearEvent
PsLookupThreadByThreadId
PsGetThreadSessionId
SeQueryAuthenticationIdToken
PsReferencePrimaryToken
PsGetProcessInheritedFromUniqueProcessId
PsGetThreadProcessId
KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
IoGetDeviceObjectPointer
PsReleaseProcessWakeCounter
PsChargeProcessWakeCounter
PsLookupProcessByProcessId
PsGetProcessSessionId
PsGetProcessDebugPort
ExQueryFastCacheDevLicense
SeIsParentOfChildAppContainer
PsGetCurrentProcessWin32Process
PsGetThreadId
_purecall
PsGetProcessId
ExReleasePushLockExclusiveEx
KeLeaveCriticalRegion
KeEnterCriticalRegion
ExAcquirePushLockExclusiveEx
EtwActivityIdControl
EtwWriteTransfer
RtlNotifyFeatureUsage
RtlQueryFeatureConfiguration
ZwQueryWnfStateData
PsUpdateComponentPower
PsGetCurrentThreadId
RtlWalkFrameChain
MmUserProbeAddress
__C_specific_handler
NtClose
ZwCreateEvent
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
RtlInitializeSid
RtlSubAuthoritySid
RtlLengthRequiredSid
ZwSetValueKey
ZwCreateKey
RtlCopyUnicodeString
ZwClose
ZwOpenKey
RtlInitUnicodeString
ZwQueryValueKey
wcschr
_vsnwprintf
MmSectionObjectType
ObOpenObjectByPointer
KeBugCheckEx
PsSetProcessWindowStation
PsGetCurrentThreadProcess
RtlQueryElevationFlags
PsGetThreadWin32Thread
strcmp

msrpc.sys

Ndr64AsyncClientCall
RpcBindingUnbind
RpcBindingFree
I_RpcGetCompleteAndFreeRoutine
RpcBindingCopy
I_RpcExceptionFilter
RpcBindingBind
RpcAsyncInitializeHandle
RpcBindingCreateW

hidparse.sys

HidP_GetCaps
HidP_GetUsageValue
HidP_SetUsageValueArray
HidP_GetUsages
HidP_MaxUsageListLength
HidP_SetUsages
HidP_GetSpecificButtonCaps
HidP_SetUsageValue
HidP_GetSpecificValueCaps
HidP_GetLinkCollectionNodes
HidP_GetScaledUsageValue
HidP_GetValueCaps
HidP_GetUsageValueArray

cng.sys

BCryptOpenAlgorithmProvider
BCryptVerifySignature
BCryptGetProperty
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptCloseAlgorithmProvider
BCryptDestroyKey
BCryptImportKeyPair
SystemPrng
BCryptDestroyHash

wpprecorder.sys

imp_WppRecorderLogCreate
imp_WppRecorderConfigure
WppAutoLogStop
WppAutoLogStart
imp_WppRecorderReplay
WppAutoLogTrace
imp_WppRecorderLogDelete

