bin[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bin.zip
Size

17.3MB
MD5

88c75d06cb1ca87c35b3765639800346
SHA1

46cc2f57ea98034d3b390e9c9742128de634cfbc
SHA256

2b1fb30d7f8783414ae6c4062bbb818b233984c1ef6d54410071cb4dea0511c7
SHA512

efaae3f8071ba646a58e5b1865959c5e49be6d91b147184674a8826303ba7a59d05a4f3acb2d09aa4ed739b9410a5e5ab4847e9d69e9fc0da5b35b628d840eb3
SSDEEP

393216:5KoPsbAbZUsrvFBHhDn2tgTeRoP6yxCzk3vfWgwvZMjJ:reY68Wt3Rob4zEj6CjJ

Score

7^/10

themida pyinstaller

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/bin/Vanguard.dll	themida

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/main.exe	pyinstaller

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
unpack001/_internal/_brotli.cp311-win_amd64.pyd
unpack001/_internal/aiohttp/_helpers.cp311-win_amd64.pyd
unpack001/_internal/aiohttp/_http_parser.cp311-win_amd64.pyd
unpack001/_internal/aiohttp/_http_writer.cp311-win_amd64.pyd
unpack001/_internal/aiohttp/_websocket.cp311-win_amd64.pyd
unpack001/_internal/charset_normalizer/md.cp311-win_amd64.pyd
unpack001/_internal/charset_normalizer/md__mypyc.cp311-win_amd64.pyd
unpack001/_internal/dearpygui/_dearpygui.pyd
unpack001/_internal/frozenlist/_frozenlist.cp311-win_amd64.pyd
unpack001/_internal/multidict/_multidict.cp311-win_amd64.pyd
unpack001/_internal/psutil/_psutil_windows.pyd
unpack001/_internal/pywin32_system32/pywintypes311.dll
unpack001/_internal/win32/win32api.pyd
unpack001/_internal/win32/win32clipboard.pyd
unpack001/_internal/win32/win32gui.pyd
unpack001/_internal/win32/win32process.pyd
unpack001/_internal/yarl/_quoting_c.cp311-win_amd64.pyd
unpack001/bin/Vanguard.dll
unpack001/bin/luau.dll
unpack001/main.exe

Files

bin.zip
.zip

Password: infected
_internal/MSVCP140.dll
.dll windows:6 windows x64 arch:x64

Password: infected

118dde577a38119350ab495f68a0326f

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

Actual PE Digest

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0

Digest Algorithm

sha256

PE Digest Matches

true

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

Actual PE Digest

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__current_exception_context
__C_specific_handler
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_endthreadex
_beginthreadex
_set_new_handler
abort
terminate
_cexit
_initialize_onexit_table
_errno
_initterm_e
_initterm

api-ms-win-crt-string-l1-1-0

iswspace
_wcsdup
iswalnum
__strncnt
wcsnlen
wcscpy_s
strcspn
iswdigit
isupper
tolower
isdigit
isspace
islower
iswxdigit
isxdigit
isalnum

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
setlocale
_unlock_locales
___lc_locale_name_func
localeconv
__pctype_func
___mb_cur_max_func
___lc_collate_cp_func
_lock_locales

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fgetc
fseek
_fsopen
_wfsopen
fputs
fgetwc
fputwc
ungetwc
fflush
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
setvbuf
__acrt_iob_func
_get_stream_buffer_pointers
fclose
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wchdir
_unlock_file
_wremove
_wrmdir
_lock_file

api-ms-win-crt-time-l1-1-0

_Wcsftime
_W_Gettnames
_W_Getmonths
_W_Getdays
_Strftime
_Getdays
_Gettnames
_Getmonths

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysign
copysignf
ldexp
_dclass
frexp
_ldclass
log
logf

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

EnterCriticalSection
RaiseException
CompareStringEx
MultiByteToWideChar
GetCPInfo
InitializeSListHead
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
RtlPcToFileHeader
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@G@std@@QEAA@AEBV01@@Z
??0?$_Yarn@G@std@@QEAA@PEBG@Z
??0?$_Yarn@G@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z
??0?$_Yarn@_W@std@@QEAA@PEB_W@Z
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@G@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@G@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Getptr@_Timevec@std@@QEBAPEAXXZ
?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/VCRUNTIME140.dll
.dll windows:6 windows x64 arch:x64

Password: infected

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cd
Signer

Actual PE Digest

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/VCRUNTIME140_1.dll
.dll windows:6 windows x64 arch:x64

Password: infected

bf380ca954cbf10d1a4cef9ec18e46fd

Code Sign

33:00:00:02:54:ca:2b:f3:cb:9d:da:a6:75:00:00:00:00:02:54
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:64:bf:50:2b:89:f2:c5:be:a7:9b:85:01:0a:13:26:74:a1:c4:23:31:89:41:11:45:75:15:9f:1f:ef:f1:63
Signer

Actual PE Digest

6b:64:bf:50:2b:89:f2:c5:be:a7:9b:85:01:0a:13:26:74:a1:c4:23:31:89:41:11:45:75:15:9f:1f:ef:f1:63

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RaiseException
RtlPcToFileHeader
SetLastError
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_asyncio.pyd
.dll windows:6 windows x64 arch:x64

Password: infected

04f465ecd8eff83e2c18078c8c25456e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f2:4a:4b:71:95:d5:d3:ad:e2:6f:aa:04:3d:75:f0:27:bb:2e:3c:ef:52:a0:5b:8b:c8:80:a1:ea:6c:36:d4:dc
Signer

Actual PE Digest

f2:4a:4b:71:95:d5:d3:ad:e2:6f:aa:04:3d:75:f0:27:bb:2e:3c:ef:52:a0:5b:8b:c8:80:a1:ea:6c:36:d4:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_asyncio.pdb

Imports

python311

PyErr_WriteUnraisable
_PyArg_UnpackKeywords
PyIter_Send
PyExc_ValueError
PyErr_Format
PyModule_AddType
_Py_FalseStruct
PyCoro_Type
PyType_IsSubtype
PyErr_Restore
_Py_Dealloc
PyObject_Free
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObject
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyObject_ClearWeakRefs
PyObject_Vectorcall
PyUnicode_FromFormat
PySet_New
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PyType_Ready
PyObject_GetAttrString
PyList_Append
PyObject_RichCompareBool
PyException_SetTraceback
PyObject_GC_UnTrack
PyDict_New
PyUnicode_Type
_PyObject_LookupAttrId
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyObject_VectorcallMethod
PyObject_IsInstance
PyExc_StopIteration
PyContext_CopyCurrent
PyCMethod_New
_PyGen_SetStopIterationValue
_PyRuntime
PyObject_GC_Track
_PyType_Name
_Py_NewReference
_PyObject_New
PyExc_TypeError
PyObject_IsTrue
PyObject_Str
_PyLong_AsInt
PyGen_Type
_PyThreadState_GetDict
_Py_TrueStruct
_PyObject_GC_New
PyTraceBack_Type
_Py_IsFinalizing
PyThreadState_GetID
_PyDict_DelItem_KnownHash
PyUnicode_FromString
PyObject_CallNoArgs
PyLong_FromLong
PyExc_RuntimeError
_PyGen_FetchStopIterationValue
PyList_SetSlice
_PyErr_ChainExceptions
PyObject_GenericGetAttr
PyErr_SetString
PyExc_SystemExit
_PyObject_CallMethodIdObjArgs
PyExc_AttributeError
PySet_Add
PyTuple_New
_Py_NoneStruct
PyExc_KeyboardInterrupt
PyUnicode_FromFormatV
PySet_Contains
_PyDict_SetItemId
Py_BuildValue
PyObject_CallMethod
PyObject_Hash
PyLong_FromSsize_t
PyErr_Occurred
PyObject_SelfIter
PyErr_NormalizeException
PyImport_ImportModule
_PyErr_BadInternalCall
_PyDict_SetItem_KnownHash
PyExc_DeprecationWarning
_PyArg_CheckPositional
PyType_GenericNew
PyErr_WarnEx
_PyObject_SetAttrId
PyErr_GivenExceptionMatches
PyObject_CallOneArg
PyErr_SetObject
PyException_GetTraceback
_PyDict_GetItemIdWithError
Py_GenericAlias

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit__asyncio

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_brotli.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

Password: infected

bedbe186ca4f5f63a23e54fe0a951ca8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

_Py_Dealloc
PyModule_AddObject
PyModule_AddIntConstant
_PyArg_ParseTuple_SizeT
PyLong_AsLong
PyList_New
_Py_FalseStruct
PyType_Ready
PyErr_NewException
PyList_Append
PyBytes_FromStringAndSize
_Py_TrueStruct
PyBuffer_Release
PyEval_RestoreThread
PyModule_Create2
_PyArg_ParseTupleAndKeywords_SizeT
PyModule_AddStringConstant
PyErr_SetString
PyExc_MemoryError
PyEval_SaveThread

kernel32

InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
GetCurrentProcessId

vcruntime140

__std_type_info_destroy_list
memset
memmove
memcpy
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
exit

api-ms-win-crt-math-l1-1-0

log2

Exports

Exports

PyInit__brotli

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_bz2.pyd
.dll windows:6 windows x64 arch:x64

Password: infected

d0a62ab71a2b2ca69c6aba1f0a37fcdd

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57
Signer

Actual PE Digest

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_bz2.pdb

Imports

python311

_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_Realloc
PyType_FromModuleAndSpec
PyBytes_FromStringAndSize
PyModuleDef_Init
PyExc_OSError
PyErr_NoMemory
PyMem_Free
PyThread_free_lock
PyList_Append
PyExc_EOFError
_PyNumber_Index
PyObject_GetBuffer
PyMem_RawFree
PyBuffer_Release
PyThread_release_lock
PyEval_RestoreThread
PyMem_Malloc
_Py_Dealloc
PyList_New
PyModule_AddType
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
_PyArg_BadArgument
PyThread_acquire_lock
_PyArg_NoPositional
PyMem_RawMalloc
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew

vcruntime140

memmove
memcpy
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
exit
_execute_onexit_table
_cexit
_initterm

api-ms-win-crt-heap-l1-1-0

free
malloc

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

PyInit__bz2

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_ctypes.pyd
.dll windows:6 windows x64 arch:x64

Password: infected

de64e4a0e2dbc68a0b413ce8099db5c3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33
Signer

Actual PE Digest

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_ctypes.pdb

Imports

libffi-8

ffi_type_sint8
ffi_type_uint8
ffi_type_float
ffi_type_uint64
ffi_type_uint32
ffi_type_double
ffi_type_uint16
ffi_type_sint32
ffi_call
ffi_type_sint64
ffi_type_void
ffi_prep_cif
ffi_prep_closure
ffi_type_sint16
ffi_type_pointer

ole32

ProgIDFromCLSID

oleaut32

SysStringLen
SysFreeString
GetErrorInfo
SysAllocStringLen

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetSystemInfo
VirtualAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
LoadLibraryExW
FreeLibrary
LocalFree
QueryPerformanceCounter
FormatMessageW
DisableThreadLibraryCalls
GetProcAddress
SetLastError
GetLastError

python311

_PyObject_LookupAttrId
PyExc_ValueError
_Py_CheckRecursiveCall
PyDict_Next
PyErr_Format
PyDict_Type
PyModule_AddType
PyType_IsSubtype
PyExc_OverflowError
_Py_Dealloc
PyLong_AsUnsignedLongMask
PyTuple_GetItem
PySequence_GetSlice
PyDescr_NewGetSet
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObjectRef
PySequence_SetItem
_PyArg_ParseTuple_SizeT
PyObject_CallFunctionObjArgs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySys_Audit
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
_PyDict_GetItemIdWithError
PyObject_GenericSetAttr
PyDict_SetItem
PyDict_New
_PyLong_Sign
PyObject_VectorcallMethod
PyObject_IsInstance
PyMem_Free
PyLong_FromVoidPtr
PyUnicode_AsWideChar
PyErr_NoMemory
_PyRuntime
PyLong_AsVoidPtr
PyObject_CallObject
PyIndex_Check
PyBytes_FromStringAndSize
PyDict_DelItem
PyNumber_AsSsize_t
PyUnicode_New
PyObject_IsSubclass
_PyWeakref_ProxyType
PyExc_TypeError
PyTuple_Pack
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyArg_UnpackTuple
PyUnicode_FromString
PyBuffer_Release
PyType_Type
PySequence_Tuple
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PyErr_WarnEx
PyExc_RuntimeWarning
PyOS_vsnprintf
PyImport_ImportModule
PyObject_GC_UnTrack
PySys_GetObject
PyGILState_Release
PyErr_WriteUnraisable
Py_Initialize
PyObject_GC_Del
PyLong_AsLong
PyObject_Vectorcall
Py_IsInitialized
PyFile_WriteString
PyObject_GC_Track
PyGILState_Ensure
_PyObject_GC_NewVar
PyErr_Print
PyMem_Calloc
PyErr_SetObject
PyObject_CallOneArg
PyErr_SetString
PyCapsule_IsValid
PyBytes_AsString
PyErr_NormalizeException
PyUnicode_AppendAndDel
Py_BuildValue
PyErr_SetFromWindowsErr
PyUnicode_FromFormatV
PyFloat_FromDouble
PyObject_CallFunction
PyTuple_Type
PyObject_Free
PyCapsule_GetPointer
PyErr_Fetch
PyUnicode_AsWideCharString
_PyObject_GetAttrId
PyThreadState_GetDict
PyCapsule_New
PyUnicode_Type
_PyTraceback_Add
_PyUnicode_IsPrintable
PyExc_OSError
_PyObject_New
PyMem_Realloc
PyObject_Str
PyExc_FileNotFoundError
PyObject_Call
PyArg_ParseTuple
PyBool_FromLong
PyLong_FromUnsignedLongLong
PyFloat_AsDouble
PyLong_FromLongLong
PyLong_FromUnsignedLong
PyLong_AsUnsignedLongLongMask
PyFloat_Unpack4
PyFloat_Pack4
PyObject_IsTrue
PyFloat_Pack8
PyByteArray_Type
PyFloat_Unpack8
PyObject_GetAttr
PySequence_Fast
PyTuple_Size
_PyDict_SizeOf
_PyLong_AsInt
_Py_CheckFunctionResult
PyTuple_GetSlice
PyExc_AttributeError
PyMemoryView_FromObject
PyDict_SetItemString
PyTuple_New
_PyDict_ContainsId
_Py_NoneStruct
PyDict_Contains
PyDict_GetItemWithError
_PyDict_SetItemId
_PyErr_WriteUnraisableMsg
PyBuffer_IsContiguous
PyUnicode_Concat
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyWeakref_CallableProxyType
_PyUnicode_EqualToASCIIString
PyLong_FromSsize_t
PyWeakref_NewProxy
PyErr_Occurred
PyDict_Update
PySequence_GetItem
PySlice_Type
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyExc_Exception
PySlice_AdjustIndices
PyDescr_NewClassMethod
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_Size
Py_GenericAlias
PyLong_AsUnsignedLong
PyUnicode_FromWideChar
_PyObject_MakeTpCall

vcruntime140

memcmp
__std_type_info_destroy_list
__C_specific_handler
strchr
memcpy
memset
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

api-ms-win-crt-string-l1-1-0

iswctype

Exports

Exports

DllCanUnloadNow
DllGetClassObject
PyInit__ctypes

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_decimal.pyd
.dll windows:6 windows x64 arch:x64

Password: infected

73c2b50451f272a440f47564c3cbd631

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:3a:ce:ed:17:38:e7:5b:d1:14:02:3e:05:4e:1e:40:41:5f:0d:d0:be:34:e3:90:ab:5f:d6:c1:31:61:e8:2a
Signer

Actual PE Digest

01:3a:ce:ed:17:38:e7:5b:d1:14:02:3e:05:4e:1e:40:41:5f:0d:d0:be:34:e3:90:ab:5f:d6:c1:31:61:e8:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_decimal.pdb

Imports

python311

_PyUnicode_IsWhitespace
PyObject_CallMethod
PyObject_IsInstance
PyMem_Free
PyErr_NoMemory
PyObject_CallObject
PyComplex_Type
_Py_NotImplementedStruct
PyUnicode_Compare
PyArg_ParseTupleAndKeywords
_PyObject_New
PyExc_TypeError
PyMem_Realloc
PyModule_AddStringConstant
PyUnicode_AsUTF8String
PyTuple_Pack
PyObject_HashNotImplemented
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
_Py_TrueStruct
PyUnicode_FromString
PyList_GetItem
PyUnicode_CompareWithASCIIString
PyType_Type
PyArg_ParseTuple
PyContextVar_New
PyFloat_FromString
PyExc_ArithmeticError
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyContextVar_Set
PyObject_CallFunction
PyExc_ZeroDivisionError
PyErr_SetString
PyUnicode_FromWideChar
PyList_Size
PyDict_New
PyDict_SetItem
_Py_HashPointer
PyObject_GenericSetAttr
_PyLong_New
PyTuple_Size
PyList_Append
PyErr_Clear
PyUnicode_New
PyExc_AttributeError
PyErr_NewException
PyObject_GetAttrString
PyType_Ready
_PyUnicode_ToDecimalDigit
PyFloat_FromDouble
PyDict_Size
PyDict_SetItemString
PyModule_Create2
PyList_New
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CallFunctionObjArgs
PyModule_AddObject
PyComplex_AsCComplex
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyLong_Type
PyTuple_New
PyFloat_Type
_Py_FalseStruct
_PyLong_GCD
PyTuple_Type
_Py_NoneStruct
PyFloat_AsDouble
PyComplex_FromDoubles
PyDict_GetItemWithError
Py_BuildValue
PyContextVar_Get
PyLong_FromLong
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
_Py_ascii_whitespace
PyType_GenericNew
PyModule_AddIntConstant
PyBool_FromLong
PyErr_SetObject
PyUnicode_InternFromString
PyObject_IsTrue
PyBaseObject_Type

vcruntime140

strchr
memmove
memcpy
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-convert-l1-1-0

strtoll
mbstowcs

api-ms-win-crt-math-l1-1-0

log10
copysign
ceil
_dclass

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_errno

api-ms-win-crt-string-l1-1-0

tolower
isupper
isdigit

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
free

kernel32

RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
RtlCaptureContext

Exports

Exports

PyInit__decimal

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_hashlib.pyd
.dll windows:6 windows x64 arch:x64

b3b294bbb4a8941fd67b11ccbe0be65b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:c1:14:c7:5a:aa:fa:35:dc:e2:c4:8b:a2:f9:47:6c:22:ee:e9:57:0e:7e:9c:c6:f5:cb:f9:28:30:3e:48:7f
Signer