win32kbase.sys

gnRetryReadInput
?PopulateCustomDispatcherObjectsArray@LegacyInputDispatcher@@UEAAJIPEAPEAX@Z
?RegisterInputDispatcherObjects@LegacyInputDispatcher@@UEAAJPEAXIPEAUInputDispatcherObject@@@Z
hCreateKernelEvent
CreateKernelSemaphore
?CreateSessionGlobal@CInputManager@@SAJXZ
?DestroySessionGlobal@CInputManager@@SAXXZ
EtwTraceDitWaitForRitDisEngagement
EtwTraceDITResolveDCompInputHandleToHwnd
DCompHitTest
?getDLT@DLT_DESKTOP@@SA?AW4DomainLockType@@XZ
?SetPointerVisualization@CTouchProcessor@@QEAAHGHPEAHH@Z
_GetAsyncKeyState
?GetPointerVisualization@CTouchProcessor@@QEAAHGPEAH@Z
?GetPointerBarrelVisualization@CTouchProcessor@@QEAAHG@Z
?SetPointerBarrelVisualization@CTouchProcessor@@QEAAXGH@Z
EtwTraceContactVisualizationInfo
?GetContactVisualizationPointerEventInt@CTouchProcessor@@QEAAPEBUtagPOINTEREVENTINT@@PEAXPEAH@Z
GetWorkspaceId
EtwTraceContactVisualizationDown
EtwTraceContactVisualizationUp
UpdateGlobalCursorOwner
??0CInputDest@@QEAA@AEBUtagINPUTDEST@@@Z
??1CInputDest@@QEAA@XZ
WinSqmIncrementDWORD
HMDestroyObject
ForceUpdatePointerDeviceSystemMetrics
RIMRemoveInjectionDevice
RIMInjectInput
gliQpcFreq
gpWin32kDriverObject
EtwTracePseudoDevCreationStart
?GetKernelHandleToRimObj@CHidInput@@QEAAJPEAPEAX@Z
RIMGetVirtualDesktopPhysicalSize
RIMAddInjectionDeviceOfType
EtwTracePseudoDevCreationStop
?LockShared@CInpPushLock@@QEAAXXZ
?TmpGetLock@CBaseInput@@QEAAAEAUCInpPushLock@@XZ
?UnLockShared@CInpPushLock@@QEAAXXZ
EtwTraceDitDisEngaged
gpIOCPDispatcher
EtwTraceDitEngaged
EtwTraceRitReEngaged
gcachedCaptions
gpai
gatomMiPFlags
gMiPTracking
IsMiPMouseMessage
?GetFrameIdFromPointerMsgId@CTouchProcessor@@QEAAK_K@Z
EtwTraceBeginDelegatedInputWorker
EtwTraceEndDelegatedInputWorker
RIMQpcCountToMilliSecs
HandleDeferredInput
?ReferenceAndThreadLock@CRefUnRefPointerMsgId@@QEAAXXZ
?LockExclusive@CInpLockGuard@@QEAAXXZ
?GetTouchProcessorLock@CTouchProcessor@@QEAAAEAUCInpLockGuard@@XZ
?UnLock@CInpLockGuard@@QEAAXXZ
?ThreadUnlockAndUnReference@CRefUnRefPointerMsgId@@QEAAXXZ
EtwTraceMessageCheckDelay
gdwMDAQThreshold
gdwMDAQTimeoutDefenseInDepth
EtwTraceEndAppMessageProcessing
EtwTraceBeginAppMessageProcessing
gpdeskRecalcQueueAttach
EtwTraceInputQueueNoRemoveLocker
??0CMultiPerObjectLockExclusivePpiPtiQ@@QEAA@PEAUtagTHREADINFO@@@Z
??1CMultiPerObjectLockExclusivePpiPtiQ@@QEAA@XZ
EtwTraceBeginDelegateInputCallback
EtwTraceEndDelegateInputCallback
PostUpdateKeyStateEvent
HMChangeOwnerThread
EtwTraceWakePump
gspwndInternalCapture
MouseButtonToPointerFlags
gppiStarting
GetCoalesceableMouseMessage
?MarkPointerMessageGenerated@CTouchProcessor@@QEAAXI_JHPEAX@Z
IsGenuineMouseInput
?GetLastInputType@CInputGlobals@@QEBA?AW4_LINP_SOURCE@@XZ
GetNextFrameId
GetPointerFlagsFromMouse
?MarkLastInputAsJournalling@CInputGlobals@@QEAAXXZ
PostPendingMouseMove
EtwTraceInputProcessDelay
UpdateKeyStateForMessage
EtwTraceInputQueueLockedPeekRecursion
EtwTraceInputQueueLocked
DeferSysPeekMsg
ShouldDeferMessage
EtwTraceRetrieveQueueEventMessage
?unlock@CMultiPerObjectLockExclusivePpiPtiQ@@QEAAXXZ
?lock@CMultiPerObjectLockExclusivePpiPtiQ@@QEAAXXZ
MiPCheckMsgFilter
EtwTraceUIPIMsgError
IsMessageInputSourceTouch
IsMessageInputSourcePen
gbClientDoubleClickSupport
gdtDblClk
gfInNumpadHexInput
EtwTraceBeginPointerMessageRetrieve
EtwTraceEndPointerMessageRetrieve
EtwTraceRetrieveInputMessage
RIMWatchDog
gPowerState
EtwTraceIdleStatus
giPowerOffTimeOutMs
?GetGlobalTickCount@CInputGlobals@@QEBA_KW4INPUT_GLOBALS_TICK_COUNT@@@Z
?GetLastInputTime@CInputGlobals@@QEBA_KXZ
PowerIsDisplayRequired
EtwTraceIdleActionExpiration
?UpdateGlobalTickCount@CInputGlobals@@QEAA_NW4INPUT_GLOBALS_TICK_COUNT@@@Z
PowerIsDisplayIdleExpired
giPowerSessionActivityTimeOutMs
giDimTimeOutMs
gbManualDimTimeOut
PowerIsDisplayBurstActive
EtwTraceWakeInputIdle
EtwTraceSleepInputIdle
zzzDestroyQueue
AllocQueue
RecalculateQueueInfo
?getDLT@DLT_POST@@SA?AW4DomainLockType@@XZ
HMDestroyUnlockedObject
gdwIMEOpenStatus
xxxInternalActivateKeyboardLayout
psTcb
SharedAlloc
UserAddAtomEx
ghSectionShared
gpvSharedAlloc
gpvSharedBase
?s_atom@CHwndTargetProp@@2GA
szCOMPOSITIONINPUTQUEUE_NAME
guiActivateShellWindow
UserAddAtom
szMIPFLAGS
gatomLastPinned
gInputSinkInfoRetrieval
GrePtInRegion
GreGetScaledLogPixels
DrvIsUniformSpaceMapping
GreGetRegionData
GreCreateRectRgn
GreCreateRectRgnIndirect
GreExtCreateRegion
GreIncrementDisplaySettingsUniqueness
IsKeyboardDelegationEnabledForThread
IsRestricted
EtwTraceUIPIHookError
SetHardwareInputSource
GetSavedCursorPosition
gppiUserApiHook
gppiDManipHook
InternalMapVirtualKeyEx
GreMarkUndeletableBitmap
GreMarkDeletableBitmap
UserPostNKAPCBuffer
GreIsRendering
EtwTraceWindowRenderingOldToNewRedirectionBitmap
GreIsDynamicModeChangeLocked
GreLockVisRgnWithDmcLockAcquiredEx
GreUnlockVisRgnWithDmcLockAcquiredEx
_GetDCEx
_ReleaseDC
gfade
GreCleanDC
GreSetLayout
GreSelectPen
UserIsRemoteAndNotDisconnectConnection
gMagnContext
gbValidateHandleForIL
GreLockVisRgnShared
UserSetDCVisRgn
GreMarkDeletableRgn
GreLockVisRgnPublish
GreUnlockVisRgnPublish
GreGetDCOrg
LookupDC
gatomFirstPinned
UserFindAtom
LockObjectAssignment
DestroyCacheDC
?gpUserTypeIsolation@@3PEAPEAEEA
gbDesktopLocked
?PopulateDispatcherObjectWithCustomInputEvents@CBaseInput@@QEAAJAEAVCEventBitmap@@PEAVIRegisterInputDispatcherObjects@@@Z
?WaitForMessagesOrCustomInputEventsAndDispatch@LegacyInputDispatcher@@QEAAJXZ
gpkdiStatic
GetSynthesizedContainerMouseInputEvent
ChildProcessRootSynthesizedMouseInput
_GetDC
gdwNOIOSectionSize
gdwDesktopSectionSize
?gCookie@@3_KA
GetProcessLuid
CreateDesktopObObject
DesktopMapping
CreateEmptyRgnPublic
gpEventDiconnectDesktop
UserCreateHeap
EtwTracexxxUserResetDisplayDeviceBegin
EtwTracexxxUserResetDisplayDeviceEnd
CitDesktopSwitch
GreSuspendDirectDraw
GreResumeDirectDraw
GreDeleteDC
GreCreateDisplayDC
gfIsFadingInProgress
EnterHandleFlagsCrit
LeaveHandleFlagsCrit
szWindowStationDirectory
AllocAce
CreateSecurityDescriptor
SetSwapMouseButton
gpDpiKernelModeMetricsMRUNode
gpDpiKernelModeMetricsCache
gppiList
EtwTraceUIPIEventHookError
gPendingNotifiesList
gpWinEventHooks
gKeyboardInfo
RegisterCoreMsgProviderPreferences
gfsSASModifiersDown
gPlatformRole
?EnumDevices@CBaseInput@@QEBAXPEAXP6A_NQEAUDEVICEINFO@@0@Z@Z
xxxDisplayDiagBlackScreenDetected
RIMGetLastInvertedPenTime
CancelCapturedMipOverride
gTimerHashTable
gTimerId
EtwTraceKillTimer
EtwTraceTimerDelayStatistics
EtwTraceInternalSetTimer
gcmsLastTimer
HMUnlockObjectWorker
HMLockObjectWorker
ThreadUnlockWorker1
EtwTraceTimerProc
_HMPheFromObjectWorker
gtmrAdjustmentListHead
?getDLT@DLT_HANDLEMANAGER@@SA?AW4DomainLockType@@XZ
gbInDestroyHandleTableObjects
HMChangeOwnerProcessWorker
UserGetAtomName
_HMPkheFromObject
_CloseWindowStation
CreateGlobalAtomTable
ApplySecurityAttributesToWinsta
xxxSafeLoadKeyboardLayoutEx
CitUserChange
UserIsDisconnectConnection
EtwTraceBeginTranslateMessage
EtwTraceEndTranslateMessage
EtwTraceBeginDispatchMessage
EtwTraceEndDispatchMessage
UserIsConsoleConnection
RIMFindMonitorForDigitizer
ReadPointerDeviceSettings
SetTouchInputStatus
RIMResetPointerDevices
RIMEndAllActiveContacts
DrvGetHdevName
DrvEnumDisplayDevices
WinSqmAddToStreamEx
EtwTraceTHQAStart
EtwTraceTHQAStop
ResolveMouseOrPointerDevice
UserEnterUserCritSec
UserLeaveUserCritSec
IsPrecisionTouchPadEnabled
RIMRevokeConfigurationChange
?OnUserLogin@PTPTelemetry@@SAXXZ
EtwTraceBeginPointerSetTargetWindows
?SetPointerFrameTargetWindows@CTouchProcessor@@QEAAHPEAUtagTHREADINFO@@_KIPEAH@Z
EtwTraceEndPointerSetTargetWindows
?GetPointerMessageInfo@CTouchProcessor@@QEAAH_KHPEAPEAUHWND__@@PEAH2PEAKPEAI@Z
?AdjustCaptureOnRetrieval@CTouchProcessor@@QEAAXUtagINPUTDEST@@I_KHHHHI@Z
?UpdatePointerInfoTarget@CTouchProcessor@@QEAAH_KUtagINPUTDEST@@HHPEAUtagPOINT@@2@Z
?AddThreadPointerData@CTouchProcessor@@QEAAHPEAUtagTHREADINPUTPOINTERLIST@@GK_KIUtagINPUTDEST@@H@Z
?AddThreadPointerHookData@CTouchProcessor@@QEAAHPEAUtagTHREADINPUTPOINTERLIST@@GK_KIUtagINPUTDEST@@@Z
?UnreferenceMsgDataExternal@CTouchProcessor@@QEAAX_KW4tagPOINTERMSGDATA_REFTYPE@@PEAX@Z
?UpdateThreadPointerList@CTouchProcessor@@QEAAXPEAUtagTHREADINPUTPOINTERLIST@@G@Z
?IsPointerMsgRedirected@CTouchProcessor@@QEAAH_KPEAH@Z
?DelegateImplictCaptureAndReleaseIfNeeded@CTouchProcessor@@QEAAX_K@Z
?PromotePointerDataToMouse@CTouchProcessor@@QEAAH_KK@Z
?Close@IOCPDispatcher@@QEAAX_N@Z
IOCPDispatcher_Destroy
?RegisterThreadDispatcherObject@IOCPDispatcher@@QEAAXPEAX@Z
gbDITInHitTest
gbNoMoreDITHitTest
gcDITHitTestWaiters
gpsemDITHitTestWaiters
EtwTraceDitShutdown
ExecuteMarshaledInterceptRequest
?BreakEditionParentNotifyLoop@CTouchProcessor@@QEAAHPEAX@Z
?CancelActivePointers@CTouchProcessor@@QEAAXXZ
?DoDeferredPointerActivate@CTouchProcessor@@QEAAXUtagINPUTDEST@@_K@Z
?ReferenceMsgDataExternal@CTouchProcessor@@QEAAX_KW4tagPOINTERMSGDATA_REFTYPE@@PEAX@Z
?GetThreadPointerData@CTouchProcessor@@QEAA_KPEAUtagTHREADINPUTPOINTERLIST@@GPEAKPEAHPEAPEAUHWND__@@@Z
?IsPointerPrimary@CTouchProcessor@@QEAAH_K@Z
GetAdjustedPointerPixelLocation
?PrepareMakePointerMessage@CTouchProcessor@@QEAAPEBUtagPOINTER_INFO@@_KPEAUtagPOINT@@PEAH22@Z
?GetHwndReference@CTouchProcessor@@QEAAPEAUHWND__@@_KPEAGPEAI@Z
?IsPointerWindowFrameMessage@CTouchProcessor@@QEAAH_KPEAUHWND__@@I_JH@Z
GetAdjustedPointerLocations
?IsPointerMessageTouchpad@CTouchProcessor@@QEAAHPEAUtagTHREADINFO@@_KG@Z
?GetPointerCapture@CTouchProcessor@@QEAAX_KHPEAPEAXPEAH@Z
?GetPointerDownFrame@CTouchProcessor@@QEAAK_K@Z
?SetPointerInfoNodeFlagFromEdition@CTouchProcessor@@QEAAHKGI@Z
?NotifyCaptureChangedIfCaptured@CTouchProcessor@@QEAAPEAUtagINPUTDEST@@_KPEAU2@@Z
?DelegateCapture@CTouchProcessor@@QEAA?AUtagINPUTDEST@@GKH@Z
?DelegateCoalescePointerMessage@CTouchProcessor@@QEAAH_KHHHI@Z
_GetKeyState
EtwTraceTransformAgeDecay
?UnlockAndRelease@CInputSink@@QEBA_NXZ
?LockForRead@CompositionInputObject@@QEBAJPEAPEBVCInputSink@@@Z
EtwTraceOnInputXformUpdate
?Release@CompositionObject@@QEBA_JXZ
?ResolveHandle@CompositionInputObject@@KAJPEAXKDPEAPEAU1@@Z
gklpBootTime
gafRawKeyState
gfKanaToggle
UpdateKeyLights
?getDLT@DLT_ASYNCKEYSTATE@@SA?AW4DomainLockType@@XZ
gptiTSRequest
xxxRemoteConnect
ValidateHdesk
TransformPointBetweenCoordinateSpaces
GreGetHandleCount
GreGetPeakHandleCount
giheCount
giheCountPeak
gpwpiFirstWow
EtwTraceUiAuditWriteClipboard
EtwTraceUiLimitWriteClipboard
EtwTraceAuditApiSetWindowsHookEx
EtwTraceAuditApiSetWinEventHook
ValidateHmenu
EtwTraceUiAuditReadClipboard
GreIsValidRegion
GreLockRegion
GreUnlockRegion
UserUnsafeIsCurrentProcessDwm
GreGetRgnBox
ValidateHwinsta
ValidateHandleSecure
ValidatePwndDesktop
gpJobsList
_GetKeyNameText
??0CHMRefHwndByHandle@@QEAA@PEAUHWND__@@_N111@Z
??1CHMRefHwndByHandle@@QEAA@XZ
?bValid@CHMRefHwndByHandle@@QEBA_NXZ
?rpwnd@CHMRefHwndByHandle@@QEBAPEAUtagWND@@XZ
RIMFillDeviceHealthInfo
EtwTraceAuditApiRegisterRawInputDevices
gpRemoteSessionOcclusionEvent
gbFreezeScreenUpdates
CreateSharedSystemVisualObject
?CreateHandle@CompositionObject@@QEBAJK_NDPEAPEAX@Z
GreLockDwmState
GreUnlockDwmState
EtwTraceUIPIClipboardError
GuessMonitorOverrideForCoordinateConversions
EtwTracePostInjectedGestureMessage
IsPointerDeviceAccessible
RIMGetPointerDeviceProperties
CleanupInputDelegation
UserSessionSwitchEnterCrit
InputExtensibilityCalloutGuard
EtwTraceTouchInjectionStart
EtwTraceTouchInjectionStop
RIMRegisterForInputWithCallbacks
?getDLT@DLT_JOB@@SA?AW4DomainLockType@@XZ
AddEdgePalmRejectionZone
RemoveAllEdgePalmRejectionZonesForDevice
InitScancodeMap
_GetKeyboardLayout
UnlockQueue
GetKeyboardInputRoutingPolicy
?ForwardInputToISM@CKeyboardProcessor@@SAX_NGGGPEAXK0_KPEAU_KEYBOARD_VIRTUAL_DEVICE_INFO@@@Z
gklp
giosbKbdControl
gktp
gdwUpdateKeyboard
gpKL
gpKbdNlsTbl
VKFromVSC
ausNumPadCvt
xxxProcessKeyEvent
NlsKbdSendIMENotificationBase
?GetPointerInfo@CTouchProcessor@@QEAAPEBUtagPOINTER_INFO@@PEBUCPointerInputFrame@@K@Z
?GetInstance@CInertiaManager@@SAPEAV1@XZ
?QueryInertia@CInertiaManager@@QEBAPEBUINERTIA_INFO_INTERNAL@@UtagPOINT@@W4INERTIA_SOURCE@@@Z
?InertiaSourceFromPointerType@CInertiaManager@@SA?AW4INERTIA_SOURCE@@K@Z
?AdjustEdgyFrameInputDest@CTouchProcessor@@QEAAXPEAXUtagINPUTDEST@@@Z
EtwTraceEdgyDetectionStart
EtwTraceEdgyDetectionStop
?UnreferenceUndispatchedFrame@CTouchProcessor@@QEAAXPEAU_LIST_ENTRY@@@Z
?CleanupManipulationThreadData@CTouchProcessor@@QEAAXXZ
?GetThreadsWithPKL@@YAIPEAPEAPEAUtagTHREADINFO@@PEAU_TL@@PEAUtagKL@@@Z
ValidateKbdNLSTable
gNestedWindowLimit
szNull
ReadPointerDeviceCfgDWORDSetting
GetDWORDSettingValues
WriteSettingValues
GetTouchTimeFromCPLValue
gTouchPadParameters
IsCapturedBySystem
gpMonitorCached
GreRectInRegion
gbRemoteFxSession
?SetClip@CCursorClip@@QEAAXUtagRECT@@@Z
?EnableSpeedBump@CCursorClip@@QEAAX_N@Z
gpevtPTPOperation
gpresPTPEventQueue
?gTPTelemState@Usage@PTPTelemetry@@2UtagTPTELEMSTATE@@A
SynthesizeMouseInputWithNextPreview
GetCurrentKbdTables
gAapState
gTPThresholds
?EnvironmentChanged@CPTPProcessor@@SAXXZ
EtwTraceTouchPadAAP
?OpenDwmHandle@CompositionObject@@QEBAJPEAPEAX@Z
IsInputProcessingActivated
TouchTargetingEnabledForInput
EtwTraceTouchTargetingSpeedHitTestStart
_GetDeviceRects
_SetHimetricToPixelRatio
EtwTraceTouchTargetingOffset
EtwTraceTouchTargetingPointerEvent
WinSqmAddToAverageDWORD
EtwTraceTouchTargetingPointerTargetStart
EtwTraceTouchTargetingPointerTargetStop
EtwTraceTouchTargetingWindowHitTestStart
EtwTraceTouchTargetingWindowHitTestStop
gpresDitCompositionInputSinkQuery
gcDITLuidHitTestWaiters
gpsemDITLuidHitTestWaiters
HasCapture
CheckIntegrityAccessToCapture
gpRemoteBeepDevice
ghrgnSCR
ghrgnSPB2
ghrgnSPB1
gptiLockUpdate
GreIsVisRgnPublishLocked
GreSetPaletteOwner
Win32AllocPagedLookasideList
EtwTraceBeginSendMessage
EtwTraceEndSendMessage
EtwTraceConvertTimeOutToBlocking
EtwTraceBeginRetrieveSendMessage
EtwTraceEndRetrieveSendMessage
gSqmSession
WinSqmIsOptedIn
WinSqmAddToStream
FastGetProfileStringW
DrvQueryMDEVPowerState
SafeDisableMDEV
DestroyMonitorDCs
gbGDIOn
DrvDxgkLogCodePointPacket
DrvSetMDEVPowerState
gulDelayedSwitchAction
gbFullScreen
EtwTracePowerOnGdiBegin
SafeEnableMDEV
EtwTracePowerOnGdiEnd
EnterRenderBlock
EnterSharedRenderCrit
LeaveRenderBlock
LeaveRenderCrit
gfSessionSwitchBlock
DrvSetMonitorPowerState
EtwTraceChangeDisplayModeBroadcast
HMUnlockDestroyObject
GreCreatePalette
gpClipFormatExceptionList
DCompositionCreateSynchronizationObject
IsDwmApiPortRegistered
UnlockUpdatesForDwm
UserIsWddmConnectedSession
_GetPrecisionTouchPadConfiguration
AccessPTPEnabledStatus
gPTPEnabled
RIMFindConfigDeviceForInput
RIMUnRevokeConfigurationChange
EnablePTPDevices
EtwTraceLegacyTouchPadDetected
EtwTraceTouchPadWhiteListDeviceDetected
gpopupMenu
GreCleanDCAndSetOwnerEx
ShouldSetNoOwner
?LockInitialize@tagObjLock@@QEBAXXZ
CreateCacheDC
HandleFullWindowDestruction
ReleaseCacheDC
DeleteProperties
?LockUnInitializeThreadCreator@tagObjLock@@QEBAXXZ
g_hbmDesktopPattern

dxgkrnl.sys

DxgkReleaseCompositionObjectReference
DxgkOpenDwmHandleForCompositionObjectReference
DxgkReferenceCompositionObject

hal

KeQueryPerformanceCounter

watchdog.sys

WdLogNewEntry5_WdWarning
WdLogEvent5_WdAssertion
WdLogNewEntry5_WdAssertion
WdLogEvent5_WdTrace
WdLogNewEntry5_WdTrace
WdLogEvent5_WdEvent
WdLogNewEntry5_WdEvent
WdLogEvent5_WdWarning