Actual PE Digest

7e:c1:14:c7:5a:aa:fa:35:dc:e2:c4:8b:a2:f9:47:6c:22:ee:e9:57:0e:7e:9c:c6:f5:cb:f9:28:30:3e:48:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_hashlib.pdb

Imports

libcrypto-1_1

EVP_DigestInit_ex
ERR_func_error_string
HMAC
EVP_MD_CTX_md
HMAC_Update
HMAC_Init_ex
EVP_MD_block_size
EVP_MD_CTX_copy
EVP_MD_CTX_set_flags
EVP_PBE_scrypt
OBJ_nid2ln
ERR_clear_error
EVP_DigestUpdate
EVP_MD_CTX_free
ERR_peek_last_error
HMAC_CTX_free
CRYPTO_memcmp
OBJ_nid2sn
HMAC_Final
ERR_reason_error_string
EVP_MD_size
ERR_lib_error_string
EVP_DigestFinalXOF
FIPS_mode
EVP_DigestFinal
EVP_MD_CTX_new
PKCS5_PBKDF2_HMAC
HMAC_CTX_new
HMAC_CTX_get_md
EVP_MD_flags
EVP_MD_type
HMAC_CTX_copy
EVP_MD_do_all
EVP_get_digestbyname

python311

PyType_FromSpecWithBases
PyErr_Clear
PyDict_SetItem
PyDict_New
PyThread_free_lock
PyMem_Free
PyFrozenSet_New
PyErr_NoMemory
PyDict_GetItem
PyModuleDef_Init
_Py_hashtable_set
PyBytes_FromStringAndSize
PyType_FromSpec
_PyObject_New
PyExc_TypeError
PyObject_IsTrue
_PyUnicode_Ready
PyMem_Malloc
PyModule_GetState
PyUnicode_FromString
_Py_strhex
PyBuffer_Release
_Py_hashtable_get
PyEval_RestoreThread
_Py_hashtable_new_full
PyErr_NewException
PyObject_GetAttrString
PyObject_GetBuffer
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CheckBuffer
PyModule_AddObject
PyModule_AddObjectRef
PyThread_release_lock
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_Py_hashtable_destroy
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
PyDictProxy_New
_PyArg_BadArgument
PySet_Add
PyThread_acquire_lock
_Py_NoneStruct
PyModule_GetDef
PyThread_allocate_lock
_Py_HashBytes
PyBuffer_IsContiguous
PyLong_FromLong
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
PyLong_AsUnsignedLong
_PyNumber_Index
PyBool_FromLong
PyExc_BufferError
PyErr_FormatV
_PyArg_Parse_SizeT
PyUnicode_AsUTF8

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

Exports

Exports

PyInit__hashlib

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_lzma.pyd
.dll windows:6 windows x64 arch:x64

c39c7a021b2adfc11bb34f105f70355e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:08:2c:b3:89:df:f9:d4:12:4f:92:8f:5f:cc:8e:e4:4e:8e:3b:9f:02:f6:b8:46:1c:24:7d:af:59:89:2e:33
Signer

Actual PE Digest

df:08:2c:b3:89:df:f9:d4:12:4f:92:8f:5f:cc:8e:e4:4e:8e:3b:9f:02:f6:b8:46:1c:24:7d:af:59:89:2e:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_lzma.pdb

Imports

python311

PyDict_SetItem
PyDict_New
PyErr_NewExceptionWithDoc
PyThread_free_lock
PyMem_Free
PyErr_NoMemory
PyModuleDef_Init
PyBytes_FromStringAndSize
PyErr_SetString
PyType_FromModuleAndSpec
PyMem_Realloc
PyMapping_Check
_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_RawFree
PyBuffer_Release
PyEval_RestoreThread
_PyArg_BadArgument
PyThread_acquire_lock
PyLong_FromLongLong
PyTuple_New
_Py_NoneStruct
PyMem_RawMalloc
PyType_GetModuleState
PyMapping_GetItemString
PyList_Append
PyErr_Clear
PyExc_EOFError
PyList_New
PyObject_GetBuffer
PyModule_AddObject
PyThread_release_lock
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyMem_Malloc
_PyArg_UnpackKeywords
PyLong_AsUnsignedLongLong
PyThread_allocate_lock
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyEval_SaveThread
PyErr_Occurred
PySequence_GetItem
PyExc_KeyError
_PyArg_CheckPositional
PyLong_AsSsize_t
PyType_GenericNew
PyModule_AddIntConstant
_PyNumber_Index
PyBool_FromLong
PyUnicode_InternFromString
PyMem_Calloc
PyExc_TypeError
PySequence_Size

vcruntime140

memmove
memset
__std_type_info_destroy_list
__C_specific_handler
memcpy
memcmp

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit__lzma

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_multiprocessing.pyd
.dll windows:6 windows x64 arch:x64

ad5e2bc3f4742dadfaf9e74afc91a9f0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ac:b0:ca:76:51:0d:65:f2:0d:22:d6:cb:7e:13:d0:a1:74:0d:ff:56:fd:79:1a:14:c8:4f:d1:d2:71:10:a1:a7
Signer

Actual PE Digest

ac:b0:ca:76:51:0d:65:f2:0d:22:d6:cb:7e:13:d0:a1:74:0d:ff:56:fd:79:1a:14:c8:4f:d1:d2:71:10:a1:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_multiprocessing.pdb

Imports

ws2_32

recv
send
closesocket
WSAGetLastError

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetLastError
ReleaseSemaphore
WaitForMultipleObjectsEx
GetCurrentThreadId
GetLastError
WaitForSingleObjectEx
CloseHandle
ResetEvent
CreateSemaphoreA
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
RtlCaptureContext

python311

_PyLong_AsInt
_Py_TrueStruct
PyExc_AssertionError
_PyOS_IsMainThread
PyMem_Malloc
PyThread_get_thread_ident
PyModuleDef_Init
_PyArg_ParseStack_SizeT
PyExc_OSError
PyErr_NoMemory
PyDict_New
_PyOS_SigintEvent
PyMem_Free
PyBuffer_Release
PyErr_SetExcFromWindowsErr
PyErr_SetFromErrno
_Py_FalseStruct
_PyArg_UnpackKeywords
PyFloat_AsDouble
PyErr_SetFromWindowsErr
PyErr_Occurred
_PyArg_CheckPositional
PyBool_FromLong
PyEval_RestoreThread
PyBytes_FromStringAndSize
_PyBytes_Resize
PyModule_AddObject
_Py_Dealloc
PyModule_AddType
PyErr_Format
PyExc_ValueError
PyErr_SetString
_PyArg_BadArgument
PyDict_SetItemString
_Py_NoneStruct
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyArg_Parse_SizeT
PyExc_OverflowError

vcruntime140

__std_type_info_destroy_list
memcpy
memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_errno
_initterm_e

Exports

Exports

PyInit__multiprocessing

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_overlapped.pyd
.dll windows:6 windows x64 arch:x64

48664681fdde7330197ca0b81cd0888e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f3:cf:aa:91:6a:64:18:5e:67:ef:f4:7e:5c:92:6a:81:10:7d:e7:bd:55:60:e3:a7:90:c2:c9:a0:34:1a:98:d2
Signer

Actual PE Digest

f3:cf:aa:91:6a:64:18:5e:67:ef:f4:7e:5c:92:6a:81:10:7d:e7:bd:55:60:e3:a7:90:c2:c9:a0:34:1a:98:d2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_overlapped.pdb

Imports

ws2_32

closesocket
WSASend
ntohl
WSAIoctl
WSASendTo
WSAConnect
socket
ntohs
WSAStringToAddressW
WSARecv
WSARecvFrom
inet_ntop
htons
bind
WSAGetLastError

kernel32

ResetEvent
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
ReadFile
SetLastError
WriteFile
RegisterWaitForSingleObject
UnregisterWait
GetQueuedCompletionStatus
CreateFileW
PostQueuedCompletionStatus
CreateEventW
FormatMessageW
GetLastError
SetEvent
CloseHandle
CancelIoEx
GetOverlappedResult
UnregisterWaitEx
LocalFree
CreateEventA
CreateIoCompletionPort
ConnectNamedPipe
GetCurrentThreadId

python311

PyErr_SetExcFromWindowsErr
PyBuffer_Release
PyArg_ParseTuple
_PyArg_ParseTupleAndKeywordsFast
PyEval_RestoreThread
_Py_TrueStruct
PyArg_Parse
_Py_Dealloc
PyErr_SetFromErrno
_Py_FalseStruct
PyTuple_Type
PyModule_AddType
PyMem_RawFree
PyType_FromModuleAndSpec
PyObject_Free
_PyObject_New
PyBytes_FromStringAndSize
PyModuleDef_Init
_PyArg_ParseStack
PyExc_ConnectionRefusedError
PyExc_OSError
PyLong_FromVoidPtr
PyUnicode_FromFormat
_PyBytes_Resize
_PyUnicode_WideCharString_Opt_Converter
PyUnicode_FromString
PyModule_GetState
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyErr_WriteUnraisable
PyErr_SetString
_PyArg_BadArgument
PyTuple_New
_Py_NoneStruct
PyMem_RawMalloc
Py_BuildValue
_PyUnicode_AsUnicode
PyExc_RuntimeError
PyEval_SaveThread
PyImport_ImportModule
PyExc_ConnectionAbortedError
PyBool_FromLong
PyModule_AddObject

vcruntime140

__std_type_info_destroy_list
memset
memcpy
__C_specific_handler

api-ms-win-crt-string-l1-1-0

iswctype

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e

Exports

Exports

PyInit__overlapped

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_queue.pyd
.dll windows:6 windows x64 arch:x64

d39104d594ed5774205f94197c63bfbc

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:27:06:b2:36:75:ee:3d:5f:0f:d8:ed:7e:8d:5f:e5:06:c0:c3:19:05:27:8f:03:9e:47:5c:59:c2:c4:58:2c
Signer

Actual PE Digest

e1:27:06:b2:36:75:ee:3d:5f:0f:d8:ed:7e:8d:5f:e5:06:c0:c3:19:05:27:8f:03:9e:47:5c:59:c2:c4:58:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_queue.pdb

Imports

python311

PyThread_release_lock
Py_GenericAlias
_Py_Dealloc
_PyDeadline_Init
PyModule_AddType
PyExc_ValueError
_PyArg_UnpackKeywords
PyThread_acquire_lock_timed
PyObject_IsTrue
PyType_FromModuleAndSpec
PyExc_TypeError
_PyDeadline_Get
PyModule_AddObjectRef
PyType_GetModuleByDef
PyModuleDef_Init
PyThread_free_lock
PyErr_NewExceptionWithDoc
PyList_Append
PyList_New
PyObject_ClearWeakRefs
PyExc_OverflowError
PyErr_SetString
PyType_GetModule
_PyArg_NoPositional
_Py_NoneStruct
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyObject_GC_UnTrack
PyList_SetSlice
PyEval_SaveThread
PyLong_FromSsize_t
PyErr_Occurred
_PyArg_NoKeywords
PyBool_FromLong
_PyTime_FromSecondsObject
Py_MakePendingCalls
_PyTime_AsMicroseconds
PyEval_RestoreThread

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
RtlCaptureContext
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

Exports

Exports

PyInit__queue

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_socket.pyd
.dll .js windows:6 windows x64 arch:x64 polyglot

332065e5d19d708832b034da27e5571a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

66:a4:69:70:95:09:69:c0:2a:34:88:a4:55:8b:7d:15:72:a4:16:da:81:fb:73:68:fd:68:3c:1d:ba:3f:e1:33
Signer

Actual PE Digest

66:a4:69:70:95:09:69:c0:2a:34:88:a4:55:8b:7d:15:72:a4:16:da:81:fb:73:68:fd:68:3c:1d:ba:3f:e1:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_socket.pdb

Imports

ws2_32

accept
WSACleanup
setsockopt
WSAIoctl
closesocket
gethostbyname
select
ntohl
WSADuplicateSocketW
shutdown
listen
WSASetLastError
WSASocketW
inet_pton
getaddrinfo
WSAStartup
getpeername
getnameinfo
inet_addr
getsockname
gethostbyaddr
getprotobyname
getservbyport
send
socket
ntohs
connect
inet_ntoa
getservbyname
recvfrom
recv
getsockopt
htonl
inet_ntop
htons
ioctlsocket
sendto
freeaddrinfo
bind
WSAGetLastError

iphlpapi

ConvertInterfaceLuidToNameW
GetIfTable2Ex
if_nametoindex
if_indextoname
FreeMibTable

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
SetHandleInformation
VerifyVersionInfoA
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
GetLastError
GetComputerNameExW

python311

_PyTime_FromSeconds
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyModule_AddObjectRef
PyCapsule_GetPointer
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyErr_Fetch
PyLong_AsLong
_PyBytes_Resize
PyUnicode_AsUTF8
PyUnicode_FromFormat
PySys_Audit
PyList_New
PyModule_Create2
PyErr_NewException
_PyDict_Pop
PyErr_Clear
PyList_Append
PyTuple_Size
PyUnicode_FSConverter
PyCapsule_New
PyBytes_Size
PyObject_CallFinalizerFromDealloc
PyMem_Free
PyType_GenericAlloc
PyErr_NoMemory
PyExc_OSError
PyErr_CheckSignals
PyBytes_FromStringAndSize
PyByteArray_Size
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
_PyTime_AsTimeval_clamp
_PyLong_AsInt
PyExc_ImportError
_Py_TrueStruct
PyUnicode_FromString
PyErr_SetExcFromWindowsErr
_PyDeadline_Init
PyBuffer_Release
PyByteArray_Type
Py_AtExit
PyType_Type
_PyTime_AsTimeval
PyEval_RestoreThread
PyErr_ResourceWarning
_Py_Dealloc
PyErr_Restore
PyType_IsSubtype
PyErr_SetFromErrno
PyLong_Type
_PyTime_AsSecondsDouble
_Py_FalseStruct
PyModule_AddStringConstant
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WriteUnraisable
PyErr_SetString
PyUnicode_FromWideChar
PyByteArray_AsString
PyUnicode_New
PyFloat_FromDouble
PyExc_TimeoutError
PyLong_FromLongLong
PyLong_AsLongLong
_Py_NoneStruct
PyUnicode_DecodeMBCS
PyErr_SetFromWindowsErr
PyLong_FromLong
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyExc_Warning
PyErr_Occurred
PyBytes_AsString
PyModule_AddIntConstant
PyLong_AsUnsignedLong
_Py_BuildValue_SizeT
PyUnicode_DecodeFSDefault
_PyTime_AsMilliseconds
PyErr_SetObject
_PyTime_FromSecondsObject
PyOS_snprintf
PyUnicode_AsEncodedString
PyExc_OverflowError

vcruntime140

memcpy
memset
__std_type_info_destroy_list
__C_specific_handler
strchr

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_configure_narrow_argv
_errno
_cexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit__socket

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_ssl.pyd
.dll windows:6 windows x64 arch:x64

f5dfcd62c36effcb7c07509271acfce1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:e4:87:b3:fe:a7:82:b7:47:b9:f5:ac:99:68:18:83:fe:d6:6d:ec:32:58:53:f0:39:cb:38:d0:b7:86:fe:f7
Signer

Actual PE Digest

ae:e4:87:b3:fe:a7:82:b7:47:b9:f5:ac:99:68:18:83:fe:d6:6d:ec:32:58:53:f0:39:cb:38:d0:b7:86:fe:f7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_ssl.pdb

Imports

ws2_32

select
WSAGetLastError

crypt32

CertFreeCRLContext
CertOpenStore
CertCloseStore
CertAddStoreToCollection
CertEnumCRLsInStore
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore

libcrypto-1_1

OPENSSL_sk_num
X509_VERIFY_PARAM_set_hostflags
X509_STORE_add_cert
X509_get0_notAfter
DH_free
ERR_get_error
BIO_read
BIO_printf
X509_get_default_cert_file_env
X509_VERIFY_PARAM_set1_ip
OBJ_obj2nid
X509_get_default_cert_dir_env
X509_get_issuer_name
RAND_status
i2t_ASN1_OBJECT
X509_get0_notBefore
PEM_write_bio_X509_AUX
ASN1_STRING_to_UTF8
ERR_reason_error_string
PEM_write_bio_X509
BIO_ctrl
X509_VERIFY_PARAM_set_flags
i2d_X509
BIO_new
OBJ_nid2sn
i2a_ASN1_INTEGER
OBJ_txt2obj
GENERAL_NAME_free
X509_NAME_get_entry
ASN1_OBJECT_free
BIO_up_ref
OpenSSL_version_num
X509_NAME_ENTRY_get_data
a2i_IPADDRESS
BIO_clear_flags
i2d_X509_bio
X509_VERIFY_PARAM_set1_host
PEM_read_bio_X509
OBJ_obj2txt
COMP_get_type
BIO_s_mem
BIO_free_all
BIO_s_file
BIO_ctrl_pending
CRYPTO_free
EC_KEY_free
X509_get_version
OPENSSL_sk_value
X509_verify_cert_error_string
X509_OBJECT_get0_X509
AUTHORITY_INFO_ACCESS_free
X509_NAME_ENTRY_set
X509_VERIFY_PARAM_clear_flags
RAND_bytes
GENERAL_NAME_print
BIO_new_fp
BIO_write
BIO_free
ASN1_STRING_get0_data
CRL_DIST_POINTS_free
X509_NAME_ENTRY_get_object
BIO_puts
BIO_gets
X509_up_ref
OPENSSL_sk_pop_free
OBJ_nid2obj
X509_NAME_print_ex
d2i_X509_bio
X509_subject_name_hash
OpenSSL_version
ASN1_STRING_type
X509_get_serialNumber
X509_get_default_cert_dir
X509_get_default_cert_file
RAND_add
OBJ_nid2ln
ERR_clear_error
X509_free
BIO_new_mem_buf
PEM_read_DHparams
ASN1_STRING_length
X509_get_ext_d2i
X509_OBJECT_get_type
ASN1_OCTET_STRING_free
X509_cmp
X509_STORE_get0_objects
X509_VERIFY_PARAM_get_flags
EC_KEY_new_by_curve_name
ASN1_TIME_print
OBJ_sn2nid
X509_get_subject_name
X509_check_ca
X509_NAME_entry_count
BIO_set_flags
ERR_peek_last_error

libssl-1_1

d2i_SSL_SESSION
SSL_CIPHER_get_auth_nid
SSL_CTX_get0_param
SSL_CIPHER_get_kx_nid
SSL_SESSION_get_time
SSL_set_verify
SSL_CIPHER_get_version
SSL_CTX_get_verify_mode
SSL_CTX_set_cipher_list
SSL_set_post_handshake_auth
SSL_set_accept_state
SSL_CTX_load_verify_locations
SSL_CTX_set_num_tickets
SSL_CTX_use_certificate_chain_file
SSL_CIPHER_get_name
SSL_get_peer_finished
SSL_get0_param
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_check_private_key
SSL_set_SSL_CTX
SSL_session_reused
SSL_shutdown
SSL_read_ex
SSL_get_current_cipher
SSL_get_verify_mode
SSL_is_init_finished
SSL_CTX_set_session_id_context
SSL_CTX_set_msg_callback
SSL_SESSION_get_ticket_lifetime_hint
SSL_CTX_set_verify
SSL_CTX_set_keylog_callback
SSL_get_error
SSL_CTX_get_num_tickets
SSL_set_connect_state
SSL_get1_session
SSL_get_peer_cert_chain
TLSv1_1_method
SSL_CIPHER_get_bits
SSL_CTX_get_security_level
SSL_set_bio
SSL_CTX_get_verify_callback
SSL_SESSION_has_ticket
SSL_SESSION_get_timeout
SSL_ctrl
SSL_CTX_set_default_passwd_cb_userdata
TLSv1_2_method
SSL_CIPHER_get_cipher_nid
SSL_CTX_callback_ctrl
TLS_client_method
SSL_get_verify_result
SSL_CTX_get_options
SSL_CTX_set_post_handshake_auth
SSL_CIPHER_description
SSL_set_read_ahead
SSL_write_ex
SSL_select_next_proto
SSL_CTX_new
SSL_set_fd
SSL_CTX_use_PrivateKey_file
SSL_get_verify_callback
SSL_CIPHER_get_digest_nid
SSL_get_finished
SSL_set_ex_data
SSL_get_ex_data
SSL_get0_verified_chain
SSL_get0_alpn_selected
SSL_CTX_clear_options
SSL_get_version
TLS_server_method
SSL_CTX_ctrl
SSL_CTX_free
SSL_new
SSL_CTX_set_alpn_protos
SSL_CTX_set_default_verify_paths
SSL_CTX_set_alpn_select_cb
SSL_get_peer_certificate
SSL_CTX_set_options
SSL_set_session
SSL_SESSION_free
SSL_CTX_get_cert_store
SSL_get_session
SSL_free
SSL_get_current_compression
TLS_method
SSL_verify_client_post_handshake
SSL_CTX_set_default_passwd_cb
TLSv1_method
SSL_get_servername
SSL_SESSION_get_id
SSL_CIPHER_is_aead
SSL_CTX_get_default_passwd_cb
SSL_get_wbio
SSL_CIPHER_get_id
i2d_SSL_SESSION
SSL_get_shutdown
SSL_get_rbio
SSL_set_msg_callback
SSL_do_handshake
SSL_get_SSL_CTX
SSL_get_ciphers
SSL_pending

kernel32

RtlCaptureContext
GetLastError
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess

python311

PyErr_ExceptionMatches
PyThread_release_lock
PyModule_AddObjectRef
PyModule_AddObject
PyObject_CheckBuffer
_PyArg_ParseTuple_SizeT
PyObject_GC_Del
PyErr_Fetch
PyObject_CallFunctionObjArgs
PyLong_AsLong
_PyBytes_Resize
PyUnicode_FromFormat
PyObject_GetBuffer
PyErr_BadArgument
PySet_New
PyList_New
PyType_FromSpecWithBases
PyList_Append
PyUnicode_Decode
PyUnicode_FSConverter
PyType_GetModuleState
PyDict_SetItem
PyDict_New
PyErr_NewExceptionWithDoc
PyMem_Free
PyFrozenSet_New
PyCapsule_Import
PyErr_NoMemory
PyErr_SetFromErrnoWithFilenameObject
PyExc_OSError
PyObject_CallObject
PyErr_CheckSignals
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
_Py_NotImplementedStruct
PyGILState_Ensure
PyType_GetModuleByDef
PyUnicode_FromEncodedObject
_PyDeadline_Get
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
PyObject_Str
PyUnicode_AsUTF8String
PyTuple_Pack
_PyByteArray_empty_string
PyCallable_Check
PyMem_Malloc
PyList_AsTuple
_PyTime_AsTimeval_clamp
PyExc_UnicodeEncodeError
_PyLong_AsInt
_Py_TrueStruct
PyModule_GetState
_PyObject_GC_New
PyList_SetItem
_Py_fopen_obj
PyUnicode_FromString
PyLong_FromSize_t
_PyDeadline_Init
PyBuffer_Release
PyObject_CallNoArgs
PyByteArray_Type
PyEval_RestoreThread
PyUnicode_FromStringAndSize
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyErr_SetFromErrno
PyFloat_Type
_Py_FalseStruct
PyModule_AddStringConstant
PyModule_AddType
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WarnFormat
PyUnicode_AsASCIIString
PyErr_WriteUnraisable
PyErr_SetString
PyList_Size
_PyArg_BadArgument
PyExc_AttributeError
PySet_Add
PyWeakref_GetObject
PyBuffer_FillInfo
PyExc_TimeoutError
PyThread_acquire_lock
PyDict_SetItemString
PyType_GetModule
_PyArg_NoPositional
PyTuple_New
_Py_NoneStruct
PyGILState_Release
PyBytes_FromString
PyFloat_AsDouble
PyThread_allocate_lock
PyDict_GetItemWithError
PyExc_MemoryError
PyBuffer_IsContiguous
PyObject_GC_UnTrack
PyLong_FromLong
PyExc_RuntimeError
_PyErr_ChainExceptions
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyBytes_AsString
_PyErr_BadInternalCall
PyExc_DeprecationWarning
_PyArg_CheckPositional
_PyArg_NoKeywords
PyExc_RuntimeWarning
PyErr_WarnEx
PyModule_AddIntConstant
_PyObject_CallFunction_SizeT
PyList_Insert
_Py_BuildValue_SizeT
PyUnicode_DecodeFSDefault
PyBool_FromLong
PyErr_SetObject
PyWeakref_NewRef
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_List
_PyArg_Parse_SizeT
PyErr_SetFromWindowsErr

vcruntime140

strchr
memcpy
memcmp
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

_close
_setmode
__stdio_common_vfprintf
fseek
fgets
clearerr
fflush
__acrt_iob_func
fopen
ferror
ftell
__stdio_common_vsprintf
_open
fclose
_fileno
fwrite
_lseek
feof
fread
_write
_read

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_cexit
_errno
_execute_onexit_table

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

OPENSSL_Applink
PyInit__ssl

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/_uuid.pyd
.dll windows:6 windows x64 arch:x64

368b62645c11988f8173cf8bdd0fea25

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:f8:01:a9:3f:55:75:17:4a:14:92:d8:bb:97:6e:b4:ea:f1:24:1e:8b:20:b5:fa:c7:36:e4:ff:67:cc:d5:f4
Signer

Actual PE Digest

de:f8:01:a9:3f:55:75:17:4a:14:92:d8:bb:97:6e:b4:ea:f1:24:1e:8b:20:b5:fa:c7:36:e4:ff:67:cc:d5:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_uuid.pdb

Imports

rpcrt4

UuidCreateSequential

python311

PyModuleDef_Init
PyErr_SetFromWindowsErr
PyEval_SaveThread
PyModule_AddIntConstant
_Py_BuildValue_SizeT
PyEval_RestoreThread

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

Exports

Exports

PyInit__uuid

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/aiohttp/_helpers.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

8a6c993130c92800c410eda1a7de6037

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyGC_Disable
PyExc_AttributeError
PyTuple_GetSlice
PyErr_SetString
PyErr_WarnFormat
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyExc_OverflowError
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyObject_GC_Del
PyLong_AsLong
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
Py_Version
PyVectorcall_Function
PyList_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyObject_RichCompareBool
PyTuple_New
PyException_SetTraceback
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyMem_Free
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyObject_GetItem
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyExc_NotImplementedError
PyDict_DelItem
PyUnicode_Compare
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
_PyObject_GC_New
PyType_Modified
PyUnicode_FromString
_PyType_Lookup
PyUnicode_Format
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
_Py_NoneStruct
PyModule_GetName
PyObject_GetAttr
PyInterpreterState_GetID
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyException_GetTraceback
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyGC_Enable
PyUnicode_Decode
PyBaseObject_Type

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
strrchr
__std_type_info_destroy_list
memset
memcpy
memcmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__helpers

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/aiohttp/_http_parser.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

8e0bd8611dca4fcb60a3e7ecef993738

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyLong_AsUnsignedLongLong
PyBytes_FromString
PyRun_StringFlags
PyBytes_AsStringAndSize
_Py_NoneStruct
PyTuple_New
PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyGC_Disable
PyExc_AttributeError
PyTuple_GetSlice
PyByteArray_AsString
PyNumber_Multiply
PyErr_SetString
PyErr_WriteUnraisable
PyObject_GetIter
PyNumber_Add
PyErr_WarnFormat
PyIter_Send
PyExc_ValueError
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyCoro_Type
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyUnicode_Join
PyExc_OverflowError
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyCapsule_GetPointer
PyObject_GC_Del
PyErr_Fetch
PyLong_AsLong
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Init
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
Py_Version
PyUnicode_Find
PyVectorcall_Function
PyList_New
PySlice_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyDict_Contains
PyObject_RichCompareBool
PyUnicode_Decode
PyTuple_Size
PyException_SetTraceback
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyMem_Free
PyExc_StopIteration
PyCMethod_New
_PyGen_SetStopIterationValue
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyUnicode_DecodeLatin1
PyObject_GetItem
PyUnicode_FromKindAndData
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyByteArray_Size
_PyStack_AsDict
PyDict_DelItem
PyUnicode_Compare
PyExc_StopAsyncIteration
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyObject_Str
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
PyGen_Type
_Py_TrueStruct
PyArg_UnpackTuple
PyUnicode_DecodeASCII
PyExc_SystemError
_PyUnicode_FastCopyCharacters
_PyObject_GC_New
PyType_Modified
PyAsyncGen_Type
PyTraceBack_Type
PyMethodDescr_Type
PyExc_GeneratorExit
PyUnicode_FromString
PyLong_FromSize_t
_PyType_Lookup
PyUnicode_Format
PyObject_Size
PyBuffer_Release
PyObject_Call
PyObject_Repr
PyByteArray_Type
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyModule_GetName
PyObject_GetAttr
PyInterpreterState_GetID
PyDict_GetItemWithError
PyErr_SetNone
PyExc_UnboundLocalError
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyObject_SelfIter
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyExc_KeyError
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyThreadState_GetFrame
PyExc_RuntimeWarning
PyErr_WarnEx
PyUnicode_Resize
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyException_GetTraceback
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyGC_Enable
PyBaseObject_Type
PyBytes_Type
PyByteArray_Resize

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
strrchr
memset
__std_type_info_destroy_list
__C_specific_handler
memcmp

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initterm
_initialize_onexit_table
_execute_onexit_table
_cexit
_initialize_narrow_environment

Exports

Exports

PyInit__http_parser
llhttp_errno_name
llhttp_execute
llhttp_finish
llhttp_get_errno
llhttp_get_error_pos
llhttp_get_error_reason
llhttp_get_http_major
llhttp_get_http_minor
llhttp_get_method
llhttp_get_status_code
llhttp_get_type
llhttp_get_upgrade
llhttp_init
llhttp_message_needs_eof
llhttp_method_name
llhttp_pause
llhttp_reset
llhttp_resume
llhttp_resume_after_upgrade
llhttp_set_error_reason
llhttp_set_lenient_chunked_length
llhttp_set_lenient_data_after_close
llhttp_set_lenient_headers
llhttp_set_lenient_keep_alive
llhttp_set_lenient_optional_cr_before_lf
llhttp_set_lenient_optional_crlf_after_chunk
llhttp_set_lenient_optional_lf_after_cr
llhttp_set_lenient_spaces_after_chunk_size
llhttp_set_lenient_transfer_encoding
llhttp_set_lenient_version
llhttp_settings_init
llhttp_should_keep_alive
llhttp_status_name

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/aiohttp/_http_writer.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

ed2056a2d56817e430a85e944ca14edf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyErr_Format
PyDict_Type
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyModule_NewObject
PyMethod_Type
PyErr_Restore
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyObject_GC_Del
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
Py_Version
PyVectorcall_Function
PyList_New
PyImport_AddModule
PyType_Ready
PyUnicode_Contains
PyObject_GetAttrString
PyErr_Clear
PyUnicode_Decode
PyException_SetTraceback
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_Next
PyDict_New
PyUnicode_Type
_PyDict_GetItem_KnownHash
PyMem_Free
PyExc_StopIteration
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyUnicode_Compare
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyObject_Str
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
_PyObject_GC_New
PyUnicode_FromString
_PyType_Lookup
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyExc_ValueError
PyObject_GetIter
PyIter_Next
PyErr_SetString
PyTuple_GetSlice
PyExc_AttributeError
PyDict_Size
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyModule_GetName
PyObject_GetAttr
PyInterpreterState_GetID
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyObject_SetAttrString
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyException_GetTraceback
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyDict_SetItem
PyBaseObject_Type

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
strrchr
__std_type_info_destroy_list
memset
memcpy
memcmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__http_writer

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/aiohttp/_websocket.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

e6a0c51f708f0ac5c84d953137e3feb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyModule_NewObject
PyType_IsSubtype
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyObject_GC_Del
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
Py_Version
PyVectorcall_Function
PyList_New
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyBytes_Type
PyUnicode_Decode
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
_PyDict_GetItem_KnownHash
_Py_FalseStruct
PyErr_NoMemory
PyDict_GetItemString
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyUnicode_Compare
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyExc_NameError
PyTuple_Pack
Py_OptimizeFlag
_PyUnicode_Ready
PyMem_Malloc
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
_PyObject_GC_New
PyUnicode_FromString
PyObject_Size
PyObject_Call
PyByteArray_Type
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
PyObject_RichCompare
PyErr_Format
PyDict_Next
PyExc_ValueError
PyErr_SetString
PyByteArray_AsString
PyTuple_GetSlice
PyExc_AttributeError
PyDict_Size
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyObject_GetAttr
PyInterpreterState_GetID
PyObject_Hash
PyObject_GC_UnTrack
PyObject_SetAttrString
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyErr_Occurred
PyImport_ImportModuleLevelObject
PyBytes_AsString
PyImport_ImportModule
Py_LeaveRecursiveCall
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyMem_Free
PyBaseObject_Type

kernel32

GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
DisableThreadLibraryCalls
IsDebuggerPresent

vcruntime140

strrchr
__C_specific_handler
memset
memcpy
__std_type_info_destroy_list
memcmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__websocket

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-console-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:90:a1:7c:7e:0e:cb:e4:68:ac:c5:a6:6f:c9:0f:c0:f9:be:22:a3:6d:af:0b:c8:65:08:07:cc:19:f6:33:ca
Signer