Exports

Exports

AddMagnificationOutputTransform
AdjustLinearity
AllocateCvr
AllocateW32Process
ApplyGatheredDeviceInfoSummaryInformation
ApplyMagInputTransform
AutoRotationUpdateRegistry
BRUSHOBJ_hGetColorTransform
BRUSHOBJ_pvAllocRbrush
BRUSHOBJ_pvGetRbrush
BRUSHOBJ_ulGetBrushColor
BuildHwndList
CLIPOBJ_GetRgn
CLIPOBJ_bEnum
CLIPOBJ_cEnumStart
CLIPOBJ_ppoGetPath
CacheRotationInfo
CalcVisRgn
CalcWindowsFullScreen
CanForceForeground
CheckAllowForeground
CheckAndProcessSurfaceComplete
CheckCursorClipAccess
CheckSessionPoolAllocations
CheckWinstaAttributeAccess
CheckupHidLeak
CitGetWindowInfo
CleanupDesktopsMonitorsAndWindowsSnapShot
CleanupDwmInputProcessing
CleanupFeedbackData
CleanupHLSURF
CleanupHidRequestList
CleanupIAMAccess
CleanupInjectedTouchProcess
CleanupMediaChange
CleanupModuleAllocations
CleanupOEMBitmaps
CleanupPlaySound
CleanupW32ThreadLocks
ClearDelegationCapture
ClientCallDitThread
CreateBitmapStrip
CreateInputContext
CreatePhysicalMonitorWrap
CreateSetupNameArray
DCELogicalSpeedTopLevelHitTest
DCompSessionInitialize
DDCCICleanUpWrap
DDCCIInitializeWrap
DEVICE_PFTOBJ_pPFFGetWrap
DEVLOCKOBJ_bDisposeTrgDcoWrap
DEVLOCKOBJ_bPrepareTrgDcoWrap
DbgValidateHooks
DeleteFadeSprite
DeleteHrgnClip
DereferenceClass
DesktopAlloc
DesktopOpenProcedure
DestroyDpiMetricsCache
DestroyEventHook
DestroyInputHangInfo
DestroyPhysicalMonitor
DestroyProcessHidRequests
DestroyProcessInfoEditionRundown
DestroyProcessesClasses
DestroySMWP
DestroyTask
DestroyThreadHidObjects
DestroyThreadsHotKeys
DestroyThreadsMessages
DestroyThreadsTimers
DestroyUnlockedCursor
DestroyWindowStation
DisableUserkTraceLogging
DispBrokerGetCurrentModeImpl
DllUnload
DoPrediction
DoesPointerHaveSingleCursor
DrvRealizeHalftonePaletteWrap
DwmAsyncNotifyDigitizerActiveContactsWrap
DwmAsyncNotifyDisplayModeChange
DwmAsyncNotifySessionConnected
DwmAsyncRegisterSharedThumbnailVisualApiExt
DwmAsyncRegisterSharedVirtualDesktopVisual
DwmAsyncSetChildRootVisual
DwmDestroyDeviceSpecificResources
DwmSyncFlushForceRenderAndWaitForBatch
DxgkEngAccumD3DPresentBounds
DxgkEngAcquireStableSprite
DxgkEngAcquireStableVisRgn
DxgkEngAddRedirBitmapD3DDirtyRgn
DxgkEngBltViaGDI
DxgkEngColorFillViaGDI
DxgkEngDetectGDIPath
DxgkEngGetClientRect
DxgkEngGetDC
DxgkEngGetRedirBitmapSharedHandle
DxgkEngGetRemoteDeviceCount
DxgkEngGetRgnData
DxgkEngGetWindowRect
DxgkEngIsDwmProcess
DxgkEngIsRedirectionDC
DxgkEngLockVisRgn
DxgkEngQueryWin32InfoPlatform
DxgkEngReleaseDC
DxgkEngReleaseStableSprite
DxgkEngReleaseStableVisRgn
DxgkEngUnlockVisRgn
DxgkEngWatchVisRgnChange
EditionActivateMitInput
EditionAllocAndLinkThreadPointerData
EditionAllocThreadPointerData
EditionBaseDriverEntryInitialize
EditionBaseDriverUnloadUninitialize
EditionCallAccessibilityHook
EditionCancelCoolSwitch
EditionChangeForegroundQueueForMouseInput
EditionCheckDesktopPolicy
EditionClearInputTransforms
EditionClientCharToWchar
EditionCloseDesktopEntryPoint
EditionCloseWindowStationEntryPoint
EditionCommitMousePosAndMove
EditionComputeInjectorUIPI
EditionContactVisualization
EditionConvertProcessPseudoToUserWindow
EditionConvertPseudoToUserWindow
EditionConvertUserToPseudoWindow
EditionCreateDefaultWindowStation
EditionCreateDesktopEntryPoint
EditionCreateEdgePalmRejectionZones
EditionCreateWindowStationEntryPoint
EditionDeactivateMitInput
EditionDeferWinEventNotify
EditionDelQEntry
EditionDelegateCapturePointers
EditionDestroyEdgePalmRejectionZones
EditionDevicePnpNotification
EditionDoHotKeys
EditionDoPointerDPITransforms
EditionEdgyEnabled
EditionEdgyProcessInertia
EditionEdgyProcessInput
EditionEdgyResetCurrentFrame
EditionEdgyResetDataFrames
EditionEndDeferWinEventNotify
EditionExtensibility_WakeMITForInterceptCallout
EditionFinalizeKoreanImeCompStrOnMouseClick
EditionFindNodeQueuedMessage
EditionFindThreadPointerData
EditionForegroundQAccessibleToMouseProducer
EditionFreeIMEKeyboardLayouts
EditionGetActiveHKL
EditionGetAppImeCompatFlags
EditionGetCompositionInputWindowUIOwner
EditionGetDefaultMouseSensitivity
EditionGetExecutionEvironment
EditionGetInputDelegate
EditionGetInputDesktopId
EditionGetInputTransform
EditionGetKeyStateUpdateParamsForRawInput
EditionGetLogicalPointForMouseCaptureButtonEvent
EditionGetMouseWheelRoutingMode
EditionGetPointerDeviceConfigurationKey
EditionGetProcessWindowStationEntryPoint
EditionGetThreadDesktopEntryPoint
EditionGetThreadPointerHookData
EditionGetUserObjectInformationEntryPoint
EditionHandleAltTab
EditionHandleAltTabCancel
EditionHandleAndPostKeyEvent
EditionHandleHungWindow
EditionHandleMitSignal
EditionHandleMoveSizeDataOnDestroyMonitor
EditionHandleRawInput
EditionHandleSonarKeyEvent
EditionHidAutoRepeatTimeout
EditionImmActivateAndUnloadThreadsLayout
EditionImmActivateLayout
EditionImmActivateThreadsLayout
EditionInitGlobalCursorSizes
EditionInitSystemCharsetInfoForLayout
EditionInitializeMoveSizeList
EditionInitializeWppLogging
EditionInitiateMouseEventProcessing
EditionInputExtensibilityCallout
EditionInternalSetCursorPos
EditionIsAppForeground
EditionIsCompositeAppOrSelfDisabled
EditionIsCompositionInputWindow
EditionIsCurrentProcessWinstaLocked
EditionIsGetAsyncKeyStateBlocked
EditionIsGetKeyStateBlocked
EditionIsGpqForegroundAccessibleCurrent
EditionIsGpqForegroundAccessibleExplicit
EditionIsHotKey
EditionIsPointerInputRedirected
EditionIsPointerQueuedMessageCoalescable
EditionIsRIMInjectionBlocked
EditionIsSAS
EditionIsUsermodeRIMAccessAllowed
EditionIsWinEventsDeferred
EditionKeepMachineUp
EditionKeyEventLLHook
EditionKillAccessibilityTimer
EditionLLMouseButtonHook
EditionLLMouseWheelHook
EditionLegacyTouchPadMouseAllowTap
EditionMagnificationMousePosition
EditionMessageBeep
EditionMouseMoveShellResilience
EditionMouseSpeedHitTest
EditionNotifyDwmForSystemVisualCreation
EditionNotifyDwmForSystemVisualDestruction
EditionNotifyShellLanguageHook
EditionOpenInputDesktopEntryPoint
EditionOpenProfileKey
EditionOverrideDefaultTouchGestureSettings
EditionOverrideUserTouchGestureSettings
EditionParseDesktop
EditionPhysicalToLogicalDPIPointWithInputDestHint
EditionPointerActivate
EditionPointerParentNotify
EditionPointerSpeedHitTest
EditionPointerWindowHitTest
EditionPostAccessibility
EditionPostInertiaMessage
EditionPostInputEvent
EditionPostInputMessage
EditionPostKeyboardInputMessage
EditionPostMouseMoveToQ
EditionPostMouseWheelToForeground
EditionPostRawMouseInputMessage
EditionPostRitSound
EditionPostShellHookMessages
EditionPostThreadInputEvent
EditionPostUpdateKeyStateEvent
EditionPreserveSystemClippedMouseInput
EditionProcessPointerInputAsMouse
EditionPromotePointer
EditionQueryInertiaWorker
EditionRawInputRequestedForKeyboard
EditionRemoveFromMsdList
EditionReportMouseBreakToAccessibility
EditionResetIMEConversionStatus
EditionResetIMELayout
EditionRimDeviceReadNotification
EditionSendCursorSuppressionUpdate
EditionSendIMENotification
EditionSetAccessibilityTimer
EditionSetForegroundCheckNoActivate
EditionSetMouseInputRateLimitingTimer
EditionSetProcessWindowStationAtProcessInit
EditionSetProcessWindowStationEntryPoint
EditionSetThreadDesktopAtThreadInit
EditionSpeedHitTest
EditionStopSonar
EditionSynthesizeMouseWheel
EditionSystemGenerateMove
EditionUninitializeWppLogging
EditionUnlinkAndFreeThreadPointerData
EditionUnloadCursorsAndIcons
EditionUpdateAsyncKeyStateThreads
EditionUpdateCursorAsync
EditionUpdateCursorOnMouseMove
EditionUpdateCursorSizes
EditionUpdateInputTransformFromHitTest
EditionUpdateModifiersForHotkey
EditionUpdateRawMouseMode
EditionUpdateRemoteLights
EditionUpdateSASModifiers
EditionUserBeep
EditionValidateKbdNLSTable
EditionWakeSomeone
EditionWakeThreadForInput
EditionxxxBroadcastSPIChange
EditionxxxSystemParametersInfoWorker
EnableHalftone
EnableUserkTraceLogging
EngAllocPrivateUserMem
EngAlphaBlend
EngBitBlt
EngCTGetCurrentGamma
EngCTGetGammaTable
EngCheckAbort
EngClearEvent
EngComputeGlyphSet
EngControlSprites
EngCopyBits
EngCreateDriverObj
EngCreateEvent
EngCreatePath
EngCreateWnd
EngDeleteEvent
EngDeleteFile
EngDeletePath
EngDeleteWnd
EngDitherColor
EngDxIoctl
EngEnumForms
EngEraseSurface
EngFileIoControl
EngFileWrite
EngFillPath
EngFindImageProcAddress
EngFindResource
EngFntCacheAlloc
EngFntCacheFault
EngFntCacheLookUp
EngFreeModule
EngFreePrivateUserMem
EngGetCurrentCodePage
EngGetDriverName
EngGetFileChangeTime
EngGetFilePath
EngGetForm
EngGetPrinter
EngGetPrinterData
EngGetPrinterDataFileName
EngGetPrinterDriver
EngGetTickCount
EngGetType1FontList
EngGradientFill
EngHangNotification
EngIsCddDeviceBitmap
EngLineTo
EngLoadImage
EngLoadModule
EngLoadModuleForWrite
EngLockDirectDrawSurface
EngLpkInstalled
EngMapEvent
EngMapFile
EngMapFontFile
EngMapFontFileFD
EngMapModule
EngMarkBandingSurface
EngMovePointer
EngMultiByteToWideChar
EngNineGrid
EngPaint
EngPlgBlt
EngQueryDeviceAttribute
EngQueryFileTimeStamp
EngQueryLocalTime
EngQueryPalette
EngReadStateEvent
EngRestoreFloatingPointState
EngSaveFloatingPointState
EngSetEvent
EngSetPointerShape
EngSetPointerTag
EngSetPrinterData
EngSort
EngStretchBlt
EngStretchBltROP
EngStrokeAndFillPath
EngStrokePath
EngTextOut
EngTransparentBlt
EngUnloadImage
EngUnlockDirectDrawSurface
EngUnmapEvent
EngUnmapFile
EngUnmapFontFile
EngUnmapFontFileFD
EngWaitForSingleObject
EngWideCharToMultiByte
EngWritePrinter
EnsurePointerDeviceHasMonitor
EnterEditionCrit
FONTOBJ_cGetAllGlyphHandles
FONTOBJ_cGetGlyphs
FONTOBJ_pQueryGlyphAttrs
FONTOBJ_pfdg
FONTOBJ_pifi
FONTOBJ_pjOpenTypeTablePointer
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_pwszFontFilePaths
FONTOBJ_pxoGetXform
FONTOBJ_vGetInfo
FVisCountable
FadeDesktop
FinishStockFontInit
FinishStockFontReinit
FlushWEFCOMPOSITEDDCEBounds
FontDriverQueryRoutine
FreeAllSpbs
FreeClientOnWindowDestruction
FreeDdeXact
FreeDesktop
FreeDeviceInfo
FreeHidData
FreeHook
FreeHwndList
FreeImeHotKeys
FreeInputContext
FreeMessageList
FreeNonCachedUserMemWrap
FreePointerDevice
FreePointerDeviceCalData
FreePointerDeviceCalibrationInfo
FreeProcessMessageFilter
FreeSMS
FreeThreadsWinEvents
FreeThreadsWindowHooks
FreeTimer
FreeWindowStation
FreezeThawTimers
GdiMultiUserFontCleanup
GdiThreadCalloutFlushUserBatch
GetAppCompatFlags
GetAppCompatFlags2
GetAppCompatFlags2QuadWord
GetClassPtr
GetColorManagementCapsWrap
GetDbgTagFlags
GetDesktopHeapSize
GetDesktopView
GetDpiSetting
GetDpiSettingWithNoDefault
GetInputSensorThreadingModel
GetInputTransformList
GetJournallingQueue
GetLayeredOrRedirectedParent
GetMAPPER_SignatureTable
GetMaxGdiHandleCount
GetMaxOpenRetries
GetMiPInputTransform
GetNineGridRenderingData
GetPTPShellTarget
GetPanCopyBits
GetPenArbitrationType
GetPenHoldTime
GetPowerTransitionsState
GetRedirectionBitmap
GetRipFlags
GetSMSLookaside
GetStyleWindow
GetTouchHoldTime
GetUndimSourceInputTypeMask
GetUserHandedness
GetWakeSourceInputTypeMask
GetWin8StyleDpiSettingFromRegistry
GetgForceFontAssocCodePage
GetgSystemAnsiCodePage
GetgSystemOemCodePage
GetgbFinishDefGUIFontInit
GetgfSwitchInProgress
GetghsemEnableEUDC
GetglpSetupPrograms
GetgpBmpDev
GetgpDefITable
GetgpPFTDeviceWrap
GetgpPublicObjectList
GetgpRedirDev
GetgpastrSetupExe
GetgpfmffTable
GetgpfsTable
GetgpniFontsDirectoryAndScratch
GetgptoWrap
GetgpwszFamilyDefaultFonts
GetguiKeyboardCorrectionCalloutTimeout
GetgvsStateWrap
GetpbwlCache
GreAssertSystemCriticalProcess
GreDeleteClientObj
GreDeleteWnd
GreDwmDesktopOverlaysEnabled
GreEnsureDpiDepDefaultGuiFontForPlateau
GreFlush
GreGetAspectRatioFilter
GreGetRandomRgn
GreHidePointer
GreHideSprites
GreHintDCWnd
GreIsCurrentProcessSystemCritical
GreMovePointer
GrePolyBezier
GrePolyBezierTo
GrePolyPolygon
GrePolyPolyline
GrePolylineTo
GreSelectFont
GreSelectRedirectionBitmap
GreSetBitmapBits
GreWaitForTextReady
GrepSfmRemoveSurfaces
HT_ComputeRGBGammaTable
HT_DestroyDeviceHalftoneInfoWrap
HT_Get8BPPFormatPalette
HT_Get8BPPMaskPalette
HandleDisplayChangeForInactiveDesktops
HasHidTable
HasInputTransform
HeapVidMemAllocAligned
IAMKeyAcquired
InitClipFormatExceptionList
InitClipboardILDef
InitDwmInputProcessing