Actual PE Digest

0d:90:a1:7c:7e:0e:cb:e4:68:ac:c5:a6:6f:c9:0f:c0:f9:be:22:a3:6d:af:0b:c8:65:08:07:cc:19:f6:33:ca

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

Exports

AllocConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-datetime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:bd:8f:eb:55:2d:c4:95:e3:f0:93:45:d3:e3:25:4c:3a:52:b7:46:3b:d1:1a:c3:5a:b7:ba:7b:c4:0d:cc:ef
Signer

Actual PE Digest

df:bd:8f:eb:55:2d:c4:95:e3:f0:93:45:d3:e3:25:4c:3a:52:b7:46:3b:d1:1a:c3:5a:b7:ba:7b:c4:0d:cc:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

Exports

GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW

Sections

.rdata
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-debug-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:05:e3:e5:78:ed:ad:2a:9a:cb:f9:1c:18:90:3e:b0:d3:9a:c6:79:76:14:36:46:3c:24:73:a5:d5:04:df:f2
Signer

Actual PE Digest

4c:05:e3:e5:78:ed:ad:2a:9a:cb:f9:1c:18:90:3e:b0:d3:9a:c6:79:76:14:36:46:3c:24:73:a5:d5:04:df:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

Exports

DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW

Sections

.rdata
Size: 4KB - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-errorhandling-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:d0:a2:6b:10:3c:0c:21:0b:f3:56:57:40:c5:d0:22:3b:45:13:8e:97:40:98:f8:14:cf:f9:fa:da:9f:2b:7a
Signer

Actual PE Digest

6f:d0:a2:6b:10:3c:0c:21:0b:f3:56:57:40:c5:d0:22:3b:45:13:8e:97:40:98:f8:14:cf:f9:fa:da:9f:2b:7a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

Exports

GetErrorMode
GetLastError
RaiseException
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Sections

.rdata
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-file-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:9e:27:58:1e:67:02:e7:f5:cf:f3:48:95:72:03:a1:30:dc:05:05:f1:15:4a:ae:a0:1c:a5:23:29:92:98:fb
Signer

Actual PE Digest

88:9e:27:58:1e:67:02:e7:f5:cf:f3:48:95:72:03:a1:30:dc:05:05:f1:15:4a:ae:a0:1c:a5:23:29:92:98:fb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-1-0.pdb

Exports

Exports

CompareFileTime
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DefineDosDeviceW
DeleteFileA
DeleteFileW
DeleteVolumeMountPointW
FileTimeToLocalFileTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleA
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameA
GetLongPathNameW
GetShortPathNameW
GetTempFileNameW
GetVolumeInformationByHandleW
GetVolumeInformationW
GetVolumePathNameW
LocalFileTimeToFileTime
LockFile
LockFileEx
QueryDosDeviceW
ReadFile
ReadFileEx
ReadFileScatter
RemoveDirectoryA
RemoveDirectoryW
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
WriteFileGather

Sections

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-file-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:49:a6:c4:70:71:59:17:09:2c:74:fc:4f:7a:f7:e4:fd:e4:fa:ef:bf:d8:bd:7e:25:31:da:a2:2a:38:45:2d
Signer

Actual PE Digest

cb:49:a6:c4:70:71:59:17:09:2c:74:fc:4f:7a:f7:e4:fd:e4:fa:ef:bf:d8:bd:7e:25:31:da:a2:2a:38:45:2d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-2-0.pdb

Exports

Exports

CreateFile2
GetTempPathW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW

Sections

.rdata
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-file-l2-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:c2:a0:09:c5:37:76:e9:f6:cd:00:00:00:00:00:c2
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=Thales TSS ESN:C3B0-0F6A-4111,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/09/2017, 18:07

Not After

12/09/2018, 18:07

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f2:f2:14:69:e5:7b:f1:7b:c0:b7:5f:f3:3e:7a:29:4f:26:99:a5:67:88:5b:0e:b7:23:32:64:05:08:04:7a:27
Signer

Actual PE Digest

f2:f2:14:69:e5:7b:f1:7b:c0:b7:5f:f3:3e:7a:29:4f:26:99:a5:67:88:5b:0e:b7:23:32:64:05:08:04:7a:27

Digest Algorithm

sha256

PE Digest Matches

true

88:a0:11:a8:1d:0a:9f:26:6a:71:2e:af:50:f6:b7:7f:66:70:fb:e0
Signer

Actual PE Digest

88:a0:11:a8:1d:0a:9f:26:6a:71:2e:af:50:f6:b7:7f:66:70:fb:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l2-1-0.pdb

Exports

Exports

CopyFile2
CopyFileExW
CreateDirectoryExW
CreateHardLinkW
CreateSymbolicLinkW
GetFileInformationByHandleEx
MoveFileExW
MoveFileWithProgressW
ReOpenFile
ReadDirectoryChangesW
ReplaceFileW

Sections

.rdata
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-handle-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:53:79:53:be:2b:89:d9:df:06:23:c7:3c:07:05:1b:5e:f2:69:04:55:ef:6e:39:3e:ac:a2:71:07:f2:e9:7f
Signer

Actual PE Digest

ea:53:79:53:be:2b:89:d9:df:06:23:c7:3c:07:05:1b:5e:f2:69:04:55:ef:6e:39:3e:ac:a2:71:07:f2:e9:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

Exports

CloseHandle
CompareObjectHandles
DuplicateHandle
GetHandleInformation
SetHandleInformation

Sections

.rdata
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-heap-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:42:c3:6e:21:b0:6f:3b:79:20:1a:2b:f3:c2:f7:8c:12:c8:cb:4e:d7:50:48:e0:aa:cd:be:d4:9c:0e:14:77
Signer

Actual PE Digest

77:42:c3:6e:21:b0:6f:3b:79:20:1a:2b:f3:c2:f7:8c:12:c8:cb:4e:d7:50:48:e0:aa:cd:be:d4:9c:0e:14:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-heap-l1-1-0.pdb

Exports

Exports

GetProcessHeap
GetProcessHeaps
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
HeapSummary
HeapUnlock
HeapValidate
HeapWalk

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-interlocked-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fa:fe:df:66:25:6e:b6:11:96:5e:76:41:a0:7c:8b:a9:14:1e:6d:e6:08:a2:79:10:e7:6e:ee:19:9e:9e:1e:c2
Signer

Actual PE Digest

fa:fe:df:66:25:6e:b6:11:96:5e:76:41:a0:7c:8b:a9:14:1e:6d:e6:08:a2:79:10:e7:6e:ee:19:9e:9e:1e:c2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-interlocked-l1-1-0.pdb

Exports

Exports

InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedPushListSList
QueryDepthSList

Sections

.rdata
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-libraryloader-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:b8:00:00:9f:f2:b1:39:64:36:ee:68:de:a6:e9:d9:f2:f8:54:db:ad:ce:1e:09:b9:29:6e:77:4c:52:09:be
Signer

Actual PE Digest

b1:b8:00:00:9f:f2:b1:39:64:36:ee:68:de:a6:e9:d9:f2:f8:54:db:ad:ce:1e:09:b9:29:6e:77:4c:52:09:be

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-l1-1-0.pdb

Exports

Exports

AddDllDirectory
DisableThreadLibraryCalls
FindResourceExW
FindStringOrdinal
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
LoadLibraryExA
LoadLibraryExW
LoadResource
LoadStringA
LoadStringW
LockResource
RemoveDllDirectory
SetDefaultDllDirectories
SizeofResource

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-localization-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:4b:f4:c0:2f:67:eb:76:80:1a:7d:5c:c8:6d:83:3b:ec:92:6d:89:4b:a2:30:60:71:71:28:9f:74:07:76:ba
Signer

Actual PE Digest

f6:4b:f4:c0:2f:67:eb:76:80:1a:7d:5c:c8:6d:83:3b:ec:92:6d:89:4b:a2:30:60:71:71:28:9f:74:07:76:ba

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-localization-l1-2-0.pdb

Exports

Exports

ConvertDefaultLocale
EnumSystemGeoID
EnumSystemLocalesA
EnumSystemLocalesW
FindNLSString
FindNLSStringEx
FormatMessageA
FormatMessageW
GetACP
GetCPInfo
GetCPInfoExW
GetCalendarInfoEx
GetCalendarInfoW
GetFileMUIInfo
GetFileMUIPath
GetGeoInfoW
GetLocaleInfoA
GetLocaleInfoEx
GetLocaleInfoW
GetNLSVersion
GetNLSVersionEx
GetOEMCP
GetProcessPreferredUILanguages
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemPreferredUILanguages
GetThreadLocale
GetThreadPreferredUILanguages
GetThreadUILanguage
GetUILanguageInfo
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetUserGeoID
GetUserPreferredUILanguages
IdnToAscii
IdnToUnicode
IsDBCSLeadByte
IsDBCSLeadByteEx
IsNLSDefinedString
IsValidCodePage
IsValidLanguageGroup
IsValidLocale
IsValidLocaleName
IsValidNLSVersion
LCMapStringA
LCMapStringEx
LCMapStringW
LocaleNameToLCID
ResolveLocaleName
SetCalendarInfoW
SetLocaleInfoW
SetProcessPreferredUILanguages
SetThreadLocale
SetThreadPreferredUILanguages
SetThreadUILanguage
SetUserGeoID
VerLanguageNameA
VerLanguageNameW

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-memory-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:20:dc:ff:6d:10:e7:88:27:5b:24:54:45:c3:80:96:a9:f8:75:d0:75:ec:b8:27:ef:ef:8e:2b:10:fe:e6:f6
Signer

Actual PE Digest

d4:20:dc:ff:6d:10:e7:88:27:5b:24:54:45:c3:80:96:a9:f8:75:d0:75:ec:b8:27:ef:ef:8e:2b:10:fe:e6:f6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-memory-l1-1-0.pdb

Exports

Exports

CreateFileMappingW
FlushViewOfFile
MapViewOfFile
MapViewOfFileEx
OpenFileMappingW
ReadProcessMemory
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WriteProcessMemory

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-namedpipe-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:96:b3:9c:2f:f1:e1:d8:25:d2:2a:aa:73:9e:aa:40:79:6c:a1:46:12:61:eb:71:88:a4:33:00:80:5f:b3:41
Signer

Actual PE Digest

6e:96:b3:9c:2f:f1:e1:d8:25:d2:2a:aa:73:9e:aa:40:79:6c:a1:46:12:61:eb:71:88:a4:33:00:80:5f:b3:41

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-namedpipe-l1-1-0.pdb

Exports

Exports

ConnectNamedPipe
CreateNamedPipeW
CreatePipe
DisconnectNamedPipe
GetNamedPipeClientComputerNameW
ImpersonateNamedPipeClient
PeekNamedPipe
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-processenvironment-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:08:5e:39:ae:cf:c0:7a:93:0a:96:df:80:25:e6:a3:28:66:3b:2f:5e:7c:7b:11:e8:00:5a:be:8f:06:71:97
Signer

Actual PE Digest

6e:08:5e:39:ae:cf:c0:7a:93:0a:96:df:80:25:e6:a3:28:66:3b:2f:5e:7c:7b:11:e8:00:5a:be:8f:06:71:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processenvironment-l1-1-0.pdb

Exports

Exports

ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStdHandle
SearchPathW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetStdHandleEx

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-processthreads-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:ab:22:1e:54:10:f4:31:b9:56:00:7b:59:7f:6f:67:22:5b:99:0f:b5:f5:f5:6f:e7:5a:79:cf:1b:e6:89:3b
Signer

Actual PE Digest

88:ab:22:1e:54:10:f4:31:b9:56:00:7b:59:7f:6f:67:22:5b:99:0f:b5:f5:f5:6f:e7:5a:79:cf:1b:e6:89:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-0.pdb

Exports

Exports

CreateProcessA
CreateProcessAsUserW
CreateProcessW
CreateRemoteThread
CreateRemoteThreadEx
CreateThread
DeleteProcThreadAttributeList
ExitProcess
ExitThread
FlushProcessWriteBuffers
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetPriorityClass
GetProcessId
GetProcessIdOfThread
GetProcessTimes
GetProcessVersion
GetStartupInfoW
GetThreadId
GetThreadPriority
GetThreadPriorityBoost
InitializeProcThreadAttributeList
OpenProcessToken
OpenThread
OpenThreadToken
ProcessIdToSessionId
QueryProcessAffinityUpdateMode
QueueUserAPC
ResumeThread
SetPriorityClass
SetProcessAffinityUpdateMode
SetProcessShutdownParameters
SetThreadPriority
SetThreadPriorityBoost
SetThreadStackGuarantee
SetThreadToken
SuspendThread
SwitchToThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UpdateProcThreadAttribute

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-processthreads-l1-1-1.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:6b:66:ec:c7:33:79:c4:33:f5:bd:db:68:bd:d8:a6:d8:1d:9e:9b:ba:1f:33:39:f5:c3:57:80:02:a0:7c:ae
Signer

Actual PE Digest

71:6b:66:ec:c7:33:79:c4:33:f5:bd:db:68:bd:d8:a6:d8:1d:9e:9b:ba:1f:33:39:f5:c3:57:80:02:a0:7c:ae

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-1.pdb

Exports

Exports

FlushInstructionCache
GetCurrentProcessorNumber
GetCurrentProcessorNumberEx
GetCurrentThreadStackLimits
GetProcessHandleCount
GetProcessMitigationPolicy
GetThreadContext
GetThreadIdealProcessorEx
GetThreadTimes
IsProcessorFeaturePresent
OpenProcess
SetProcessMitigationPolicy
SetThreadContext
SetThreadIdealProcessorEx

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-profile-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:14:66:67:ae:f1:a3:92:ba:c4:e6:24:63:4d:0b:0d:b2:0f:1c:9b:e2:ea:9d:96:be:4a:71:f6:60:b9:09:17
Signer

Actual PE Digest

a3:14:66:67:ae:f1:a3:92:ba:c4:e6:24:63:4d:0b:0d:b2:0f:1c:9b:e2:ea:9d:96:be:4a:71:f6:60:b9:09:17

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-profile-l1-1-0.pdb

Exports

Exports

QueryPerformanceCounter
QueryPerformanceFrequency

Sections

.rdata
Size: 4KB - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-rtlsupport-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f1:52:1f:b6:18:40:eb:11:65:99:a5:61:04:0a:a5:8c:73:f9:78:9f:c4:a7:9c:5f:90:67:36:33:15:f7:49:4c
Signer

Actual PE Digest

f1:52:1f:b6:18:40:eb:11:65:99:a5:61:04:0a:a5:8c:73:f9:78:9f:c4:a7:9c:5f:90:67:36:33:15:f7:49:4c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-rtlsupport-l1-1-0.pdb

Exports

Exports

RtlAddFunctionTable
RtlCaptureContext
RtlCaptureStackBackTrace
RtlCompareMemory
RtlDeleteFunctionTable
RtlInstallFunctionTableCallback
RtlIsEcCode
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlRaiseException
RtlRestoreContext
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-string-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:a0:15:6d:e5:e7:fd:cb:18:03:37:6a:bf:e9:35:07:f0:4a:03:fc:b0:b2:c8:cb:66:9a:78:17:df:4e:b7:82
Signer

Actual PE Digest

96:a0:15:6d:e5:e7:fd:cb:18:03:37:6a:bf:e9:35:07:f0:4a:03:fc:b0:b2:c8:cb:66:9a:78:17:df:4e:b7:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

Exports

CompareStringEx
CompareStringOrdinal
CompareStringW
FoldStringW
GetStringTypeExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

Sections

.rdata
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-synch-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:83:01:43:31:83:bf:da:b6:ea:71:27:eb:25:17:dd:cb:a9:3f:f6:88:5e:6a:dd:c3:25:50:8c:d4:b5:9f:d0
Signer

Actual PE Digest

c3:83:01:43:31:83:bf:da:b6:ea:71:27:eb:25:17:dd:cb:a9:3f:f6:88:5e:6a:dd:c3:25:50:8c:d4:b5:9f:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
CancelWaitableTimer
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateSemaphoreExW
CreateWaitableTimerExW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
LeaveCriticalSection
OpenEventA
OpenEventW
OpenMutexW
OpenSemaphoreW
OpenWaitableTimerW
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
SetCriticalSectionSpinCount
SetEvent
SetWaitableTimer
SetWaitableTimerEx
SleepEx
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx

Sections

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-synch-l1-2-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:43:e8:36:dc:88:48:b7:1b:65:be:23:0d:34:5b:d4:b5:34:c7:c3:2e:ff:13:01:c2:cc:a1:88:a1:f8:cf:74
Signer

Actual PE Digest

bf:43:e8:36:dc:88:48:b7:1b:65:be:23:0d:34:5b:d4:b5:34:c7:c3:2e:ff:13:01:c2:cc:a1:88:a1:f8:cf:74

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-2-0.pdb

Exports

Exports

DeleteSynchronizationBarrier
EnterSynchronizationBarrier
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitOnceInitialize
InitializeConditionVariable
InitializeSynchronizationBarrier
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
WaitOnAddress
WakeAllConditionVariable
WakeByAddressAll
WakeByAddressSingle
WakeConditionVariable

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-sysinfo-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8e:e4:80:14:d6:d2:47:e8:26:4a:81:2b:ec:94:17:b3:9a:5b:ac:55:46:4b:1a:35:54:e6:6d:ae:ce:43:30:8d
Signer