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NONPAGE
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GFIDS
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/win32ui.pyd
.dll windows:6 windows x64 arch:x64

e957d5741b939d53017aad8c14728bbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32ui.pdb

Imports

mfc140u

ord10727
ord11813
ord6000
ord13397
ord2697
ord8901
ord11085
ord10163
ord3951
ord3308
ord3307
ord3071
ord7366
ord9066
ord11898
ord10689
ord1386
ord6083
ord11623
ord11622
ord11624
ord11621
ord10858
ord10260
ord11022
ord8733
ord10710
ord10924
ord8668
ord6153
ord902
ord904
ord6556
ord7119
ord5165
ord5674
ord1503
ord7367
ord8880
ord9067
ord8916
ord2966
ord8944
ord2543
ord11899
ord1389
ord10189
ord3967
ord12899
ord12900
ord4876
ord6029
ord3145
ord6557
ord7120
ord3509
ord6313
ord1092
ord8066
ord5426
ord455
ord6002
ord13401
ord2698
ord10769
ord10691
ord13864
ord12706
ord8507
ord5240
ord4726
ord4656
ord4721
ord2270
ord3756
ord4722
ord6320
ord2903
ord1641
ord4954
ord296
ord8416
ord10806
ord7136
ord11902
ord6878
ord11770
ord8917
ord6630
ord2628
ord9739
ord9738
ord10835
ord8702
ord10811
ord11435
ord8604
ord8614
ord10199
ord10807
ord9217
ord9682
ord9677
ord9205
ord9215
ord9200
ord10968
ord10965
ord8003
ord5910
ord11804
ord6606
ord7169
ord6867
ord1065
ord9218
ord375
ord6826
ord5772
ord11787
ord8824
ord4085
ord6344
ord6907
ord1149
ord3745
ord3089
ord3092
ord528
ord6333
ord6896
ord5687
ord9068
ord10455
ord5581
ord7370
ord9034
ord9737
ord10834
ord8701
ord11802
ord10805
ord3741
ord12835
ord11979
ord5036
ord5100
ord10791
ord8613
ord14222
ord10847
ord11345
ord10914
ord10916
ord9949
ord10197
ord8002
ord933
ord6571
ord7134
ord1109
ord1086
ord10726
ord6861
ord1844
ord7177
ord2194
ord7928
ord6858
ord7068
ord1160
ord5957
ord12372
ord1633
ord8202
ord539
ord2921
ord285
ord5709
ord6542
ord6247
ord6810
ord12176
ord5463
ord6250
ord6813
ord12559
ord4357
ord2514
ord6819
ord5963
ord12378
ord1639
ord8208
ord545
ord7182
ord7147
ord5916
ord1454
ord6775
ord6905
ord8817
ord1053
ord4078
ord3056
ord6251
ord6814
ord1383
ord3266
ord3144
ord6555
ord7118
ord8828
ord1426
ord4097
ord4938
ord6785
ord6779
ord3166
ord6590
ord7153
ord1411
ord13579
ord6655
ord13535
ord6165
ord3269
ord3153
ord6579
ord7142
ord6821
ord12240
ord1111
ord3078
ord6303
ord6866
ord4724
ord5771
ord8823
ord1158
ord4084
ord3233
ord7780
ord5604
ord13309
ord5641
ord13307
ord5628
ord13299
ord3097
ord6343
ord6906
ord1402
ord8062
ord8060
ord13453
ord13580
ord13105
ord6667
ord6067
ord6656
ord5191
ord13577
ord6648
ord3149
ord6569
ord7132
ord5909
ord1442
ord3234
ord7785
ord8050
ord13301
ord5607
ord5636
ord5621
ord5643
ord5633
ord3171
ord6605
ord7168
ord6118
ord12746
ord4030
ord4499
ord13674
ord11744
ord8063
ord8501
ord7813
ord12738
ord8575
ord13757
ord13617
ord13555
ord13473
ord12967
ord12762
ord12761
ord3742
ord438
ord2473
ord6845
ord3517
ord1381
ord896
ord290
ord3656
ord3657
ord3685
ord3697
ord320
ord3598
ord3596
ord2715
ord7551
ord5241
ord7233
ord11854
ord1089
ord8731
ord10704
ord4343
ord7724
ord448
ord6285
ord6848
ord5004
ord5150
ord497
ord496
ord6877
ord3579
ord6624
ord13084
ord364
ord6820
ord3655
ord3678
ord3586
ord11823
ord3597
ord5750
ord10724
ord8730
ord10703
ord6260
ord3595
ord5978
ord5388
ord5379
ord5381
ord6090
ord489
ord6007
ord6006
ord6871
ord7364
ord2495
ord3965
ord894
ord6553
ord7116
ord2357
ord286
ord449
ord6849
ord2336
ord4946
ord14111
ord3510
ord6876
ord6883
ord6549
ord7112
ord6098
ord5212
ord5273
ord5125
ord5199
ord1504
ord4345
ord12392
ord12391
ord1905
ord4311
ord13698
ord6030
ord4875
ord912
ord13370
ord2659
ord7159
ord6566
ord7129
ord7378
ord11271
ord10764
ord11048
ord10690
ord8945
ord13919
ord13906
ord3172
ord4032
ord13994
ord14001
ord5487
ord5548
ord7635
ord1422
ord4000
ord3999
ord3948
ord1772
ord2639
ord12901
ord4877
ord3734
ord3760
ord13893
ord13895
ord3774
ord3523
ord9272
ord10217
ord9610
ord12164
ord7654
ord6044
ord13050
ord13557
ord3546
ord3529
ord3163
ord954
ord6586
ord7149
ord10770
ord11030
ord9751
ord8866
ord10093
ord11184
ord11763
ord8928
ord4443
ord3723
ord5189
ord11484
ord8904
ord7912
ord1129
ord9043
ord8521
ord11119
ord4353
ord2510
ord5726
ord13358
ord5727
ord13360
ord13351
ord5722
ord12142
ord5917
ord4873
ord4872
ord3081
ord1985
ord12360
ord3484
ord7251
ord8995
ord10446
ord10420
ord3714
ord11491
ord5744
ord11486
ord1767
ord11862
ord3811
ord8097
ord11788
ord7432
ord3098
ord546
ord6353
ord8902
ord10121
ord2821
ord12624
ord7712
ord5263
ord13064
ord13115
ord11660
ord11661
ord5968

kernel32

GetCommandLineW
SetThreadPriority
LoadLibraryExW
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
QueryActCtxW
CreateActCtxW
FreeLibrary
LoadResource
FindResourceExW
GetModuleHandleW
GetProcAddress
CloseHandle
CreateFileW
LocalAlloc
WriteFile
DebugBreak
lstrcmpiW
GlobalFree
SetConsoleTitleW
GetTickCount
GetCurrentProcessId
GetCurrentThreadId
Sleep
GetConsoleTitleW
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
LoadLibraryW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GlobalReAlloc
FormatMessageW
WideCharToMultiByte
LocalFree
CreateThread
OutputDebugStringW
ActivateActCtx
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
DeactivateActCtx
FindActCtxSectionStringW

user32

GetTopWindow
GetForegroundWindow
LockWindowUpdate
BringWindowToTop
DrawMenuBar
SetCapture
GetWindowDC
DlgDirSelectComboBoxExW
IsZoomed
ShowCaret
KillTimer
ReleaseCapture
GetDCEx
IsIconic
BeginPaint
EndPaint
CopyRect
MessageBoxW
ToAsciiEx
CallNextHookEx
GetKeyboardState
MapVirtualKeyExW
GetKeyboardLayout
SetWindowsHookExW
UpdateWindow
InvalidateRect
GetParent
PeekMessageW
ModifyMenuW
GetMenuItemID
GetMenuItemCount
DeleteMenu
CreatePopupMenu
IsMenu
GetMenuStringW
InsertMenuW
AppendMenuW
EnableMenuItem
CreateMenu
MapDialogRect
FillRect
DrawIcon
FrameRect
DrawFocusRect
DrawFrameControl
ClientToScreen
GetWindowLongPtrW
LoadBitmapW
GetWindow
GetWindowRect
SendMessageW
GetClassNameW
GetClientRect
IsWindow
EnableWindow
FindWindowW
wsprintfW
GetDC
ReleaseDC
GetMessageW
DefWindowProcW
LoadMenuW
PostMessageW
DestroyWindow
CreateWindowExW
UnregisterClassW
GetWindowPlacement
TrackPopupMenu
GetSubMenu
ShowWindow
DispatchMessageW
RegisterClassW
SetMenuDefaultItem
TranslateMessage
LoadIconW
LoadCursorW
PostQuitMessage
RegisterWindowMessageW
SetForegroundWindow
GetCursorPos
RedrawWindow
ChildWindowFromPointEx
ScreenToClient
HideCaret
SetActiveWindow
IsWindowVisible
GetFocus
GetMenu
FindWindowExW
DlgDirListW
ShowScrollBar
GetSystemMenu
GetLastActivePopup
DlgDirSelectExW
MapWindowPoints
EqualRect
IsChild
SetTimer
GetCapture
InvalidateRgn
GetWindowLongW
GetActiveWindow
DlgDirListComboBoxW

gdi32

CreateCompatibleDC
SelectObject
BitBlt
GetTextMetricsW
GetObjectType
GetObjectW
GetDIBits
GetBitmapBits
CreateCompatibleBitmap
CreateSolidBrush
CreateBrushIndirect
SetWorldTransform
GetViewportOrgEx
EndPage
DPtoLP
StartDocW
GetMapMode
GetBrushOrgEx
LPtoDP
CreateDIBitmap
Polygon
GetViewportExtEx
Rectangle
EndPath
GetTextExtentPoint32W
GetPixel
GetDeviceCaps
StrokeAndFillPath
StrokePath
GetWindowOrgEx
Polyline
PolyBezier
GetCurrentPositionEx
CreateDCW
Chord
EndDoc
BeginPath
AbortDoc
GetTextFaceW
SetGraphicsMode
StretchBlt
RealizePalette
StretchDIBits
DeleteDC
SelectPalette
SetDIBitsToDevice
Ellipse
CreatePalette
PatBlt
SetPixel
FillPath
Arc
StartPage
GetWindowExtEx
Pie
SetBrushOrgEx
GetNearestColor
SetViewportOrgEx
CreateRectRgn
CreateEllipticRgn
CombineRgn
GetRgnBox
CreatePenIndirect
CreateFontIndirectW
SetStretchBltMode

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter

shell32

CommandLineToArgvW
Shell_NotifyIconW
DragAcceptFiles

comctl32

ImageList_AddMasked
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetBkColor
ImageList_ReplaceIcon

oleaut32

VariantClear
VariantInit
SysFreeString

python311

_Py_BuildValue_SizeT
_PyArg_ParseTuple_SizeT
PySequence_Size
PySequence_GetItem
PyExc_ValueError
PySequence_Check
PyBool_FromLong
PyObject_GenericGetAttr
PyMapping_Check
PyDict_SetItem
PyDict_GetItem
PyErr_WarnEx
PyExc_Warning
PyBytes_FromString
PyExc_IndexError
PyExc_SystemExit
PyEval_CallObjectWithKeywords
PyObject_GenericSetAttr
_Py_FatalErrorFunc
PyErr_SetObject
PyErr_GivenExceptionMatches
PyList_Insert
PyModule_AddIntConstant
PyErr_NormalizeException
PyExc_RuntimeError
PyUnicode_Concat
PyList_SetItem
PyRun_StringFlags
Py_Finalize
_Py_FalseStruct
PyModule_GetDict
PyObject_ClearWeakRefs
PyModule_Create2
PyImport_AddModule
PyType_Ready
PyErr_NewException
PyObject_IsInstance
PySys_SetArgv
_Py_NewReference
PyErr_Print
PyObject_Repr
PyType_Type
PyTraceBack_Print
PyUnicode_AsWideCharString
PyMem_Free
PyArg_ParseTupleAndKeywords
PyObject_Size
PyCFunction_Type
_Py_VaBuildValue_SizeT
PyMethod_Type
PyType_IsSubtype
PyLong_AsUnsignedLong
PyLong_FromUnsignedLong
PySequence_Tuple
PySys_GetObject
PyGILState_Release
PyErr_SetInterrupt
Py_BuildValue
PyGILState_Ensure
PyErr_SetString
PyExc_TypeError
_Py_NoneStruct
PyErr_Restore
_Py_Dealloc
PyErr_Fetch
PyLong_AsLong
PyExc_NotImplementedError
PyObject_GetAttrString
PyNumber_Long
PyEval_SaveThread
PyErr_Clear
PyArg_ParseTuple
PyEval_RestoreThread
PyExc_IOError
PyErr_SetFromErrno
PyErr_Occurred
PyLong_FromLong
PyList_New
PyList_Append
PyWeakref_NewRef
PyWeakref_GetObject
PyErr_Format
PyObject_Str
PyBytes_AsString
PyExc_MemoryError
PyTuple_New
PyDict_SetItemString
PyLong_FromVoidPtr
PyList_GetItem
PyTuple_Size
PyArg_Parse
PyTuple_GetItem
PyList_Size
PyUnicode_AsUTF8
PyCallable_Check
PyBytes_FromStringAndSize
PyErr_NoMemory
PyTuple_SetItem
PyDict_New
PyBytes_Size
PyExc_EOFError

pywintypes311

?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?ok@PyWinBufferView@@QEAA_NXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??1PyWin_AutoFreeBstr@@QEAA@XZ
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
??0PyWinBufferView@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
memmove
__std_type_info_destroy_list
__current_exception_context
__current_exception
memset
__C_specific_handler
_purecall
__std_terminate
memcpy

api-ms-win-crt-heap-l1-1-0

_recalloc
free
malloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vsprintf
__acrt_iob_func
_wfopen
fclose
fwrite

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-string-l1-1-0

isdigit
wcsncpy
strncpy
_wcsdup
strcmp

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
_initterm_e
_register_onexit_function
_initialize_onexit_table
_invalid_parameter_noinfo
_configure_narrow_argv
_seh_filter_dll
_initialize_narrow_environment
_errno
_initterm
_execute_onexit_table
terminate