Actual PE Digest

8e:e4:80:14:d6:d2:47:e8:26:4a:81:2b:ec:94:17:b3:9a:5b:ac:55:46:4b:1a:35:54:e6:6d:ae:ce:43:30:8d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-sysinfo-l1-1-0.pdb

Exports

Exports

GetComputerNameExA
GetComputerNameExW
GetDeveloperDriveEnablementState
GetLocalTime
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetTickCount
GetTickCount64
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalMemoryStatusEx
SetLocalTime

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-timezone-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:5f:da:11:99:ca:80:d8:0a:ac:d5:85:4a:6c:c7:84:f1:31:01:b0:5c:b3:8b:33:5a:81:83:16:33:9b:f0:63
Signer

Actual PE Digest

13:5f:da:11:99:ca:80:d8:0a:ac:d5:85:4a:6c:c7:84:f1:31:01:b0:5c:b3:8b:33:5a:81:83:16:33:9b:f0:63

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-timezone-l1-1-0.pdb

Exports

Exports

EnumDynamicTimeZoneInformation
FileTimeToSystemTime
GetDynamicTimeZoneInformation
GetDynamicTimeZoneInformationEffectiveYears
GetTimeZoneInformation
GetTimeZoneInformationForYear
SetDynamicTimeZoneInformation
SetTimeZoneInformation
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
SystemTimeToTzSpecificLocalTimeEx
TzSpecificLocalTimeToSystemTime
TzSpecificLocalTimeToSystemTimeEx

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-core-util-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:24:3d:b5:10:38:b0:96:06:c9:41:b6:c6:f0:a9:02:13:29:26:35:61:dc:fc:8c:c5:41:d8:69:5b:d5:b7:a7
Signer

Actual PE Digest

e1:24:3d:b5:10:38:b0:96:06:c9:41:b6:c6:f0:a9:02:13:29:26:35:61:dc:fc:8c:c5:41:d8:69:5b:d5:b7:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-util-l1-1-0.pdb

Exports

Exports

Beep
DecodePointer
DecodeSystemPointer
EncodePointer
EncodeSystemPointer

Sections

.rdata
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-conio-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:a2:52:cf:a7:a0:e1:2e:d0:7b:45:54:e9:d9:30:8e:47:b3:35:1b:d4:3f:06:b6:d5:92:9c:9e:68:09:1b:61
Signer

Actual PE Digest

6f:a2:52:cf:a7:a0:e1:2e:d0:7b:45:54:e9:d9:30:8e:47:b3:35:1b:d4:3f:06:b6:d5:92:9c:9e:68:09:1b:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-conio-l1-1-0.pdb

Exports

Exports

__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
_cgets
_cgets_s
_cgetws
_cgetws_s
_cputs
_cputws
_getch
_getch_nolock
_getche
_getche_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_putch
_putch_nolock
_putwch
_putwch_nolock
_ungetch
_ungetch_nolock
_ungetwch
_ungetwch_nolock

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-convert-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:70:40:b7:7a:c5:8d:74:03:10:86:f5:00:18:9a:83:6f:aa:92:6f:e2:72:56:70:e6:32:49:ee:b8:e3:19:11
Signer

Actual PE Digest

d8:70:40:b7:7a:c5:8d:74:03:10:86:f5:00:18:9a:83:6f:aa:92:6f:e2:72:56:70:e6:32:49:ee:b8:e3:19:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

Exports

__toascii
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_ecvt
_ecvt_s
_fcvt
_fcvt_s
_gcvt
_gcvt_s
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_itoa
_itoa_s
_itow
_itow_s
_ltoa
_ltoa_s
_ltow
_ltow_s
_strtod_l
_strtof_l
_strtoi64
_strtoi64_l
_strtoimax_l
_strtol_l
_strtold_l
_strtoll_l
_strtoui64
_strtoui64_l
_strtoul_l
_strtoull_l
_strtoumax_l
_ui64toa
_ui64toa_s
_ui64tow
_ui64tow_s
_ultoa
_ultoa_s
_ultow
_ultow_s
_wcstod_l
_wcstof_l
_wcstoi64
_wcstoi64_l
_wcstoimax_l
_wcstol_l
_wcstold_l
_wcstoll_l
_wcstombs_l
_wcstombs_s_l
_wcstoui64
_wcstoui64_l
_wcstoul_l
_wcstoull_l
_wcstoumax_l
_wctomb_l
_wctomb_s_l
_wtof
_wtof_l
_wtoi
_wtoi64
_wtoi64_l
_wtoi_l
_wtol
_wtol_l
_wtoll
_wtoll_l
atof
atoi
atol
atoll
btowc
c16rtomb
c32rtomb
mbrtoc16
mbrtoc32
mbrtowc
mbsrtowcs
mbsrtowcs_s
mbstowcs
mbstowcs_s
mbtowc
strtod
strtof
strtoimax
strtol
strtold
strtoll
strtoul
strtoull
strtoumax
wcrtomb
wcrtomb_s
wcsrtombs
wcsrtombs_s
wcstod
wcstof
wcstoimax
wcstol
wcstold
wcstoll
wcstombs
wcstombs_s
wcstoul
wcstoull
wcstoumax
wctob
wctomb
wctomb_s
wctrans

Sections

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-environment-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:66:ba:fe:c3:a3:df:60:5d:e0:25:40:8d:fb:e8:c2:66:db:61:44:94:78:51:03:a1:17:b5:98:2e:37:ae:4d
Signer

Actual PE Digest

39:66:ba:fe:c3:a3:df:60:5d:e0:25:40:8d:fb:e8:c2:66:db:61:44:94:78:51:03:a1:17:b5:98:2e:37:ae:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

Exports

__p__environ
__p__wenviron
_dupenv_s
_putenv
_putenv_s
_searchenv
_searchenv_s
_wdupenv_s
_wgetcwd
_wgetdcwd
_wgetenv
_wgetenv_s
_wputenv
_wputenv_s
_wsearchenv
_wsearchenv_s
getenv
getenv_s

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-filesystem-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:16:ea:a6:2f:d5:91:42:24:1e:07:19:c3:85:5c:90:14:0f:66:ff:28:7a:b6:8e:4b:8e:63:d2:b7:b4:8c:58
Signer

Actual PE Digest

bf:16:ea:a6:2f:d5:91:42:24:1e:07:19:c3:85:5c:90:14:0f:66:ff:28:7a:b6:8e:4b:8e:63:d2:b7:b4:8c:58

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-filesystem-l1-1-0.pdb

Exports

Exports

_access
_access_s
_chdir
_chdrive
_chmod
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_fullpath
_getdiskfree
_getdrive
_getdrives
_lock_file
_makepath
_makepath_s
_mkdir
_rmdir
_splitpath
_splitpath_s
_stat32
_stat32i64
_stat64
_stat64i32
_umask
_umask_s
_unlink
_unlock_file
_waccess
_waccess_s
_wchdir
_wchmod
_wfindfirst32
_wfindfirst32i64
_wfindfirst64
_wfindfirst64i32
_wfindnext32
_wfindnext32i64
_wfindnext64
_wfindnext64i32
_wfullpath
_wmakepath
_wmakepath_s
_wmkdir
_wremove
_wrename
_wrmdir
_wsplitpath
_wsplitpath_s
_wstat32
_wstat32i64
_wstat64
_wstat64i32
_wunlink
remove
rename

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-heap-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:d1:62:fe:45:6b:52:16:08:bf:dd:9e:ed:11:9d:84:cc:20:8e:ae:60:9d:2d:c3:e5:5c:61:3a:71:c0:98:84
Signer

Actual PE Digest

b2:d1:62:fe:45:6b:52:16:08:bf:dd:9e:ed:11:9d:84:cc:20:8e:ae:60:9d:2d:c3:e5:5c:61:3a:71:c0:98:84

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

Exports

_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_callnewh
_calloc_base
_expand
_free_base
_get_heap_handle
_heapchk
_heapmin
_heapwalk
_malloc_base
_msize
_query_new_handler
_query_new_mode
_realloc_base
_recalloc
_set_new_mode
calloc
free
malloc
realloc

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-locale-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:77:fb:fb:5a:e2:c3:d3:b1:3a:5a:18:65:5f:16:21:6a:e9:17:5b:15:0c:bd:b2:f1:50:28:d9:42:48:d2:e3
Signer

Actual PE Digest

75:77:fb:fb:5a:e2:c3:d3:b1:3a:5a:18:65:5f:16:21:6a:e9:17:5b:15:0c:bd:b2:f1:50:28:d9:42:48:d2:e3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-locale-l1-1-0.pdb

Exports

Exports

___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__initialize_lconv_for_unsigned_char
__pctype_func
__pwctype_func
_configthreadlocale
_create_locale
_free_locale
_get_current_locale
_getmbcp
_lock_locales
_setmbcp
_unlock_locales
_wcreate_locale
_wsetlocale
localeconv
setlocale

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-math-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:d9:13:ae:c4:81:ea:cd:0c:e6:92:80:91:52:25:d3:7d:cb:65:88:d6:c3:7e:8e:71:2d:5c:f6:d2:6f:73:50
Signer

Actual PE Digest

35:d9:13:ae:c4:81:ea:cd:0c:e6:92:80:91:52:25:d3:7d:cb:65:88:d6:c3:7e:8e:71:2d:5c:f6:d2:6f:73:50

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-math-l1-1-0.pdb

Exports

Exports

_Cbuild
_Cmulcc
_Cmulcr
_FCbuild
_FCmulcc
_FCmulcr
_LCbuild
_LCmulcc
_LCmulcr
__setusermatherr
_cabs
_chgsign
_chgsignf
_copysign
_copysignf
_d_int
_dclass
_dexp
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_except1
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_finite
_finitef
_fpclass
_fpclassf
_get_FMA3_enable
_hypot
_hypotf
_isnan
_isnanf
_j0
_j1
_jn
_ld_int
_ldclass
_ldexp
_ldlog
_ldpcomp
_ldpoly
_ldscale
_ldsign
_ldsin
_ldtest
_ldunscale
_logb
_logbf
_nextafter
_nextafterf
_scalb
_scalbf
_set_FMA3_enable
_y0
_y1
_yn
acos
acosf
acosh
acoshf
acoshl
asin
asinf
asinh
asinhf
asinhl
atan
atan2
atan2f
atanf
atanh
atanhf
atanhl
cabs
cabsf
cabsl
cacos
cacosf
cacosh
cacoshf
cacoshl
cacosl
carg
cargf
cargl
casin
casinf
casinh
casinhf
casinhl
casinl
catan
catanf
catanh
catanhf
catanhl
catanl
cbrt
cbrtf
cbrtl
ccos
ccosf
ccosh
ccoshf
ccoshl
ccosl
ceil
ceilf
cexp
cexpf
cexpl
cimag
cimagf
cimagl
clog
clog10
clog10f
clog10l
clogf
clogl
conj
conjf
conjl
copysign
copysignf
copysignl
cos
cosf
cosh
coshf
cpow
cpowf
cpowl
cproj
cprojf
cprojl
creal
crealf
creall
csin
csinf
csinh
csinhf
csinhl
csinl
csqrt
csqrtf
csqrtl
ctan
ctanf
ctanh
ctanhf
ctanhl
ctanl
erf
erfc
erfcf
erfcl
erff
erfl
exp
exp2
exp2f
exp2l
expf
expm1
expm1f
expm1l
fabs
fdim
fdimf
fdiml
floor
floorf
fma
fmaf
fmal
fmax
fmaxf
fmaxl
fmin
fminf
fminl
fmod
fmodf
frexp
hypot
ilogb
ilogbf
ilogbl
ldexp
lgamma
lgammaf
lgammal
llrint
llrintf
llrintl
llround
llroundf
llroundl
log
log10
log10f
log1p
log1pf
log1pl
log2
log2f
log2l
logb
logbf
logbl
logf
lrint
lrintf
lrintl
lround
lroundf
lroundl
modf
modff
nan
nanf
nanl
nearbyint
nearbyintf
nearbyintl
nextafter
nextafterf
nextafterl
nexttoward
nexttowardf
nexttowardl
norm
normf
norml
pow
powf
remainder
remainderf
remainderl
remquo
remquof
remquol
rint
rintf
rintl
round
roundf
roundl
scalbln
scalblnf
scalblnl
scalbn
scalbnf
scalbnl
sin
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
tanhf
tgamma
tgammaf
tgammal
trunc
truncf
truncl

Sections

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-process-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:43:cf:4c:78:c8:d1:43:6f:39:44:68:36:0d:36:28:96:ad:c0:52:bb:f8:f3:a2:2d:e9:f9:1a:98:f5:90:c4
Signer

Actual PE Digest

83:43:cf:4c:78:c8:d1:43:6f:39:44:68:36:0d:36:28:96:ad:c0:52:bb:f8:f3:a2:2d:e9:f9:1a:98:f5:90:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

Exports

_beep
_cwait
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_loaddll
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_unloaddll
_wexecl
_wexecle
_wexeclp
_wexeclpe
_wexecv
_wexecve
_wexecvp
_wexecvpe
_wspawnl
_wspawnle
_wspawnlp
_wspawnlpe
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-runtime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:a8:23:00:40:c4:fe:aa:85:e8:7d:e6:6f:6c:96:7f:54:2a:37:82:77:55:7c:63:50:8c:81:2e:93:15:af:5f
Signer

Actual PE Digest

ee:a8:23:00:40:c4:fe:aa:85:e8:7d:e6:6f:6c:96:7f:54:2a:37:82:77:55:7c:63:50:8c:81:2e:93:15:af:5f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

Exports

_Exit
__doserrno
__fpe_flt_rounds
__fpecode
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__pgmptr
__p__wcmdln
__p__wpgmptr
__pxcptinfoptrs
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__wcserror
__wcserror_s
_assert
_beginthread
_beginthreadex
_c_exit
_cexit
_clearfp
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_crt_at_quick_exit
_crt_atexit
_endthread
_endthreadex
_errno
_execute_onexit_table
_exit
_fpieee_flt
_fpreset
_get_doserrno
_get_errno
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_pgmptr
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_wide_winmain_command_line
_get_wpgmptr
_getdllprocaddr
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_query_app_type
_register_onexit_function
_register_thread_local_exe_atexit_callback
_resetstkoflw
_seh_filter_dll
_seh_filter_exe
_set_abort_behavior
_set_app_type
_set_controlfp
_set_doserrno
_set_errno
_set_error_mode
_set_invalid_parameter_handler
_set_new_handler
_set_thread_local_invalid_parameter_handler
_seterrormode
_sleep
_statusfp
_strerror
_strerror_s
_wassert
_wcserror
_wcserror_s
_wperror
_wsystem
abort
exit
feclearexcept
fegetenv
fegetexceptflag
fegetround
feholdexcept
fesetenv
fesetexceptflag
fesetround
fetestexcept
perror
quick_exit
raise
set_terminate
signal
strerror
strerror_s
system
terminate

Sections

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-stdio-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

66:d6:97:10:8b:66:27:53:f6:ed:8c:66:4b:3a:62:55:17:c3:98:50:e7:6f:5a:a7:fe:45:a0:7d:c3:33:ba:0c
Signer

Actual PE Digest

66:d6:97:10:8b:66:27:53:f6:ed:8c:66:4b:3a:62:55:17:c3:98:50:e7:6f:5a:a7:fe:45:a0:7d:c3:33:ba:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

Exports

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_chsize
_chsize_s
_close
_commit
_creat
_dup
_dup2
_eof
_fclose_nolock
_fcloseall
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_flushall
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_ftell_nolock
_ftelli64
_ftelli64_nolock
_fwrite_nolock
_get_fmode
_get_osfhandle
_get_printf_count_output
_get_stream_buffer_pointers
_getc_nolock
_getcwd
_getdcwd
_getmaxstdio
_getw
_getwc_nolock
_getws
_getws_s
_isatty
_kbhit
_locking
_lseek
_lseeki64
_mktemp
_mktemp_s
_open
_open_osfhandle
_pclose
_pipe
_popen
_putc_nolock
_putw
_putwc_nolock
_putws
_read
_rmtmp
_set_fmode
_set_printf_count_output
_setmaxstdio
_setmode
_sopen
_sopen_dispatch
_sopen_s
_tell
_telli64
_tempnam
_ungetc_nolock
_ungetwc_nolock
_wcreat
_wfdopen
_wfopen
_wfopen_s
_wfreopen
_wfreopen_s
_wfsopen
_wmktemp
_wmktemp_s
_wopen
_wpopen
_write
_wsopen
_wsopen_dispatch
_wsopen_s
_wtempnam
_wtmpnam
_wtmpnam_s
clearerr
clearerr_s
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetwc
fgetws
fopen
fopen_s
fputc
fputs
fputwc
fputws
fread
fread_s
freopen
freopen_s
fseek
fsetpos
ftell
fwrite
getc
getchar
gets
gets_s
getwc
getwchar
putc
putchar
puts
putwc
putwchar
rewind
setbuf
setvbuf
tmpfile
tmpfile_s
tmpnam
tmpnam_s
ungetc
ungetwc

Sections

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-string-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:1f:8c:c7:d2:6f:f1:ad:e9:39:3a:68:2d:f3:b7:56:1d:ec:19:16:c5:6d:02:ab:35:4e:77:27:0d:49:46:27
Signer

Actual PE Digest

45:1f:8c:c7:d2:6f:f1:ad:e9:39:3a:68:2d:f3:b7:56:1d:ec:19:16:c5:6d:02:ab:35:4e:77:27:0d:49:46:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