Exports

Exports

??0CProtectedWinApp@@QEAA@XZ
??0CPythonDocTemplate@@QEAA@I@Z
??0CVirtualHelper@@QEAA@AEBV0@@Z
??0CVirtualHelper@@QEAA@PEBDPEAXW4EnumVirtualErrorHandling@@@Z
??0PyCCmdTarget@@IEAA@XZ
??0PyCCmdTarget@@QEAA@AEBV0@@Z
??0PyCCommonDialog@@QEAA@$$QEAV0@@Z
??0PyCCommonDialog@@QEAA@AEBV0@@Z
??0PyCCommonDialog@@QEAA@XZ
??0PyCControlBar@@QEAA@$$QEAV0@@Z
??0PyCControlBar@@QEAA@AEBV0@@Z
??0PyCControlBar@@QEAA@XZ
??0PyCCtrlView@@IEAA@XZ
??0PyCCtrlView@@QEAA@$$QEAV0@@Z
??0PyCCtrlView@@QEAA@AEBV0@@Z
??0PyCCtrlView_Type@@QEAA@PEBDPEAVui_type@@PEAVui_type_CObject@@PEAUCRuntimeClass@@_J4PEAUPyMethodDef@@P6APEAVui_base_class@@XZ@Z
??0PyCDialog@@IEAA@XZ
??0PyCDialog@@QEAA@AEBV0@@Z
??0PyCDocTemplate@@IEAA@XZ
??0PyCDocTemplate@@QEAA@AEBV0@@Z
??0PyCDocument@@IEAA@XZ
??0PyCDocument@@QEAA@AEBV0@@Z
??0PyCEditView@@IEAA@XZ
??0PyCEditView@@QEAA@$$QEAV0@@Z
??0PyCEditView@@QEAA@AEBV0@@Z
??0PyCFormView@@QEAA@$$QEAV0@@Z
??0PyCFormView@@QEAA@AEBV0@@Z
??0PyCFormView@@QEAA@XZ
??0PyCFrameWnd@@IEAA@XZ
??0PyCFrameWnd@@QEAA@AEBV0@@Z
??0PyCImageList@@IEAA@XZ
??0PyCImageList@@QEAA@AEBV0@@Z
??0PyCListView@@IEAA@XZ
??0PyCListView@@QEAA@$$QEAV0@@Z
??0PyCListView@@QEAA@AEBV0@@Z
??0PyCMDIChildWnd@@IEAA@XZ
??0PyCMDIChildWnd@@QEAA@$$QEAV0@@Z
??0PyCMDIChildWnd@@QEAA@AEBV0@@Z
??0PyCMDIFrameWnd@@IEAA@XZ
??0PyCMDIFrameWnd@@QEAA@$$QEAV0@@Z
??0PyCMDIFrameWnd@@QEAA@AEBV0@@Z
??0PyCRichEditDoc@@QEAA@$$QEAV0@@Z
??0PyCRichEditDoc@@QEAA@AEBV0@@Z
??0PyCRichEditDoc@@QEAA@XZ
??0PyCRichEditView@@IEAA@XZ
??0PyCRichEditView@@QEAA@$$QEAV0@@Z
??0PyCRichEditView@@QEAA@AEBV0@@Z
??0PyCScrollView@@IEAA@XZ
??0PyCScrollView@@QEAA@AEBV0@@Z
??0PyCTreeView@@IEAA@XZ
??0PyCTreeView@@QEAA@$$QEAV0@@Z
??0PyCTreeView@@QEAA@AEBV0@@Z
??0PyCView@@IEAA@XZ
??0PyCView@@QEAA@AEBV0@@Z
??0PyCWnd@@IEAA@XZ
??0PyCWnd@@QEAA@AEBV0@@Z
??0PythonCreateContext@@QEAA@XZ
??0ui_assoc_CObject@@IEAA@XZ
??0ui_assoc_CObject@@QEAA@AEBV0@@Z
??0ui_assoc_object@@IEAA@XZ
??0ui_assoc_object@@QEAA@AEBV0@@Z
??0ui_base_class@@IEAA@XZ
??0ui_base_class@@QEAA@AEBV0@@Z
??0ui_dc_object@@IEAA@XZ
??0ui_dc_object@@QEAA@AEBV0@@Z
??0ui_prinfo_object@@IEAA@XZ
??0ui_prinfo_object@@QEAA@AEBV0@@Z
??0ui_type@@QEAA@PEBDPEAV0@_J2PEAUPyMethodDef@@P6APEAVui_base_class@@XZ@Z
??0ui_type_CObject@@QEAA@PEBDPEAVui_type@@PEAUCRuntimeClass@@_J3PEAUPyMethodDef@@P6APEAVui_base_class@@XZ@Z
??1CProtectedWinApp@@UEAA@XZ
??1CPythonDocTemplate@@UEAA@XZ
??1CVirtualHelper@@QEAA@XZ
??1PyCCmdTarget@@MEAA@XZ
??1PyCCommonDialog@@UEAA@XZ
??1PyCControlBar@@UEAA@XZ
??1PyCCtrlView@@UEAA@XZ
??1PyCCtrlView_Type@@QEAA@XZ
??1PyCDialog@@MEAA@XZ
??1PyCDocTemplate@@MEAA@XZ
??1PyCDocument@@MEAA@XZ
??1PyCEditView@@UEAA@XZ
??1PyCFormView@@UEAA@XZ
??1PyCFrameWnd@@MEAA@XZ
??1PyCImageList@@MEAA@XZ
??1PyCListView@@UEAA@XZ
??1PyCMDIChildWnd@@UEAA@XZ
??1PyCMDIFrameWnd@@UEAA@XZ
??1PyCRichEditDoc@@UEAA@XZ
??1PyCRichEditView@@UEAA@XZ
??1PyCScrollView@@MEAA@XZ
??1PyCTreeView@@UEAA@XZ
??1PyCView@@MEAA@XZ
??1PyCWnd@@MEAA@XZ
??1PythonCreateContext@@QEAA@XZ
??1ui_assoc_CObject@@MEAA@XZ
??1ui_assoc_object@@MEAA@XZ
??1ui_base_class@@MEAA@XZ
??1ui_dc_object@@MEAA@XZ
??1ui_prinfo_object@@MEAA@XZ
??1ui_type@@QEAA@XZ
??1ui_type_CObject@@QEAA@XZ
??4CVirtualHelper@@QEAAAEAV0@AEBV0@@Z
??4PyCCmdTarget@@QEAAAEAV0@AEBV0@@Z
??4PyCCommonDialog@@QEAAAEAV0@$$QEAV0@@Z
??4PyCCommonDialog@@QEAAAEAV0@AEBV0@@Z
??4PyCControlBar@@QEAAAEAV0@$$QEAV0@@Z
??4PyCControlBar@@QEAAAEAV0@AEBV0@@Z
??4PyCCtrlView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCCtrlView@@QEAAAEAV0@AEBV0@@Z
??4PyCCtrlView_Type@@QEAAAEAV0@$$QEAV0@@Z
??4PyCCtrlView_Type@@QEAAAEAV0@AEBV0@@Z
??4PyCDialog@@QEAAAEAV0@AEBV0@@Z
??4PyCDocTemplate@@QEAAAEAV0@AEBV0@@Z
??4PyCDocument@@QEAAAEAV0@AEBV0@@Z
??4PyCEditView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCEditView@@QEAAAEAV0@AEBV0@@Z
??4PyCFormView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCFormView@@QEAAAEAV0@AEBV0@@Z
??4PyCFrameWnd@@QEAAAEAV0@AEBV0@@Z
??4PyCImageList@@QEAAAEAV0@AEBV0@@Z
??4PyCListView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCListView@@QEAAAEAV0@AEBV0@@Z
??4PyCMDIChildWnd@@QEAAAEAV0@$$QEAV0@@Z
??4PyCMDIChildWnd@@QEAAAEAV0@AEBV0@@Z
??4PyCMDIFrameWnd@@QEAAAEAV0@$$QEAV0@@Z
??4PyCMDIFrameWnd@@QEAAAEAV0@AEBV0@@Z
??4PyCRichEditDoc@@QEAAAEAV0@$$QEAV0@@Z
??4PyCRichEditDoc@@QEAAAEAV0@AEBV0@@Z
??4PyCRichEditView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCRichEditView@@QEAAAEAV0@AEBV0@@Z
??4PyCScrollView@@QEAAAEAV0@AEBV0@@Z
??4PyCTreeView@@QEAAAEAV0@$$QEAV0@@Z
??4PyCTreeView@@QEAAAEAV0@AEBV0@@Z
??4PyCView@@QEAAAEAV0@AEBV0@@Z
??4PyCWnd@@QEAAAEAV0@AEBV0@@Z
??4PythonCreateContext@@QEAAAEAV0@AEBV0@@Z
??4ui_assoc_CObject@@QEAAAEAV0@AEBV0@@Z
??4ui_assoc_object@@QEAAAEAV0@AEBV0@@Z
??4ui_base_class@@QEAAAEAV0@AEBV0@@Z
??4ui_dc_object@@QEAAAEAV0@AEBV0@@Z
??4ui_prinfo_object@@QEAAAEAV0@AEBV0@@Z
??4ui_type@@QEAAAEAV0@AEBV0@@Z
??4ui_type_CObject@@QEAAAEAV0@AEBV0@@Z
??_7CProtectedWinApp@@6B@
??_7CPythonDocTemplate@@6B@
??_7PyCCmdTarget@@6B@
??_7PyCCommonDialog@@6B@
??_7PyCControlBar@@6B@
??_7PyCCtrlView@@6B@
??_7PyCDialog@@6B@
??_7PyCDocTemplate@@6B@
??_7PyCDocument@@6B@
??_7PyCEditView@@6B@
??_7PyCFormView@@6B@
??_7PyCFrameWnd@@6B@
??_7PyCImageList@@6B@
??_7PyCListView@@6B@
??_7PyCMDIChildWnd@@6B@
??_7PyCMDIFrameWnd@@6B@
??_7PyCRichEditDoc@@6B@
??_7PyCRichEditView@@6B@
??_7PyCScrollView@@6B@
??_7PyCTreeView@@6B@
??_7PyCView@@6B@
??_7PyCWnd@@6B@
??_7ui_assoc_CObject@@6B@
??_7ui_assoc_object@@6B@
??_7ui_base_class@@6B@
??_7ui_dc_object@@6B@
??_7ui_prinfo_object@@6B@
?AttachObject@ui_assoc_object@@SAPEAU_object@@PEAU2@0@Z
?CheckCppObject@ui_assoc_CObject@@MEBA_NPEAVui_type@@@Z
?CheckCppObject@ui_assoc_object@@MEBA_NPEAVui_type@@@Z
?CreateControl@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?CreateNewDocument@CPythonDocTemplate@@UEAAPEAVCDocument@@XZ
?CreateNewFrame@CPythonDocTemplate@@UEAAPEAVCFrameWnd@@PEAVCDocument@@PEAV2@@Z
?CreateNewFrame@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?CreateStructFromPyObject@@YAHPEAUtagCREATESTRUCTW@@PEAU_object@@PEBDH@Z
?CreateWindowFromHandle@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?DictToLogFont@@YAHPEAU_object@@PEAUtagLOGFONTW@@@Z
?DoCreateDoc@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?DoCreateDocHelper@PyCDocTemplate@@SAPEAU_object@@PEAU2@0PEAUCRuntimeClass@@AEAVui_type_CObject@@@Z
?ExceptionHandler@@YAXHPEB_W0@Z
?FindOpenDocument@CProtectedWinApp@@QEAAPEAVCDocument@@PEB_W@Z
?FindOpenDocument@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?FindWindowExW@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?FindWindowW@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?GetActiveWindow@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?GetAssocObject@ui_assoc_object@@SAPEAV1@PEAX@Z
?GetAttachedObject@ui_assoc_object@@SAPEAU_object@@PEAU2@0@Z
?GetControlBar@PyCControlBar@@SAPEAVCControlBar@@PEAU_object@@@Z
?GetDC@ui_dc_object@@SAPEAVCDC@@PEAU_object@@@Z
?GetDoc@PyCDocument@@SAPEAVCDocument@@PEAU_object@@@Z
?GetDocManager@CProtectedWinApp@@QEAAPEAVCProtectedDocManager@@XZ
?GetDocString@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?GetDocumentList@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?GetFocus@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?GetForegroundWindow@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?GetGoodCppObject@ui_assoc_object@@IEBAPEAXPEAVui_type@@@Z
?GetGoodCppObject@ui_assoc_object@@SAPEAXAEAPEAU_object@@PEAVui_type@@@Z
?GetGoodCppObject@ui_prinfo_object@@MEBAPEAXPEAVui_type@@@Z
?GetGoodRet@ui_assoc_object@@QEAAPEAU_object@@XZ
?GetHandler@CVirtualHelper@@QEAAPEAU_object@@XZ
?GetImageList@PyCImageList@@SAPEAVCImageList@@PEAU_object@@@Z
?GetMainFrame@CProtectedWinApp@@QEAAPEAVCWnd@@XZ
?GetPrintInfo@ui_prinfo_object@@SAPEAUCPrintInfo@@PEAU_object@@@Z
?GetPythonGenericWnd@PyCWnd@@SAPEAVCWnd@@PEAU_object@@PEAVui_type_CObject@@@Z
?GetPythonObject@PythonCreateContext@@QEAAPEAU_object@@XZ
?GetRecentCount@CProtectedWinApp@@QEAAHXZ
?GetRecentFileName@CProtectedWinApp@@QEAA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@H@Z
?GetResourceID@CPythonDocTemplate@@QEAAIXZ
?GetResourceID@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?GetSharedMenu@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?GetTemplate@PyCDocTemplate@@SAPEAVCPythonDocTemplate@@PEAU_object@@@Z
?GetViewPtr@PyCScrollView@@SAPEAVCScrollView@@PEAU_object@@@Z
?GetViewPtr@PyCView@@SAPEAVCView@@PEAU_object@@@Z
?GetWndPtr@@YAPEAVCWnd@@PEAU_object@@@Z
?HaveHandler@CVirtualHelper@@QEAAHXZ
?HaveLoadStdProfileSettings@CProtectedWinApp@@QEAAHXZ
?InitialUpdateFrame@CPythonDocTemplate@@UEAAXPEAVCFrameWnd@@PEAVCDocument@@H@Z
?InitialUpdateFrame@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?LoadStdProfileSettings@CProtectedWinApp@@QEAAXI@Z
?LogFontToDict@@YAPEAU_object@@AEBUtagLOGFONTW@@@Z
?MakeCharFormatTuple@@YAPEAU_object@@PEAU_charformatw@@@Z
?MakeDlgListFromResource@@YAPEAU_object@@PEAX@Z
?MakeParaFormatTuple@@YAPEAU_object@@PEAU_paraformat@@@Z
?MakePyDocTemplateList@CProtectedWinApp@@QEAAPEAU_object@@XZ
?MakeResourceFromDlgList@@YAPEAXPEAU_object@@@Z
?MatchDocType@CPythonDocTemplate@@UEAA?AW4Confidence@CDocTemplate@@PEB_WAEAPEAVCDocument@@@Z
?OnFileNew@CProtectedWinApp@@QEAAXXZ
?OnFileOpen@CProtectedWinApp@@QEAAXXZ
?OpenDocumentFile@CPythonDocTemplate@@UEAAPEAVCDocument@@PEB_WH@Z
?OpenDocumentFile@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?ParseCharFormatTuple@@YAHPEAU_object@@PEAU_charformatw@@@Z
?ParseParaFormatTuple@@YAHPEAU_object@@PEAU_paraformat@@@Z
?PyObConstruct@PyCControlBar@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCCtrlView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCDialog@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCDocTemplate@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCDocument@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCEditView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCFormView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCFrameWnd@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCImageList@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCListView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCMDIChildWnd@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCMDIFrameWnd@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCRichEditDoc@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCRichEditView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCScrollView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCTreeView@@SAPEAVui_base_class@@XZ
?PyObConstruct@PyCWnd@@SAPEAVui_base_class@@XZ
?PyObConstruct@ui_dc_object@@SAPEAVui_base_class@@XZ
?PyObConstruct@ui_prinfo_object@@SAPEAVui_base_class@@XZ
?PyObjectFromCreateStruct@@YAPEAU_object@@PEAUtagCREATESTRUCTW@@@Z
?PyWinObject_AsLV_COLUMN@@YAHPEAU_object@@PEAUtagLVCOLUMNW@@@Z
?PyWinObject_AsLV_ITEM@@YAHPEAU_object@@PEAUtagLVITEMW@@@Z
?PyWinObject_AsTV_ITEM@@YAHPEAU_object@@PEAUtagTVITEMW@@@Z
?PyWinObject_FreeLV_COLUMN@@YAXPEAUtagLVCOLUMNW@@@Z
?PyWinObject_FreeLV_ITEM@@YAXPEAUtagLVITEMW@@@Z
?PyWinObject_FreeTV_ITEM@@YAXPEAUtagTVITEMW@@@Z
?PyWinObject_FromCWnd@@YAPEAU_object@@PEAVCWnd@@@Z
?PyWinObject_FromLV_COLUMN@@YAPEAU_object@@PEAUtagLVCOLUMNW@@@Z
?PyWinObject_FromLV_ITEM@@YAPEAU_object@@PEAUtagLVITEMW@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@AEBUtagRECT@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@_N@Z
?PyWinObject_FromTV_ITEM@@YAPEAU_object@@PEAUtagTVITEMW@@@Z
?Python_OnCmdMsg@@YAHPEAVCCmdTarget@@IHPEAXPEAUAFX_CMDHANDLERINFO@@@Z
?Python_OnNotify@@YAHPEAVCWnd@@_K_JPEA_J@Z
?Python_addpath@@YAXPEB_W@Z
?Python_callback@@YAHPEAU_object@@0@Z
?Python_callback@@YAHPEAU_object@@@Z
?Python_callback@@YAHPEAU_object@@H@Z
?Python_callback@@YAHPEAU_object@@HH@Z
?Python_callback@@YAHPEAU_object@@PEBUtagMSG@@@Z
?Python_callback@@YAHPEAU_object@@_J@Z
?Python_callback@@YAHPEAU_object@@_K@Z
?Python_check_key_message@@YAHPEBUtagMSG@@@Z
?Python_check_message@@YAHPEBUtagMSG@@@Z
?Python_delete_assoc@@YAXPEAX@Z
?Python_do_callback@@YAPEAU_object@@PEAU1@0@Z
?Python_do_exchange@@YAXPEAVCDialog@@PEAVCDataExchange@@@Z
?ReleasePythonObject@PythonCreateContext@@QEAAXXZ
?RemoveDocTemplateFromApp@PyCDocTemplate@@SAHPEAVCDocTemplate@@@Z
?RemoveRecentFile@CProtectedWinApp@@QEAAXH@Z
?SetAssocInvalid@PyCDialog@@MEAAXXZ
?SetAssocInvalid@ui_assoc_object@@MEAAXXZ
?SetAssocInvalid@ui_dc_object@@MEAAXXZ
?SetAssocInvalid@ui_prinfo_object@@MEAAXXZ
?SetContainerInfo@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?SetDialogBkColor@CProtectedWinApp@@QEAAXKK@Z
?SetDocStrings@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?SetExceptionHandler@@YAP6AXHPEB_W0@ZP6AXH00@Z@Z
?SetMainFrame@CProtectedWinApp@@QEAAXPEAVCWnd@@@Z
?SetPythonObject@PythonCreateContext@@QEAAXPEAU_object@@@Z
?SetRegistryKey@CProtectedWinApp@@QEAAXPEB_W@Z
?UITypeFromCObject@@YAAEAVui_type_CObject@@PEAVCObject@@@Z
?UITypeFromHWnd@@YAAEAVui_type_CObject@@PEAUHWND__@@@Z
?UITypeFromName@@YAPEAVui_type_CObject@@PEBD@Z
?build_args@CVirtualHelper@@QEAAPEAU_object@@PEBDZZ
?call@CVirtualHelper@@QEAAHH@Z
?call@CVirtualHelper@@QEAAHHH@Z
?call@CVirtualHelper@@QEAAHHHH@Z
?call@CVirtualHelper@@QEAAHHK@Z
?call@CVirtualHelper@@QEAAHHPEAVCWnd@@0@Z
?call@CVirtualHelper@@QEAAHIHPEAXPEAUAFX_CMDHANDLERINFO@@@Z
?call@CVirtualHelper@@QEAAHJ@Z
?call@CVirtualHelper@@QEAAHKK@Z
?call@CVirtualHelper@@QEAAHPEAUCPrintInfo@@@Z
?call@CVirtualHelper@@QEAAHPEAU_object@@0@Z
?call@CVirtualHelper@@QEAAHPEAU_object@@0H@Z
?call@CVirtualHelper@@QEAAHPEAU_object@@@Z
?call@CVirtualHelper@@QEAAHPEAUtagCREATESTRUCTW@@@Z
?call@CVirtualHelper@@QEAAHPEAUtagCREATESTRUCTW@@PEAU_object@@@Z
?call@CVirtualHelper@@QEAAHPEAVCDC@@@Z
?call@CVirtualHelper@@QEAAHPEAVCDC@@PEAUCPrintInfo@@@Z
?call@CVirtualHelper@@QEAAHPEAVCDC@@PEAVCWnd@@H@Z
?call@CVirtualHelper@@QEAAHPEAVCDocument@@@Z
?call@CVirtualHelper@@QEAAHPEAVCView@@PEAU_object@@@Z
?call@CVirtualHelper@@QEAAHPEAVCWnd@@@Z
?call@CVirtualHelper@@QEAAHPEAVCWnd@@H@Z
?call@CVirtualHelper@@QEAAHPEAVCWnd@@HH@Z
?call@CVirtualHelper@@QEAAHPEBD@Z
?call@CVirtualHelper@@QEAAHPEBDH@Z
?call@CVirtualHelper@@QEAAHPEBUtagMSG@@@Z
?call@CVirtualHelper@@QEAAHPEB_W@Z
?call@CVirtualHelper@@QEAAHPEB_WH@Z
?call@CVirtualHelper@@QEAAHXZ
?call@CVirtualHelper@@QEAAH_K@Z
?call@CVirtualHelper@@QEAAH_K_J@Z
?call_args@CVirtualHelper@@QEAAHPEBDZZ
?check_key_stroke@PyCWnd@@QEAAH_K@Z
?cleanup@PyCDocTemplate@@MEAAXXZ
?cleanup@ui_base_class@@UEAAXXZ
?create@PyCControlBar@@SAPEAU_object@@PEAU2@0@Z
?create@PyCCtrlView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCDialog@@SAPEAU_object@@PEAU2@0@Z
?create@PyCDocTemplate@@SAPEAU_object@@PEAU2@0@Z
?create@PyCEditView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCFormView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCListView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCRichEditView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCScrollView@@SAPEAU_object@@PEAU2@0@Z
?create@PyCTreeView@@SAPEAU_object@@PEAU2@0@Z
?createIndirect@PyCDialog@@SAPEAU_object@@PEAU2@0@Z
?create_compatible_dc@ui_dc_object@@SAPEAU_object@@PEAU2@0@Z
?create_dc@ui_dc_object@@SAPEAU_object@@PEAU2@0@Z
?create_printer_dc@ui_dc_object@@SAPEAU_object@@PEAU2@0@Z
?do_call@CVirtualHelper@@AEAAHPEAU_object@@@Z
?get_top_window@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?get_window@PyCWnd@@SAPEAU_object@@PEAU2@0@Z
?getattro@PyCControlBar@@UEAAPEAU_object@@PEAU2@@Z
?getattro@PyCDialog@@UEAAPEAU_object@@PEAU2@@Z
?getattro@ui_base_class@@UEAAPEAU_object@@PEAU2@@Z
?gui_call_object@@YAPEAU_object@@PEAU1@0@Z
?gui_print_error@@YAXXZ
?handleMgr@ui_assoc_object@@2VCAssocManager@@A
?is_uiobject@ui_base_class@@QEAAHPEAVui_type@@@Z
?is_uiobject@ui_base_class@@SAHAEAPEAU_object@@PEAVui_type@@@Z
?make@PyCWnd@@SAPEAV1@AEAVui_type_CObject@@PEAVCWnd@@PEAUHWND__@@@Z
?make@ui_assoc_object@@SAPEAV1@AEAVui_type@@PEAX_N@Z
?make@ui_base_class@@SAPEAV1@AEAVui_type@@@Z
?release_full@CVirtualHelper@@QEAAXXZ
?repr@PyCCmdTarget@@UEAA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?repr@PyCWnd@@UEAA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?repr@ui_assoc_object@@UEAA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?repr@ui_base_class@@UEAA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?retnone@CVirtualHelper@@QEAAHXZ
?retval@CVirtualHelper@@QEAAHAEAH@Z
?retval@CVirtualHelper@@QEAAHAEAJ@Z
?retval@CVirtualHelper@@QEAAHAEAPEAU_object@@@Z
?retval@CVirtualHelper@@QEAAHAEAPEAX@Z
?retval@CVirtualHelper@@QEAAHAEAUtagCREATESTRUCTW@@@Z
?retval@CVirtualHelper@@QEAAHAEAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?retval@CVirtualHelper@@QEAAHPEAUtagMSG@@@Z
?setattro@PyCControlBar@@UEAAHPEAU_object@@0@Z
?setattro@ui_base_class@@UEAAHPEAU_object@@0@Z
?sui_dealloc@ui_base_class@@SAXPEAU_object@@@Z
?sui_getattro@ui_base_class@@SAPEAU_object@@PEAU2@0@Z
?sui_repr@ui_base_class@@SAPEAU_object@@PEAU2@@Z
?sui_setattro@ui_base_class@@SAHPEAU_object@@00@Z
?type@PyCCmdTarget@@2Vui_type_CObject@@A
?type@PyCCommonDialog@@2Vui_type_CObject@@A
?type@PyCControlBar@@2Vui_type_CObject@@A
?type@PyCCtrlView@@2VPyCCtrlView_Type@@A
?type@PyCDialog@@2Vui_type_CObject@@A
?type@PyCDocTemplate@@2Vui_type_CObject@@A
?type@PyCDocument@@2Vui_type_CObject@@A
?type@PyCEditView@@2VPyCCtrlView_Type@@A
?type@PyCFormView@@2Vui_type_CObject@@A
?type@PyCFrameWnd@@2Vui_type_CObject@@A
?type@PyCImageList@@2Vui_type_CObject@@A
?type@PyCListView@@2VPyCCtrlView_Type@@A
?type@PyCMDIChildWnd@@2Vui_type_CObject@@A
?type@PyCMDIFrameWnd@@2Vui_type_CObject@@A
?type@PyCRichEditDoc@@2Vui_type_CObject@@A
?type@PyCRichEditView@@2VPyCCtrlView_Type@@A
?type@PyCScrollView@@2Vui_type_CObject@@A
?type@PyCTreeView@@2VPyCCtrlView_Type@@A
?type@PyCView@@2Vui_type_CObject@@A
?type@PyCWnd@@2Vui_type_CObject@@A
?type@ui_assoc_CObject@@2Vui_type_CObject@@A
?type@ui_assoc_object@@2Vui_type@@A
?type@ui_base_class@@2Vui_type@@A
?type@ui_dc_object@@2Vui_type_CObject@@A
?type@ui_prinfo_object@@2Vui_type@@A
?typemap@ui_type_CObject@@2PEAV?$CMap@PEAUCRuntimeClass@@PEAU1@PEAVui_type_CObject@@PEAV2@@@EA
?ui_module_error@@3PEAU_object@@EA
PyInit_win32ui
Win32uiApplicationInit