Exports

__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__strncnt
__wcsncnt
_isalnum_l
_isalpha_l
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_memccpy
_memicmp
_memicmp_l
_strcoll_l
_strdup
_stricmp
_stricmp_l
_stricoll
_stricoll_l
_strlwr
_strlwr_l
_strlwr_s
_strlwr_s_l
_strncoll
_strncoll_l
_strnicmp
_strnicmp_l
_strnicoll
_strnicoll_l
_strnset
_strnset_s
_strrev
_strset
_strset_s
_strupr
_strupr_l
_strupr_s
_strupr_s_l
_strxfrm_l
_tolower
_tolower_l
_toupper
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsdup
_wcsicmp
_wcsicmp_l
_wcsicoll
_wcsicoll_l
_wcslwr
_wcslwr_l
_wcslwr_s
_wcslwr_s_l
_wcsncoll
_wcsncoll_l
_wcsnicmp
_wcsnicmp_l
_wcsnicoll
_wcsnicoll_l
_wcsnset
_wcsnset_s
_wcsrev
_wcsset
_wcsset_s
_wcsupr
_wcsupr_l
_wcsupr_s
_wcsupr_s_l
_wcsxfrm_l
_wctype
is_wctype
isalnum
isalpha
isblank
iscntrl
isdigit
isgraph
isleadbyte
islower
isprint
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswblank
iswcntrl
iswctype
iswdigit
iswgraph
iswlower
iswprint
iswpunct
iswspace
iswupper
iswxdigit
isxdigit
mblen
mbrlen
memcpy_s
memmove_s
memset
strcat
strcat_s
strcmp
strcoll
strcpy
strcpy_s
strcspn
strlen
strncat
strncat_s
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
strtok
strtok_s
strxfrm
tolower
toupper
towctrans
towlower
towupper
wcscat
wcscat_s
wcscmp
wcscoll
wcscpy
wcscpy_s
wcscspn
wcslen
wcsncat
wcsncat_s
wcsncmp
wcsncpy
wcsncpy_s
wcsnlen
wcspbrk
wcsspn
wcstok
wcstok_s
wcsxfrm
wctype
wmemcpy_s
wmemmove_s

Sections

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-time-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:57:cf:90:dd:c7:d1:c0:88:8c:00:00:00:00:05:57
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:8d:ff:f2:0b:78:4d:71:bc:1d:98:b8:fb:d5:4f:f0:13:d4:e8:1a:51:19:08:b3:1d:bc:96:6c:76:1e:68:e6
Signer

Actual PE Digest

85:8d:ff:f2:0b:78:4d:71:bc:1d:98:b8:fb:d5:4f:f0:13:d4:e8:1a:51:19:08:b3:1d:bc:96:6c:76:1e:68:e6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

Exports

_Getdays
_Getmonths
_Gettnames
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__daylight
__dstbias
__timezone
__tzname
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_difftime32
_difftime64
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_futime32
_futime64
_get_daylight
_get_dstbias
_get_timezone
_get_tzname
_getsystime
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_localtime32
_localtime32_s
_localtime64
_localtime64_s
_mkgmtime32
_mkgmtime64
_mktime32
_mktime64
_setsystime
_strdate
_strdate_s
_strftime_l
_strtime
_strtime_s
_time32
_time64
_timespec32_get
_timespec64_get
_tzset
_utime32
_utime64
_wasctime
_wasctime_s
_wcsftime_l
_wctime32
_wctime32_s
_wctime64
_wctime64_s
_wstrdate
_wstrdate_s
_wstrtime
_wstrtime_s
_wutime32
_wutime64
asctime
asctime_s
clock
strftime
wcsftime

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/api-ms-win-crt-utility-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:56:c9:20:2b:1f:74:32:5d:2d:00:00:00:00:05:56
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:89:af:b9:bd:00:b8:5b:24:e5:f2:0d:86:8f:0b:8e:c3:ef:44:ce:c0:61:ce:af:22:8a:4e:8f:5a:f2:cc:43
Signer

Actual PE Digest

a3:89:af:b9:bd:00:b8:5b:24:e5:f2:0d:86:8f:0b:8e:c3:ef:44:ce:c0:61:ce:af:22:8a:4e:8f:5a:f2:cc:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

Exports

_abs64
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_lfind
_lfind_s
_lrotl
_lrotr
_lsearch
_lsearch_s
_rotl
_rotl64
_rotr
_rotr64
_swab
abs
bsearch
bsearch_s
div
imaxabs
imaxdiv
labs
ldiv
llabs
lldiv
qsort
qsort_s
rand
rand_s
srand

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/attrs-23.2.0.dist-info/INSTALLER
_internal/attrs-23.2.0.dist-info/METADATA
_internal/attrs-23.2.0.dist-info/RECORD
_internal/attrs-23.2.0.dist-info/WHEEL
_internal/attrs-23.2.0.dist-info/licenses/LICENSE
_internal/base_library.zip
.zip
_internal/certifi/cacert.pem
_internal/charset_normalizer/md.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

f8c0f377107b03e523f21dcf227dcf24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyCapsule_Import
_Py_Dealloc
PyImport_ImportModule

kernel32

TerminateProcess
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls

vcruntime140

memset
memcpy
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_execute_onexit_table

Exports

Exports

PyInit___init__
PyInit_md

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/charset_normalizer/md__mypyc.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

feb2f48749cb30e4f1a2a48b5a94a37c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyTuple_New
PyLong_FromString
PySequence_Contains
PyFloat_FromDouble
PySet_Add
PyExc_AttributeError
PyTuple_GetSlice
PyUnicode_New
PyUnicode_Split
PyNumber_Multiply
PyErr_SetString
PyExc_ZeroDivisionError
_PyObject_LookupAttrId
PyNumber_Add
_PyTrash_end
PyUnicode_InternInPlace
PyDict_Next
PyErr_Format
PyDict_Type
PyObject_RichCompare
PyBool_Type
PyTuple_Type
_Py_FalseStruct
PyFloat_Type
PyUnicode_Append
PyType_IsSubtype
PyNumber_Subtract
PyErr_Restore
PyExc_OverflowError
_Py_Dealloc
_PyTrash_cond
PyModule_GetDict
PyErr_ExceptionMatches
PyErr_Fetch
PyObject_Vectorcall
PyObject_Not
PyUnicode_FromFormat
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PySlice_New
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
_Py_NoneStruct
PyCapsule_New
PySet_Type
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_VectorcallMethod
PyObject_IsInstance
PyType_GenericAlloc
PyFrozenSet_New
PyObject_GetItem
PyBytes_FromStringAndSize
PyImport_Import
_PyType_CalculateMetaclass
PyUnicode_Compare
PyExc_TypeError
PyObject_IsTrue
PyObject_Str
PyTuple_Pack
_PyUnicode_Ready
PyList_AsTuple
PyExc_IndexError
_Py_TrueStruct
_PyTrash_begin
PyExc_SystemError
_PyUnicode_FastCopyCharacters
PyObject_SetItem
_PyDict_GetItemStringWithError
PyNumber_TrueDivide
PyErr_SetImportError
PyUnicode_FromString
_PyUnicode_EQ
PyObject_CallNoArgs
PyUnicode_CompareWithASCIIString
PyType_Type
PyUnicode_Substring
PyUnicode_FromStringAndSize
PyFloat_AsDouble
PyObject_GetAttr
PySet_Contains
PyComplex_FromDoubles
PyDict_GetItemWithError
PyUnicode_Concat
PyObject_GC_UnTrack
PyObject_SetAttrString
_PyObject_FastCall
PyList_SetSlice
_PyErr_ChainExceptions
PyTraceBack_Here
PyNumber_Remainder
_PyUnicode_EqualToASCIIString
PySuper_Type
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModuleLevelObject
PyExc_KeyError
PyFrame_New
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyObject_SetAttr
PyBaseObject_Type
PyObject_RichCompareBool
PyModule_GetFilenameObject

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcpy
strchr
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

api-ms-win-crt-stdio-l1-1-0

fflush
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit_md__mypyc

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/dearpygui/VCRUNTIME140_1.dll
.dll windows:6 windows x64 arch:x64

ae0bde6314fa2027b54ce04898f6ab69

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:39

Not After

03/03/2021, 18:39

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:26:6c:8a:69:26:9c:3c:31:b4:45:35:e7:5d:0b:b0:59:db:91:be:98:d4:d1:ab:d7:35:51:59:f1:d2:36:d6
Signer

Actual PE Digest

e1:26:6c:8a:69:26:9c:3c:31:b4:45:35:e7:5d:0b:b0:59:db:91:be:98:d4:d1:ab:d7:35:51:59:f1:d2:36:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a01\_work\6\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
EncodePointer
RaiseException
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
SetLastError
TlsAlloc

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/dearpygui/_dearpygui.pyd
.dll windows:6 windows x64 arch:x64

e94a443c66b9269e09faa40149cb8dc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

d3d11

D3D11CreateDeviceAndSwapChain

dxgi

CreateDXGIFactory

dwmapi

DwmGetWindowAttribute

python311

PyErr_SetString
PyExc_Exception
PyMethod_Type
PyFloat_Type
PyBool_Type
PyRun_SimpleStringFlags
PyObject_CallObject
_PyArg_VaParseTupleAndKeywords_SizeT
PyErr_Format
PyGILState_Release
PyGILState_Ensure
PyDict_Keys
PyList_GetItem
PyList_Size
PyTuple_Size
PyFloat_AsDouble
PyNumber_Check
PyLong_AsUnsignedLongLong
PyLong_AsLong
PyUnicode_AsUTF8
PyUnicode_FromString
PyCallable_Check
PyObject_Str
PyType_IsSubtype
PyBuffer_Release
PyErr_Print
PyObject_CheckBuffer
_Py_NoneStruct
PyEval_RestoreThread
PyEval_SaveThread
PyModule_Create2
PyModule_AddIntConstant
PyModule_AddObject
_Py_BuildValue_SizeT
PyArg_ValidateKeywordArguments
PyErr_NewException
PyDict_SetItemString
PyDict_GetItemString
PyDict_SetItem
PyDict_New
PyList_SetItem
PyList_New
PyTuple_SetItem
PyTuple_GetItem
PyTuple_New
PyFloat_FromDouble
PyLong_FromLong
_PyObject_New
PyObject_Init
_Py_Dealloc
PyType_Ready
PyObject_Free
PyType_GenericNew
PyErr_Occurred
PyObject_GetAttrString
PyExc_ValueError
Py_BuildValue
PyArg_ParseTupleAndKeywords
PyObject_GetBuffer
PyArg_ParseTuple
PyBool_FromLong

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetFileInformationByHandleEx
CloseHandle
GetCurrentProcessId
IsProcessorFeaturePresent
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
CreateDirectoryW
FormatMessageA
LocalFree
InitOnceComplete
InitOnceBeginInitialize
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
IsDebuggerPresent
DisableThreadLibraryCalls
InitializeSListHead
AreFileApisANSI
VerifyVersionInfoW
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
VerSetConditionMask
GetModuleHandleA
MultiByteToWideChar
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
GetFullPathNameW
GetLogicalDriveStringsA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
WideCharToMultiByte
OutputDebugStringW

user32

EnumDisplayMonitors
GetMonitorInfoA
MonitorFromWindow
LoadCursorA
SetWindowLongW
SetWindowLongA
GetWindowLongW
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
SetWindowTextW
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
SetFocus
BringWindowToTop
IsIconic
SetLayeredWindowAttributes
IsChild
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
LoadImageA
GetWindow
SetWindowLongPtrA
AdjustWindowRect
GetWindowRect
GetClientRect
SetWindowTextA
EndPaint
BeginPaint
UpdateWindow
GetSystemMetrics
KillTimer
SetTimer
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
CreateWindowExA
RegisterClassExA
PostQuitMessage
DefWindowProcA
WaitMessage
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
GetKeyboardLayout

gdi32

GetDeviceCaps

msvcp140

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Winerror_map@std@@YAHH@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Query_perf_counter
_Query_perf_frequency
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?_Xbad_function_call@std@@YAXXZ
_Xtime_get_ticks
_Thrd_sleep
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
_Cnd_signal
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
?_Syserror_map@std@@YAPEBDH@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

d3dcompiler_47

D3DCompile

vcruntime140

__intrinsic_setjmp
__current_exception_context
__current_exception
__C_specific_handler
longjmp
strrchr
strchr
strstr
memchr
__std_type_info_destroy_list
memset
__std_terminate
_purecall
memcmp
memmove
memcpy
__std_exception_copy
__std_exception_destroy
_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_crt_atexit
_configure_narrow_argv
_cexit
_seh_filter_dll
abort
terminate
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initterm
_initialize_narrow_environment
_initterm_e
_initialize_onexit_table

api-ms-win-crt-math-l1-1-0

atan2f
log
ceilf
frexp
ldexp
sqrtf
sinf
cosf
exp
tanf
atan
logf
sqrt
round
log2
cbrt
pow
log10
ceil
powf
fmodf
floorf
floor
sin
cos
atanf
acosf

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
realloc

api-ms-win-crt-convert-l1-1-0

mbstowcs
atof
wcstombs
strtol

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vsscanf
fgetc
__stdio_common_vsprintf
fwrite
ftell
fseek
fread
feof
__stdio_common_vfprintf
fclose
fopen_s
fgetpos
fputc
fsetpos
__stdio_common_vsprintf_s
_fseeki64
_get_stream_buffer_pointers
ungetc
setvbuf
_wfopen
__acrt_iob_func
fflush

api-ms-win-crt-string-l1-1-0

strncmp
toupper
strcmp
strncpy
_stricmp
tolower

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file
_stat64i32

api-ms-win-crt-time-l1-1-0

_mkgmtime64
_localtime64_s
_mktime64
strftime
_time64
_gmtime64_s
_localtime64

api-ms-win-crt-utility-l1-1-0

rand
srand
qsort

api-ms-win-crt-locale-l1-1-0

setlocale
___lc_codepage_func

Exports

Exports

IGFD_ClearExtentionInfos
IGFD_CloseDialog
IGFD_Create
IGFD_Destroy
IGFD_DisplayDialog
IGFD_GetCurrentFileName
IGFD_GetCurrentFilter
IGFD_GetCurrentPath
IGFD_GetExtentionInfos
IGFD_GetFilePathName
IGFD_GetSelection
IGFD_GetUserDatas
IGFD_IsKeyOpened
IGFD_IsOk
IGFD_IsOpened
IGFD_OpenDialog
IGFD_OpenDialog2
IGFD_OpenModal
IGFD_OpenModal2
IGFD_OpenPaneDialog
IGFD_OpenPaneDialog2
IGFD_OpenPaneModal
IGFD_OpenPaneModal2
IGFD_Selection_DestroyContent
IGFD_Selection_Get
IGFD_Selection_Pair_DestroyContent
IGFD_Selection_Pair_Get
IGFD_SetExtentionInfos
IGFD_SetExtentionInfos2
IGFD_WasKeyOpenedThisFrame
IGFD_WasOpenedThisFrame
PyInit__dearpygui
SetLocales

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/frozenlist/_frozenlist.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

6e5f989956fe9e73b13776cbcb8e910a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyDict_SetItemString
PyDict_Size
PyGC_Disable
PyExc_AttributeError
PyTuple_GetSlice
PyErr_SetString
PyErr_WarnFormat
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyNumber_InPlaceAdd
PyFloat_Type
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyExc_OverflowError
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyCapsule_GetPointer
PyObject_GC_Del
PyLong_AsLong
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
Py_Version
PyVectorcall_Function
PyList_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyThreadState_EnterTracing
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyObject_RichCompareBool
PyExc_RuntimeError
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyNumber_Index
PyMem_Free
PyClassMethod_New
PyList_Type
PySequence_Contains
PyDict_GetItemString
PyList_Reverse
PyObject_GetItem
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyDict_DelItem
PyUnicode_Compare
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
PyObject_SetItem
_PyObject_GC_New
PyType_Modified
PyMethodDescr_Type
PyUnicode_FromString
_PyType_Lookup
PyUnicode_Format
PyObject_Call
PyObject_DelItem
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModuleLevelObject
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyLong_AsSsize_t
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyList_Insert
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyThreadState_Get
PyDescr_NewClassMethod
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyGC_Enable
PyBaseObject_Type
PyTuple_New
_Py_NoneStruct
PyModule_GetName
PyObject_GetAttr
PyInterpreterState_GetID
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyThreadState_LeaveTracing
PyErr_NoMemory
PyMethod_New
PyUnicode_Decode
PySequence_List

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

vcruntime140

strrchr
__C_specific_handler
__std_type_info_destroy_list
memset
memcpy
memmove
memcmp

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

Exports

Exports

PyInit__frozenlist

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/libcrypto-1_1.dll
.dll windows:6 windows x64 arch:x64

11f2ed72076bbf7871eb95fd5b4e84b0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:a4:10:33:a2:0d:f4:e3:32:28:2b:b5:80:fc:36:e0:50:8b:15:7c:a2:e7:e2:5f:f2:8c:4b:d1:b5:48:38:76
Signer

Actual PE Digest

77:a4:10:33:a2:0d:f4:e3:32:28:2b:b5:80:fc:36:e0:50:8b:15:7c:a2:e7:e2:5f:f2:8c:4b:d1:b5:48:38:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\libcrypto-1_1.pdb