Sections

.text
Size: 639KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/wuaueng.dll
.dll windows:10 windows x64 arch:x64

a0dda2a886fbbbc9a8594b2eba5218d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wuaueng.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__set_errno
_o__stricmp
_o__strnicmp
_o__ultow_s
_o__wcsicmp
_o__wcsnicmp
_o__wcstoui64
_o__wfopen
_o__wsplitpath_s
_o__wtoi
_o__wtoi64
_o__wtol
memmove
_o_bsearch
_o_fclose
_o_free
_o_iswalnum
_o_iswalpha
_o_iswdigit
_o_iswspace
_o_malloc
_o_mbstowcs
_o_mbstowcs_s
_o_memcpy_s
_o_qsort
_o_rand
_o_realloc
_o_srand
_o_strcpy_s
_o_strncpy_s
_o_strtol
_o_terminate
_o_tolower
_o_toupper
_o_wcstod
_o_wcstok_s
_o_wcstol
_o_wcstombs
_o_wcstoul
__C_specific_handler
strrchr
strchr
wcschr
wcsstr
wcsrchr
__CxxFrameHandler3
_CxxThrowException
_o__ltow_s
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o___stdio_common_vfprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__get_errno
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

memmove_s
wcsncmp
memset
wcscmp

api-ms-win-core-localization-l1-2-0

LocaleNameToLCID
GetSystemDefaultLCID
LCMapStringW
GetUserGeoID
GetUILanguageInfo
FormatMessageW
GetLocaleInfoW
GetGeoInfoW

api-ms-win-core-processthreads-l1-1-0

GetExitCodeThread
ResumeThread
GetCurrentThread
OpenThreadToken
CreateThread
OpenProcessToken
GetThreadId
CreateProcessAsUserW
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
GetExitCodeProcess
TerminateProcess
SetThreadPriority

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
HeapReAlloc
GetProcessHeap

api-ms-win-core-libraryloader-l1-2-0

EnumResourceNamesExW
GetModuleFileNameW
DisableThreadLibraryCalls
GetProcAddress
SizeofResource
LockResource
GetModuleHandleExW
LoadLibraryExW
FreeLibraryAndExitThread
EnumResourceLanguagesExW
FindResourceExW
FreeLibrary
LoadResource
GetModuleHandleW
GetModuleFileNameA

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetErrorMode
SetLastError
GetLastError
GetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
DeleteCriticalSection
WaitForSingleObject
OpenSemaphoreW
CreateEventExW
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjectsEx
SleepEx
CreateMutexW
CreateMutexExW
CreateSemaphoreExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
InitializeCriticalSection
InitializeSRWLock
CreateEventW
SetEvent
ResetEvent

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWrite
EventUnregister
EventSetInformation
EventProviderEnabled
EventWriteTransfer

api-ms-win-core-synch-l1-2-0

InitOnceComplete
Sleep
InitOnceExecuteOnce
InitOnceBeginInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTime
GetComputerNameExW
GetLocalTime
GetSystemTimeAsFileTime
GetTickCount
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
GetTickCount64
GetSystemInfo
GlobalMemoryStatusEx

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-security-lsapolicy-l1-1-0

LsaQueryInformationPolicy
LsaClose
LsaFreeMemory
LsaOpenPolicy

ntdll

RtlUnsubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlNtStatusToDosError
NtQueryInformationProcess
RtlSubscribeWnfStateChangeNotification
RtlQueryWnfStateData
RtlFreeHeap
WinSqmSetDWORD
RtlPublishWnfStateData
RtlGetDeviceFamilyInfoEnum
NtSetInformationThread
NtQuerySystemInformation
NtQuerySecurityPolicy
RtlIsMultiSessionSku
WinSqmIncrementDWORD
RtlUnsubscribeWnfNotificationWaitForCompletion

api-ms-win-security-base-l1-1-0

MakeAbsoluteSD
InitializeSecurityDescriptor
CheckTokenMembership
SetSecurityDescriptorDacl
IsValidSid
GetLengthSid
CopySid
EqualSid
GetTokenInformation
GetSidSubAuthority
RevertToSelf
ImpersonateLoggedOnUser
FreeSid
ImpersonateSelf
GetSidSubAuthorityCount
CreateRestrictedToken
DuplicateTokenEx
CreateWellKnownSid
AllocateAndInitializeSid

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW

api-ms-win-core-heap-l2-1-0

LocalReAlloc
LocalFree
LocalAlloc
GlobalFree

api-ms-win-core-registry-l1-1-0

RegOpenCurrentUser
RegGetValueW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteTreeW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-core-file-l1-1-0