Imports

ws2_32

accept
WSAGetLastError
closesocket
WSAStartup
gethostbyname
getsockopt
getsockname
ioctlsocket
getnameinfo
freeaddrinfo
ntohs
getaddrinfo
connect
listen
setsockopt
socket
shutdown
recv
send
WSASetLastError
recvfrom
sendto
bind
WSACleanup

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
TerminateProcess
GetCurrentProcess
ReadConsoleW
ReadConsoleA
SetConsoleMode
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
GetConsoleMode
GetStartupInfoW
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FindClose
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiber
SwitchToFiber
DeleteFiber
CreateFiber
FormatMessageW
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
FreeLibrary
LoadLibraryA
LoadLibraryW
GetModuleHandleExW

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memchr
strstr
wcsstr
memmove
strchr
strrchr
memcmp
memset
memcpy
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
_setmode
ftell
__stdio_common_vfprintf
fwrite
fseek
fread
fopen
_fileno
fgets
fflush
ferror
clearerr
setbuf
feof
fclose
fputs
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
_wfopen

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
strtol

api-ms-win-crt-string-l1-1-0

_strnicmp
strcspn
strncmp
strncpy
strcmp
isspace
_strdup
_stricmp
strspn

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
signal
strerror_s
_execute_onexit_table
_seh_filter_dll
_crt_atexit
_errno
_crt_at_quick_exit
terminate
perror
_register_onexit_function
_exit
_initterm_e
_initterm
_configure_narrow_argv
_cexit
raise

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_stat64i32
_chmod

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_is_current_thread
BN_BLINDING_lock
BN_BLINDING_new
BN_BLINDING_set_current_thread
BN_BLINDING_set_flags
BN_BLINDING_unlock
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_new
BN_CTX_secure_new
BN_CTX_start
BN_GENCB_call
BN_GENCB_free
BN_GENCB_get_arg
BN_GENCB_new
BN_GENCB_set
BN_GENCB_set_old
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/libffi-8.dll
.dll windows:6 windows x64 arch:x64

3dc8b86d60f90a1851eee5f9dc191312

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:3e:d5:ed:a0:65:d1:b8:c9:1d:fc:f9:2a:6c:9b:d8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/12/2018, 00:00

Not After

22/12/2021, 12:00

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Wolfeboro,ST=New Hampshire,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:b2:53:a2:a1:9d:ff:14:1f:a4:a9:5a:d7:38:01:ab:91:aa:23:05:80:91:cc:85:89:e1:23:42:64:8b:eb:89
Signer

Actual PE Digest

74:b2:53:a2:a1:9d:ff:14:1f:a4:a9:5a:d7:38:01:ab:91:aa:23:05:80:91:cc:85:89:e1:23:42:64:8b:eb:89

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

ffi_call
ffi_call_go
ffi_closure_alloc
ffi_closure_free
ffi_get_struct_offsets
ffi_java_ptrarray_to_raw
ffi_java_raw_call
ffi_java_raw_size
ffi_java_raw_to_ptrarray
ffi_prep_cif
ffi_prep_cif_var
ffi_prep_closure
ffi_prep_closure_loc
ffi_prep_go_closure
ffi_prep_java_raw_closure
ffi_prep_java_raw_closure_loc
ffi_prep_raw_closure
ffi_prep_raw_closure_loc
ffi_ptrarray_to_raw
ffi_raw_call
ffi_raw_size
ffi_raw_to_ptrarray
ffi_type_double
ffi_type_float
ffi_type_pointer
ffi_type_sint16
ffi_type_sint32
ffi_type_sint64
ffi_type_sint8
ffi_type_uint16
ffi_type_uint32
ffi_type_uint64
ffi_type_uint8
ffi_type_void

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/libssl-1_1.dll
.dll windows:6 windows x64 arch:x64

3adf02a15243fccc51beb2b37fbf071d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:c4:1c:4e:3a:78:34:13:38:66:fc:31:f2:70:5c:d8:f0:57:29:fe:28:7a:a1:28:09:d1:1b:69:3f:7d:f7:8f
Signer

Actual PE Digest

1b:c4:1c:4e:3a:78:34:13:38:66:fc:31:f2:70:5c:d8:f0:57:29:fe:28:7a:a1:28:09:d1:1b:69:3f:7d:f7:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\libssl-1_1.pdb

Imports

libcrypto-1_1

EVP_MD_CTX_copy
EVP_DigestSignFinal
RAND_bytes
EVP_CipherInit_ex
EVP_CipherUpdate
EVP_CipherFinal_ex
EVP_MD_type
EVP_DigestInit_ex
EVP_DigestFinal
SHA1_Init
SHA1_Transform
SHA224_Init
SHA256_Init
SHA256_Transform
SHA384_Init
SHA512_Init
SHA512_Transform
MD5_Init
MD5_Transform
CRYPTO_clear_free
OPENSSL_cleanse
COMP_CTX_new
COMP_CTX_free
BIO_s_mem
EVP_CIPHER_key_length
EVP_MD_CTX_ctrl
EVP_MD_CTX_set_flags
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_reset
EVP_md5
EVP_sha1
OPENSSL_sk_num
OPENSSL_sk_value
OPENSSL_sk_new_reserve
OPENSSL_sk_pop_free
CRYPTO_memdup
CRYPTO_strdup
EVP_sha256
EVP_PKEY_security_bits
EVP_PKEY_set_type
EVP_PKEY_set1_DH
EVP_PKEY_new
EVP_PKEY_up_ref
EVP_PKEY_free
EVP_PKEY_CTX_new
EVP_PKEY_CTX_new_id
EVP_PKEY_CTX_free
EVP_PKEY_CTX_ctrl
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_derive
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EC_GROUP_get_curve_name
EC_KEY_get0_group
X509_NAME_free
X509_free
ASN1_OCTET_STRING_it
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
X509_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_lock_free
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
BIO_s_file
EVP_PKEY_id
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash
X509_verify_cert
PEM_read_bio_X509
X509_get_extension_flags
OPENSSL_sk_new
OPENSSL_sk_insert
OPENSSL_sk_delete
OPENSSL_sk_dup
OPENSSL_sk_sort
CRYPTO_mem_ctrl
OBJ_nid2sn
COMP_get_type
COMP_get_name
COMP_zlib
EVP_enc_null
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
ENGINE_finish
CONF_parse_list
DH_free
OBJ_sn2nid
EC_curve_nist2nid
EC_KEY_new_by_curve_name
EC_KEY_free
X509_STORE_load_locations
PEM_read_bio_DHparams
ERR_func_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
OBJ_NAME_add
EVP_md5_sha1
EVP_sha224
EVP_sha384
EVP_sha512
EVP_des_cbc
EVP_des_ede3_cbc
EVP_rc4
EVP_rc4_hmac_md5
EVP_idea_cbc
EVP_rc2_cbc
EVP_rc2_40_cbc
EVP_aes_128_cbc
EVP_aes_128_ccm
EVP_aes_128_gcm
EVP_aes_192_cbc
EVP_aes_256_cbc
EVP_aes_256_ccm
EVP_aes_256_gcm
EVP_aes_128_cbc_hmac_sha1
EVP_aes_256_cbc_hmac_sha1
EVP_aes_128_cbc_hmac_sha256
EVP_aes_256_cbc_hmac_sha256
EVP_aria_128_gcm
EVP_aria_256_gcm
EVP_camellia_128_cbc
EVP_camellia_256_cbc
EVP_chacha20_poly1305
EVP_seed_cbc
EVP_add_cipher
EVP_add_digest
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_realloc
CRYPTO_secure_zalloc
CRYPTO_secure_free
BUF_MEM_free
EVP_CIPHER_block_size
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
OPENSSL_LH_num_items
ERR_peek_error
OBJ_bsearch_
EVP_CIPHER_CTX_free
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_ctrl
X509_STORE_set_default_paths
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get_depth
EVP_DigestFinal_ex
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
CT_POLICY_EVAL_CTX_new
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
CTLOG_STORE_new
CTLOG_STORE_free
CTLOG_STORE_load_file
CTLOG_STORE_load_default_file
X509_get_key_usage
RAND_priv_bytes
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
d2i_OCSP_RESPONSE
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
RSA_free
RSA_up_ref
d2i_RSAPrivateKey
ERR_peek_last_error
EVP_PKEY_assign
EVP_PKEY_get0_EC_KEY
d2i_PrivateKey
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_cmp
EC_KEY_can_sign
d2i_X509_bio
d2i_RSAPrivateKey_bio
d2i_PrivateKey_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_RSAPrivateKey
PEM_read_bio_PrivateKey
OPENSSL_LH_delete
OPENSSL_LH_doall_arg
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
ENGINE_get_ssl_client_cert_function
ENGINE_init
BIO_puts
BIO_dump_indent
BIO_printf
EVP_DigestSignInit
EVP_PKEY_new_raw_private_key
EVP_PKEY_set1_tls_encodedpoint
EVP_PKEY_get1_tls_encodedpoint
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_new
BUF_MEM_grow_clean
BN_is_zero
BN_num_bits
BN_bin2bn
BN_bn2bin
BN_free
RSA_pkey_ctx_ctrl
DH_new
DH_check_params
DH_set0_pqg
DH_get0_key
DH_set0_key
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit
EVP_PKEY_size
EVP_PKEY_get0_RSA
EVP_PKEY_get0_DH
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
ENGINE_load_ssl_client_cert
BUF_reverse
EVP_DigestVerifyFinal
d2i_X509_NAME
i2d_X509
X509_NAME_cmp
ASN1_ANY_it
BN_ucmp
ASN1_TYPE_get
ASN1_item_new
RSA_size
RSA_private_decrypt
DH_get0_pqg
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
EVP_PKEY_new_mac_key
BN_new
BN_set_word
BN_get_rfc2409_prime_1024
BN_get_rfc3526_prime_2048
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_4096
BN_get_rfc3526_prime_8192
OBJ_ln2nid
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_PKEY_get0
EVP_PKEY_get_default_digest_nid
HMAC_size
EC_GROUP_method_of
EC_METHOD_get_field_type
EC_KEY_get_conv_form
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
ERR_set_mark
ERR_pop_to_mark
BN_clear_free
BN_copy
BN_dup
SRP_create_verifier_BN
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B
SRP_Verify_A_mod_N
SRP_Calc_u
SRP_Calc_x
SRP_Calc_A
SRP_Calc_client_key
SRP_Verify_B_mod_N
COMP_expand_block
COMP_compress_block
CRYPTO_memcmp
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_iv_length
EVP_CIPHER_CTX_cipher
EVP_CIPHER_flags
EVP_MD_CTX_md
EVP_MD_size
ERR_add_error_data
BIO_snprintf
CRYPTO_malloc
BUF_MEM_grow
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
ERR_put_error
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next
BIO_next
BIO_find_type
BIO_push
BIO_callback_ctrl
EVP_DigestUpdate
EVP_MD_CTX_copy_ex
EVP_MD_CTX_free
BIO_ctrl
BIO_write
EVP_MD_CTX_new
EVP_Cipher
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_get_init
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_method_type
BIO_clear_flags
BIO_set_flags
CRYPTO_free
EVP_CIPHER_CTX_block_size
d2i_PUBKEY
EVP_CIPHER_iv_length
COMP_CTX_get_method
CRYPTO_zalloc

kernel32

GetCurrentThreadId
SetLastError
GetSystemTime
SystemTimeToFileTime
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
DisableThreadLibraryCalls
GetStartupInfoW
GetModuleHandleW
InitializeSListHead
IsDebuggerPresent

vcruntime140

memcmp
strchr
__std_type_info_destroy_list
memcpy
memmove
memchr
__current_exception
__current_exception_context
__C_specific_handler
memset

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-string-l1-1-0

strncmp
_strnicmp
_stricmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_errno
terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set1_cert_store
SSL_CTX_set1_param
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_isv2
SSL_client_version
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_verified_chain
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_all_async_fds
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_is_dtls
SSL_is_init_finished
SSL_is_server
SSL_key_update
SSL_load_client_CA_file
SSL_new
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_wbio
SSL_set1_host
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_bio
SSL_set_block_padding
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth
SSL_set_psk_client_callback
SSL_set_psk_find_session_callback
SSL_set_psk_server_callback
SSL_set_psk_use_session_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_record_padding_callback
SSL_set_record_padding_callback_arg
SSL_set_recv_max_early_data
SSL_set_rfd
SSL_set_security_callback
SSL_set_security_level
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_tlsext_max_fragment_length
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state_string
SSL_state_string_long
SSL_stateless
SSL_up_ref
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_cert_and_key
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_chain_file
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_verify_client_post_handshake
SSL_version
SSL_waiting_for_async
SSL_want
SSL_write
SSL_write_early_data
SSL_write_ex
TLS_client_method
TLS_method
TLS_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION

Sections

.text
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/multidict/_multidict.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

bf987799b97a41247562f3f76977e7d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyErr_ExceptionMatches
PyModule_AddObject
PyObject_GC_Del
PyObject_CallFunctionObjArgs
PyObject_ClearWeakRefs
PySequence_Fast
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyList_Append
PyObject_RichCompareBool
PyMapping_Check
PyDict_SetItem
PyDict_New
PySequence_Check
PyUnicode_Type
PyObject_CallMethod
PyObject_VectorcallMethod
PyObject_IsInstance
_PyTrash_cond
PyExc_StopIteration
PyType_GenericAlloc
PyList_Type
PyDict_GetItem
PyList_Reverse
PyObject_GetItem
PyObject_HasAttrString
PyObject_GC_Track
_Py_NotImplementedStruct
PyArg_ParseTupleAndKeywords
PyExc_TypeError
PyMem_Realloc
PyObject_Str
PyTuple_Pack
PyMem_Malloc
_Py_TrueStruct
PyArg_UnpackTuple
_PyTrash_begin
_PyObject_GC_New
PyList_SetItem
PyObject_Size
_Py_Dealloc
PyTuple_Type
PyMapping_Size
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
_PyTrash_end
PyObject_GetIter
PyIter_Next
PyErr_SetString
PyDict_Items
PyTuple_New
_Py_NoneStruct
PyErr_SetNone
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyExc_RuntimeError
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyUnicode_RichCompare
PyArg_ValidateKeywordArguments
PyErr_Occurred
PyObject_SelfIter
PySequence_GetItem
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
PyType_GenericNew
PyMapping_Items
PyBool_FromLong
PyErr_SetObject
PyThreadState_Get
PyUnicode_InternFromString
PySequence_List
PySequence_Size
PyMem_Free
Py_GenericAlias

kernel32

GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
DisableThreadLibraryCalls
IsDebuggerPresent

vcruntime140

memmove
memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit__multidict

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/psutil/_psutil_windows.pyd
.dll windows:6 windows x64 arch:x64

7655a95700b7d9f6fc1f226e258e1235

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

psapi

GetProcessMemoryInfo
GetMappedFileNameW
GetPerformanceInfo
EnumProcesses

kernel32

FindNextVolumeMountPointA
FindFirstVolumeMountPointA
CreateFileA
GetDiskFreeSpaceExW
CloseHandle
GetLogicalDriveStringsA
lstrcmpA
Process32First
HeapFree
SetPriorityClass
SetProcessAffinityMask
TerminateProcess
GetProcessAffinityMask
Thread32Next
Thread32First
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32Next
QueryDosDeviceA
HeapAlloc
GetPriorityClass
GetProcessHeap
GetThreadTimes
GetProcessHandleCount
GetProcessTimes
OpenThread
VirtualQueryEx
GetExitCodeProcess
EnterCriticalSection
GetCurrentProcess
LeaveCriticalSection
DuplicateHandle
GetExitCodeThread
TerminateThread
CreateThread
GetFileType
ReadProcessMemory
GetSystemPowerStatus
GetSystemTimeAsFileTime
RegisterWaitForSingleObject
CreateEventW
GetVolumeInformationA
SetErrorMode
GetDriveTypeA
DeviceIoControl
FindVolumeMountPointClose
SetLastError
LocalFree
LocalAlloc
GetSystemTimes
FreeLibrary
GetProcAddress
GetSystemInfo
LoadLibraryA
GetLastError
GetModuleHandleA
InitializeCriticalSection
GetProcessIoCounters
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

advapi32

QueryServiceConfig2W
LookupAccountSidW
OpenProcessToken
ImpersonateSelf
CloseServiceHandle
OpenSCManagerA
ControlService
StartServiceA
EnumServicesStatusExW
QueryServiceConfigW
GetTokenInformation
QueryServiceStatusEx
OpenServiceA
AdjustTokenPrivileges
RevertToSelf
LookupPrivilegeValueA

shell32

CommandLineToArgvW

ws2_32

inet_ntop

powrprof

CallNtPowerInformation

pdh

PdhGetFormattedCounterValue
PdhCollectQueryDataEx
PdhAddEnglishCounterW
PdhOpenQueryW
PdhRemoveCounter
PdhCloseQuery
PdhCollectQueryData

python3

PyObject_IsTrue
PyArg_ParseTuple
PyErr_SetFromWindowsErrWithFilename
PyModule_Create2
PyEval_RestoreThread
PyErr_SetObject
PyEval_SaveThread
PyErr_SetString
PyObject_CallFunction
PyModule_AddIntConstant
PyExc_TypeError
PySequence_Check
PySequence_Contains
PyTuple_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyList_SetItem
PyArg_ParseTupleAndKeywords
PyLong_FromLong
PyBool_FromLong
PyUnicode_FromString
_Py_TrueStruct
PyDict_SetItem
_Py_FalseStruct
PyUnicode_FromWideChar
PyErr_Format
PyMem_Free
PyErr_SetExcFromWindowsErrWithFilenameObject
PyDict_New
PyUnicode_AsWideCharString
PyDict_SetItemString
_Py_Dealloc
PyErr_NoMemory
PyList_Append
PyList_New
PyErr_SetFromWindowsErr
Py_BuildValue
PyExc_RuntimeError
PyErr_NewException
PyModule_GetState
PyExc_OSError
PyErr_Clear
PyModule_AddObject
_Py_NoneStruct

iphlpapi

GetAdaptersAddresses
GetIfTable
ConvertLengthToIpv4Mask
GetIfEntry2

vcruntime140

__C_specific_handler
strchr
memset
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf_s
__stdio_common_vsprintf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-string-l1-1-0

strcat_s
wcscpy_s
strcpy_s

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
_initialize_narrow_environment
_cexit
_execute_onexit_table
_initialize_onexit_table