GetFileAttributesExW
FlushFileBuffers
GetDiskFreeSpaceW
CreateFileW
SetEndOfFile
WriteFile
GetVolumePathNameW
GetDriveTypeW
GetFileType
GetFileSize
ReadFile
FileTimeToLocalFileTime
LocalFileTimeToFileTime
CompareFileTime
GetLogicalDriveStringsW
RemoveDirectoryW
FindClose
DeleteFileW
CreateDirectoryW
GetDiskFreeSpaceExW
GetFinalPathNameByHandleW
FindNextFileW
FindFirstFileW
SetFileInformationByHandle
SetFileAttributesW
GetVolumeInformationW
DeleteFileA
GetFileSizeEx
SetFilePointerEx
GetFileInformationByHandle
GetFileTime
GetTempFileNameW
GetFileAttributesW
SetFilePointer
SetFileTime

crypt32

CryptMemFree
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CryptUnprotectData
CryptProtectData
CryptStringToBinaryW
CryptBinaryToStringW
CryptVerifyTimeStampSignature
CertOpenStore
CertGetCertificateContextProperty
CertVerifyCertificateChainPolicy
CertFindCertificateInStore
CertFreeCertificateChain
CertControlStore
CertGetCertificateChain
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CryptHashPublicKeyInfo
CertCreateCertificateContext
CryptImportPublicKeyInfoEx2

api-ms-win-core-com-l1-1-0

CoWaitForMultipleHandles
CLSIDFromString
CoQueryProxyBlanket
CoSetProxyBlanket
CoCreateInstance
CoSwitchCallContext
CoInitializeEx
IIDFromString
CoCreateFreeThreadedMarshaler
CoDisconnectObject
CoCreateGuid
CoRevertToSelf
CoDisconnectContext
CoRevokeClassObject
CoResumeClassObjects
CoRegisterClassObject
CoImpersonateClient
CoInitializeSecurity
CoTaskMemAlloc
CoUninitialize
CoGetMalloc
CoTaskMemRealloc
PropVariantClear
CoTaskMemFree
StringFromGUID2
CoCancelCall
CoEnableCallCancellation
CoDisableCallCancellation

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer

api-ms-win-core-kernel32-legacy-l1-1-0

DosDateTimeToFileTime
GetSystemPowerStatus
GetComputerNameW

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

oleaut32

VariantChangeType
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
VariantTimeToSystemTime
VarUI4FromStr
SafeArrayDestroy
SafeArrayCreate
SystemTimeToVariantTime
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocStringByteLen
VariantChangeTypeEx
VariantCopyInd
SysStringByteLen
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString
SafeArrayUnlock
SafeArrayGetVartype
SafeArrayLock

rpcrt4

RpcServerInqCallAttributesW
I_RpcBindingInqLocalClientPID
I_RpcBindingInqTransportType
UuidToStringA
RpcStringFreeA
RpcStringFreeW
UuidCreate
UuidToStringW
UuidFromStringW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar
CompareStringW

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
CompareStringA
EnumUILanguagesW
GetSystemDefaultUILanguage

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SystemTimeToFileTime

api-ms-win-core-threadpool-legacy-l1-1-0

ChangeTimerQueueTimer
CreateTimerQueue
DeleteTimerQueueTimer
CreateTimerQueueTimer
DeleteTimerQueueEx

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrToIntW
StrChrW
StrToIntExW
StrRChrW
StrTrimW

api-ms-win-core-sysinfo-l1-2-0

GetSystemFirmwareTable
VerSetConditionMask
GetNativeSystemInfo
GetProductInfo

api-ms-win-power-base-l1-1-0

PowerDeterminePlatformRoleEx
CallNtPowerInformation

bcrypt

BCryptVerifySignature
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptCreateHash
BCryptFinishHash
BCryptDestroyKey
BCryptHashData

winhttp

WinHttpGetDefaultProxyConfiguration
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpReadData
WinHttpQueryOption
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpConnect
WinHttpSetTimeouts
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpOpen
WinHttpCrackUrl
WinHttpCloseHandle
WinHttpCreateUrl

api-ms-win-core-shlwapi-legacy-l1-1-0

PathIsRootW
PathFileExistsW
PathIsRelativeW
PathStripToRootW
PathIsUNCW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-service-management-l1-1-0

OpenSCManagerW
CloseServiceHandle
OpenServiceW

api-ms-win-service-management-l2-1-0

QueryServiceConfig2W
ChangeServiceConfig2W
QueryServiceStatusEx
QueryServiceConfigW
ChangeServiceConfigW

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW
RegEnumKeyW

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-io-l1-1-0

DeviceIoControl

ws2_32

WSAGetLastError
WSAStartup
WSASocketW
WSACleanup
WSAIoctl
closesocket

api-ms-win-power-setting-l1-1-0

PowerSettingRegisterNotification
PowerSettingUnregisterNotification

api-ms-win-eventing-controller-l1-1-0

StartTraceW
ControlTraceW
EnableTraceEx2

api-ms-win-core-file-l1-2-1

GetCompressedFileSizeW

api-ms-win-eventing-consumer-l1-1-0

CloseTrace

api-ms-win-core-memory-l1-1-0

MapViewOfFile
CreateFileMappingW
FlushViewOfFile
UnmapViewOfFile
MapViewOfFileEx

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-file-l1-2-0

GetTempPathW
GetVolumeNameForVolumeMountPointW

api-ms-win-core-processthreads-l1-1-2

SetThreadInformation

api-ms-win-core-version-l1-1-0

VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

api-ms-win-core-datetime-l1-1-1

GetDateFormatEx

api-ms-win-core-url-l1-1-0

UrlEscapeW

umpdc

Pdcv2ActivationClientUnregister
Pdcv2ActivationClientRegister
Pdcv2ActivationClientDeactivate
Pdcv2ActivationClientActivate
Pdcv2ActivationClientRenewActivation

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError
SetRestrictedErrorInfo

api-ms-win-core-sysinfo-l1-2-1

GetPhysicallyInstalledSystemMemory

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllMain
GeneralizeForImaging
WUCreateExpressionEvaluator
WUCreateUpdateHandler
WUServiceMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/yarl/_quoting_c.pyd
.dll windows:6 windows x64 arch:x64

c8aad050a232d2f0641684b8c4d0c78a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

_Py_NoneStruct
PyTuple_New
PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyExc_AttributeError
PyErr_SetString
PyErr_WriteUnraisable
PyObject_GetIter
PyNumber_Add
PyErr_WarnFormat
PyExc_ValueError
PyDict_Next
PyErr_Format
PyTuple_Type
_Py_FalseStruct
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyUnicode_Join
PyExc_OverflowError
_Py_Dealloc
PyImport_GetModuleDict
PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyLong_AsLong
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyList_New
PySlice_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyUnicode_Contains
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyObject_RichCompareBool
PyUnicode_DecodeUTF8Stateful
PyUnicode_Decode
PyBytes_FromString
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyMem_Free
PyExc_StopIteration
PyCMethod_New
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyObject_GetItem
PyUnicode_FromKindAndData
PyModuleDef_Init
PyBytes_FromStringAndSize
PyDict_DelItem
PyUnicode_Compare
PyErr_SetExcInfo
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyExc_NameError
PyTuple_Pack
Py_OptimizeFlag
_PyUnicode_Ready
PyMem_Malloc
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyUnicode_DecodeASCII
PyExc_SystemError
PyExc_AssertionError
PyType_Modified
PyErr_GetExcInfo
PyUnicode_FromString
_PyType_Lookup
PyUnicode_Format
PyObject_Size
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyLong_AsUnsignedLongLong
PyUnicode_FromOrdinal
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyErr_SetNone
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyFrame_New
PyErr_PrintEx
PyErr_WarnEx
PyLong_AsUnsignedLong
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyException_SetTraceback
PyBaseObject_Type

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
InitializeSListHead

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

PyInit__quoting_c

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/zstandard/_cffi.pyd
.dll windows:6 windows x64 arch:x64

a4f663bc77d2671c859ff6226656a2fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python3

_Py_NoneStruct
PyLong_FromUnsignedLongLong
_Py_Dealloc
PyObject_Free
PyObject_CallMethod
PyLong_FromVoidPtr
PyArg_UnpackTuple
PyEval_RestoreThread
PyLong_FromLong
PyEval_SaveThread
PyObject_Malloc
PyLong_FromUnsignedLong
PyErr_Occurred
PyImport_ImportModule

kernel32

IsDebuggerPresent
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
SleepConditionVariableCS
EnterCriticalSection
WakeAllConditionVariable
WakeConditionVariable
LeaveCriticalSection
InitializeCriticalSection
InitializeConditionVariable
WaitForSingleObject
GetLastError
CloseHandle
DeleteCriticalSection
RtlCaptureContext
GetCurrentThreadId

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcmp
memcpy
memmove

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fflush
__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_cexit
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_beginthreadex

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

PyInit__cffi

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup_x86-64_build_4355/zstandard/backend_c.pyd
.dll windows:6 windows x64 arch:x64

0c4c253e719bb538a4188bc610bcddb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyMem_Malloc
PyExc_IndexError
PyExc_ImportError
_Py_TrueStruct
PyList_New
PyUnicode_FromString
PyLong_FromSize_t
PyBuffer_Release
PyEval_RestoreThread
PySet_New
PyObject_GetBuffer
_PyBytes_Resize
_PyArg_ParseTuple_SizeT
PyObject_CheckBuffer
PyModule_AddObject
PyObject_Free
_Py_Dealloc
PyType_IsSubtype
_Py_FalseStruct
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyLong_FromUnsignedLong
PyTuple_Pack
PyErr_SetString
PyList_Size
PySet_Add
PyBuffer_FillInfo
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyBytes_AsStringAndSize
PyBytes_FromString
PyLong_AsUnsignedLongLong
PyLong_FromUnsignedLongLong
PyErr_SetNone
PyLong_FromLong
PyObject_SetAttrString
PyEval_SaveThread
PyLong_FromSsize_t
PyErr_Occurred
PyBytes_AsString
PyImport_ImportModule
PyLong_AsSsize_t
PyType_GenericNew
PyModule_AddIntConstant
PyObject_IsTrue
PyMem_Realloc
PyExc_TypeError
_PyObject_New
PyExc_NotImplementedError
PyType_FromSpec
PyBytes_FromStringAndSize
PyObject_HasAttrString
PyObject_CallObject
PyExc_OSError
PyDict_GetItemString
PyErr_NoMemory
PyList_Type
PyTuple_SetItem
PyExc_StopIteration
PyMem_Free
PyObject_IsInstance
PyList_GetItem
PyDict_New
PyBytes_Size
PyTuple_Size
PyList_Append
PyErr_Clear
_PyObject_CallMethod_SizeT
PyErr_NewException
PyObject_GetAttrString
PyType_Ready
PyExc_ValueError
PyModule_Create2
PyDict_DelItemString
PyExc_BufferError

kernel32

GetCurrentProcess
EnterCriticalSection
WakeAllConditionVariable
WakeConditionVariable
LeaveCriticalSection
InitializeCriticalSection
InitializeConditionVariable
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SleepConditionVariableCS
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DeleteCriticalSection
GetSystemInfo
CloseHandle
GetLastError
WaitForSingleObject

vcruntime140

__std_type_info_destroy_list
memset
memmove
__C_specific_handler
memcpy

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
realloc

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
fflush
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_beginthreadex
_initialize_onexit_table

Exports

Exports

PyInit_backend_c

Sections

.text
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0514bfd9d917637f3cbfcabfc3ccd787

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

ntdll

combase

staterepository.core

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-shlwapi-legacy-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-processenvironment-l1-1-0

rpcrt4

api-ms-win-core-url-l1-1-0

api-ms-win-core-realtime-l1-1-0

api-ms-win-core-io-l1-1-1

api-ms-win-core-synch-l1-2-1

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-quirks-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-core-file-l2-1-2

api-ms-win-core-io-l1-1-0

api-ms-win-core-memory-l1-1-0

api-ms-win-core-errorhandling-l1-1-2

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-psapi-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-kernel32-legacy-l1-1-1

api-ms-win-core-file-l1-2-0

api-ms-win-core-version-l1-1-0

api-ms-win-stateseparation-helpers-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-security-lsalookup-l2-1-0

api-ms-win-core-file-l1-2-2

api-ms-win-core-registry-l1-1-1

api-ms-win-core-wow64-l1-1-1

api-ms-win-core-shlwapi-obsolete-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-windowserrorreporting-l1-1-1

api-ms-win-core-apiquery-l1-1-0

mrmdeploy

mrmcorer

msvcp_win

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 815KB - Virtual size: 814KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 815KB - Virtual size: 814KB

.data
Size: 17KB - Virtual size: 24KB

.pdata
Size: 76KB - Virtual size: 76KB

.didat
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 256KB - Virtual size: 256KB

.reloc
Size: 16KB - Virtual size: 15KB

33:00:00:04:15:82:95:a1:a3:d8:2e:28:57:00:00:00:00:04:15
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

fe:ea:37:7f:48:29:b0:14:ad:63:ae:1c:db:3c:9d:f8:00:35:ab:7b:87:dd:7a:f0:fc:f6:bf:ae:38:eb:70:42
Signer