Exports

Exports

PyInit__psutil_windows

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/pyexpat.pyd
.dll windows:6 windows x64 arch:x64

c1efb4aba5d0a4e13411d9eacdb4e8d6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

32:08:b0:bc:23:e7:6e:4a:3f:71:43:c0:cd:fb:7f:10:af:96:f6:48:68:99:ad:f8:c3:c0:c6:2f:b1:c1:1e:5b
Signer

Actual PE Digest

32:08:b0:bc:23:e7:6e:4a:3f:71:43:c0:cd:fb:7f:10:af:96:f6:48:68:99:ad:f8:c3:c0:c6:2f:b1:c1:1e:5b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\pyexpat.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext

python311

PyObject_Realloc
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
PyErr_SetString
_PyUnicode_Ready
PyMem_Malloc
_PyLong_AsInt
PyErr_NoMemory
_PyObject_GC_New
PyUnicode_FromString
PyBuffer_Release
PyObject_Call
PyByteArray_Type
PyMem_Calloc
_PyArg_BadArgument
_Py_HashSecret
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
_PyObject_LookupAttr
PyMem_Free
_PyTraceback_Add
PyDict_New
PyDict_SetItem
PyCapsule_New
PyType_GetModuleState
PyUnicode_Decode
PyList_Append
PyModule_New
PyErr_NewException
PyList_New
PyObject_GetBuffer
PyUnicode_FromFormat
PyLong_AsLong
PyObject_GC_Del
PyModule_AddObject
PyCapsule_GetPointer
_PyImport_SetModule
PyModule_AddObjectRef
PyDescr_NewGetSet
PyObject_Free
_Py_Dealloc
PyType_IsSubtype
PyModule_AddStringConstant
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyModule_GetState
PyObject_CallFunction
PyDict_GetItemWithError
Py_BuildValue
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyModule_AddIntConstant
PyObject_Malloc
PyObject_CallOneArg
PyBool_FromLong
PyDict_SetDefault
PyErr_SetObject
PyUnicode_InternFromString
_PyByteArray_empty_string

vcruntime140

memcpy
memcmp
memset
__std_type_info_destroy_list
__C_specific_handler
strrchr
memmove

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_initterm_e
_initterm
_cexit
_initialize_narrow_environment
_errno
_seh_filter_dll

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit_pyexpat

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/python3.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:a1:86:b2:57:11:d8:b0:62:f7:bd:fc:09:ce:e3:2d:cd:81:a7:a9:b0:d3:bb:3f:a0:45:09:95:7a:2f:30:c9
Signer

Actual PE Digest

b8:a1:86:b2:57:11:d8:b0:62:f7:bd:fc:09:ce:e3:2d:cd:81:a7:a9:b0:d3:bb:3f:a0:45:09:95:7a:2f:30:c9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\python3.pdb

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyClassMethodDescr_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_GetCode
PyFrame_GetLineNumber
PyFrozenSet_New
PyFrozenSet_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGetSetDescr_Type
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_ReloadModule
PyIndex_Check
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_New
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadObjectFromString
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMemberDescr_Type
PyMember_GetOne
PyMember_SetOne
PyMemoryView_FromBuffer
PyMemoryView_FromMemory
PyMemoryView_FromObject
PyMemoryView_GetContiguous
PyMemoryView_Type
PyMethodDescr_Type
PyModuleDef_Init
PyModuleDef_Type
PyModule_AddFunctions
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddObjectRef
PyModule_AddStringConstant
PyModule_AddType
PyModule_Create2
PyModule_ExecDef
PyModule_FromDefAndSpec2
PyModule_GetDef
PyModule_GetDict
PyModule_GetFilename
PyModule_GetFilenameObject
PyModule_GetName
PyModule_GetNameObject
PyModule_GetState
PyModule_New
PyModule_NewObject
PyModule_SetDocString
PyModule_Type
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_Check
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMatrixMultiply
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Index
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_MatrixMultiply
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_ToBase
PyNumber_TrueDivide
PyNumber_Xor
PyOS_CheckStack
PyOS_FSPath
PyOS_InputHook
PyOS_InterruptOccurred
PyOS_double_to_string
PyOS_getsig
PyOS_mystricmp
PyOS_mystrnicmp
PyOS_setsig
PyOS_snprintf
PyOS_string_to_double
PyOS_strtol
PyOS_strtoul
PyOS_vsnprintf
PyObject_ASCII
PyObject_AsCharBuffer
PyObject_AsFileDescriptor
PyObject_AsReadBuffer
PyObject_AsWriteBuffer
PyObject_Bytes
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallMethodObjArgs
PyObject_CallNoArgs
PyObject_CallObject
PyObject_Calloc
PyObject_CheckBuffer
PyObject_CheckReadBuffer
PyObject_ClearWeakRefs
PyObject_CopyData
PyObject_DelItem
PyObject_DelItemString
PyObject_Dir
PyObject_Format
PyObject_Free
PyObject_GC_Del
PyObject_GC_IsFinalized
PyObject_GC_IsTracked
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericGetDict
PyObject_GenericSetAttr
PyObject_GenericSetDict
PyObject_GetAIter
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetBuffer
PyObject_GetItem
PyObject_GetIter
PyObject_HasAttr
PyObject_HasAttrString

Sections

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_internal/python311.dll
.dll windows:6 windows x64 arch:x64

7bcba99f43dec2147effa329c42a4378

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:95:c6:6b:ab:de:29:48:88:75:59:e1:db:8d:06:5d:9e:00:89:b0:98:96:89:a7:32:62:84:6c:9d:0d:6b:3d
Signer

Actual PE Digest

bc:95:c6:6b:ab:de:29:48:88:75:59:e1:db:8d:06:5d:9e:00:89:b0:98:96:89:a7:32:62:84:6c:9d:0d:6b:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\python311.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

getsockopt
send
WSAGetLastError

api-ms-win-core-path-l1-1-0

PathCchSkipRoot
PathCchCombineEx
PathCchFindExtension

bcrypt

BCryptGenRandom

advapi32

RegEnumKeyExW
RegDeleteKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegSetValueExW
RegLoadKeyW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
RegEnumValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegSetValueW

kernel32

HeapAlloc
GetProcessHeap
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsGetValue
TlsFree
GetCurrentThread
GetModuleFileNameW
CompareStringOrdinal
GetFileAttributesW
GetLocaleInfoA
GetACP
RemoveVectoredExceptionHandler
SetErrorMode
RaiseException
AddVectoredExceptionHandler
GetCurrentProcess
SetEndOfFile
UnmapViewOfFile
DuplicateHandle
GetLastError
FlushViewOfFile
CloseHandle
GetSystemInfo
SetFilePointerEx
CreateFileMappingA
GetFileSize
OpenFileMappingA
MapViewOfFile
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
Process32First
SetHandleInformation
GetConsoleScreenBufferInfo
SetLastError
GetHandleInformation
GetFullPathNameW
FindNextFileW
GetStdHandle
DeviceIoControl
TerminateProcess
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
SetEnvironmentVariableW
CreatePipe
CreateHardLinkW
FindClose
GetVolumePathNameW
CreateFileW
OpenProcess
SetFileAttributesW
CreateToolhelp32Snapshot
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
DeleteFileW
Process32Next
LoadLibraryW
GetActiveProcessorCount
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
MoveFileExW
GetModuleHandleW
CreateSymbolicLinkW
GetSystemTimeAsFileTime
GetFileType
GetProcessTimes
GenerateConsoleCtrlEvent
SetEvent
CreateEventA
WaitForMultipleObjects
WaitForSingleObject
Sleep
GetTimeZoneInformation
TlsAlloc
SetWaitableTimerEx
ResetEvent
GetThreadTimes
CreateWaitableTimerExW
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WaitForSingleObjectEx
WriteConsoleW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
GetStringTypeW
ReadFile
CancelIo
SetNamedPipeHandleState
WaitNamedPipeA
CreateNamedPipeA
WriteFile
InitializeProcThreadAttributeList
PeekNamedPipe
OpenFileMappingW
GetModuleHandleA
GetVersion
LCMapStringEx
UpdateProcThreadAttribute
CreateFileA
DeleteProcThreadAttributeList
GetOverlappedResult
ExitProcess
CreateProcessW
CreateFileMappingW
VirtualQuery
ConnectNamedPipe
GetExitCodeProcess
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
GetErrorMode
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
FormatMessageW
FreeLibrary
LoadLibraryExW
LocalFree
GetConsoleOutputCP
GetConsoleCP
OutputDebugStringW
GetSystemTimeAdjustment
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExW
TlsSetValue
HeapFree
GetCurrentThreadId

vcruntime140

memchr
memcmp
memmove
memcpy
wcschr
strrchr
wcsrchr
strchr
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-stdio-l1-1-0

_open_osfhandle
__stdio_common_vfprintf
_wfopen
setvbuf
__stdio_common_vswprintf
fclose
__stdio_common_vsprintf
_setmode
rewind
__acrt_iob_func
_commit
_locking
_wopen
_kbhit
getc
ungetc
_lseeki64
ftell
fflush
feof
fgets
_get_osfhandle
_chsize_s
fputs
_isatty
_fileno
_lseek
_dup2
ferror
_close
fputc
fwrite
_open
_read
_dup
_write
fread
clearerr
puts

api-ms-win-crt-environment-l1-1-0

getenv
_wputenv_s
_wgetcwd
_wgetenv
__p__wenviron
_wputenv

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-string-l1-1-0

wcscmp
wcsncmp
strcmp
wcsnlen
wcsncpy_s
strncmp
isalnum
wcscat_s
tolower
toupper
strcspn
wcscoll
isxdigit
wcstok_s
wcsxfrm
isdigit
_stricmp
strncpy
_wcsicmp
wcscpy_s

api-ms-win-crt-runtime-l1-1-0

_cexit
__fpe_flt_rounds
_getpid
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_set_abort_behavior
signal
_exit
_initterm
raise
abort
_initialize_onexit_table
_beginthreadex
__sys_errlist
__sys_nerr
_endthreadex
_wsystem
exit
_errno
strerror
_execute_onexit_table
_set_thread_local_invalid_parameter_handler

api-ms-win-crt-convert-l1-1-0

mbstowcs
wcstol
strtoul
strtol
wcstombs

api-ms-win-crt-math-l1-1-0

exp2
tanh
erfc
sqrt
cbrt
cosh
erf
pow
log10
frexp
fmod
floor
tan
atan
atan2
_fdclass
_dclass
nextafter
exp
fabs
acosh
log1p
log
acos
expm1
_fdopen
atanh
asin
copysign
ldexp
hypot
asinh
modf
sin
round
sinh
cos
ceil

api-ms-win-crt-time-l1-1-0

__timezone
_tzset
strftime
clock
_time64
_mktime64
__daylight
_gmtime64_s
_localtime64_s

api-ms-win-crt-process-l1-1-0

_wexecv
_wspawnv
_wexecve
_cwait
_wspawnve

api-ms-win-crt-heap-l1-1-0

free
malloc
_heapmin
realloc
calloc

api-ms-win-crt-conio-l1-1-0

_putwch
_ungetwch
_getwche
_getche
_getch
_ungetch
_putch
_getwch

api-ms-win-crt-filesystem-l1-1-0

_umask
_wstat64i32

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyAsyncGen_New
PyAsyncGen_Type
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCMethod_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_Addr2Line
PyCode_Addr2Location
PyCode_GetCellvars
PyCode_GetCode
PyCode_GetFreevars
PyCode_GetVarnames
PyCode_New
PyCode_NewEmpty
PyCode_NewWithPosOnlyArgs
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyCompile_OpcodeStackEffect
PyCompile_OpcodeStackEffectWithJump
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyConfig_InitPythonConfig
PyConfig_Read
PyConfig_SetArgv
PyConfig_SetBytesArgv
PyConfig_SetBytesString
PyConfig_SetString
PyConfig_SetWideStringList
PyContextToken_Type
PyContextVar_Get
PyContextVar_New
PyContextVar_Reset
PyContextVar_Set
PyContextVar_Type
PyContext_Copy
PyContext_CopyCurrent
PyContext_Enter
PyContext_Exit
PyContext_New
PyContext_Type
PyCoro_New
PyCoro_Type
PyDescr_IsData
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetDefault
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ProgramTextObject
PyErr_RangedSyntaxLocationObject
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_SyntaxLocationObject
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnExplicitFormat
PyErr_WarnExplicitObject
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_OpenCode
PyFile_OpenCodeObject
PyFile_SetOpenCodeHook
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Pack2
PyFloat_Pack4
PyFloat_Pack8
PyFloat_Type
PyFloat_Unpack2
PyFloat_Unpack4
PyFloat_Unpack8
PyFrame_FastToLocals
PyFrame_FastToLocalsWithError
PyFrame_GetBack
PyFrame_GetBuiltins
PyFrame_GetCode
PyFrame_GetGenerator
PyFrame_GetGlobals
PyFrame_GetLasti
PyFrame_GetLineNumber
PyFrame_GetLocals
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Check
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_New
PyGen_NewWithQualName
PyGen_Type
PyGetSetDescr_Type
PyHash_GetFuncDef
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyIndex_Check
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_Head
PyInterpreterState_Main
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_GetAllocator
PyMem_Malloc
PyMem_RawCalloc
PyMem_RawFree
PyMem_RawMalloc
PyMem_RawRealloc
PyMem_Realloc
PyMem_SetAllocator
PyMem_SetupDebugHooks

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PyRuntim
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/pywin32_system32/pywintypes311.dll
.dll windows:6 windows x64 arch:x64

5b71a076f0c32bb52117188a36e3fec6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\pywintypes.pdb

Imports

advapi32

IsValidAcl
GetAuditedPermissionsFromAclW
GetLengthSid
InitializeAcl
AddAuditAccessAce
AddAce
DeleteAce
SetEntriesInAclW
GetAce
GetExplicitEntriesFromAclW
GetEffectiveRightsFromAclW
RegCloseKey
SetSecurityDescriptorGroup
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetAclInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSidIdentifierAuthority
InitializeSid
CopySid
GetSidSubAuthority
AllocateAndInitializeSid
GetSidSubAuthorityCount
EqualSid
IsTextUnicode

user32

wsprintfW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoCreateGuid
CLSIDFromProgID
StringFromGUID2

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SysFreeString

python311

PyExc_Exception
PyErr_SetObject
PyModule_AddIntConstant
PyRun_StringFlags
PyMemoryView_FromObject
PyLong_FromUnsignedLong
PyThreadState_New
PyLong_AsUnsignedLongMask
PyModule_GetDict
PyObject_GetBuffer
PyModule_Create2
PyUnicode_Type
PyByteArray_FromStringAndSize
PyDict_GetItemString
PyLong_AsVoidPtr
PyObject_CallObject
PyThreadState_Clear
PyCallable_Check
PyThreadState_Swap
_Py_FatalErrorFunc
PyEval_AcquireThread
PyMemoryView_FromBuffer
PyThreadState_Delete
PyEval_ReleaseThread
PyUnicode_AsUTF8
PyExc_PendingDeprecationWarning
PyLong_FromLongLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyLong_FromUnsignedLongLong
PyErr_Occurred
PyErr_WarnEx
PyBuffer_FillInfo
PyEval_RestoreThread
PyObject_Print
_Py_TrueStruct
PyUnicode_AsMBCSString
_Py_HashPointer
PyObject_GenericSetAttr
PyErr_Fetch
PyErr_Restore
_Py_FalseStruct
PyEval_SaveThread
PyBytes_FromStringAndSize
PyExc_AttributeError
PyExc_WindowsError
PyBytes_AsStringAndSize
PyArg_ParseTuple
PyBuffer_Release
PyExc_TypeError
_Py_NewReference
PyArg_ParseTupleAndKeywords
PyExc_NotImplementedError
PyTuple_SetItem
PySequence_Check
PyDict_New
PyDict_SetItem
PyMapping_Check
PyErr_Clear
PyObject_GetAttrString
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyTuple_New
_Py_NoneStruct
PyExc_MemoryError
Py_BuildValue
PyLong_FromLong
PyObject_GenericGetAttr
PySequence_GetItem
PyMapping_Items
PySequence_Size
Py_MakePendingCalls
PyMem_Malloc
PyMem_Free
PyBytes_Size
PyList_Append
PyList_New
PyUnicode_AsWideCharString
PyUnicode_FromWideChar
PyUnicode_DecodeMBCS
PyBytes_AsString
PyEval_CallObjectWithKeywords
PyBool_FromLong
PyNumber_Long
PyNumber_Check
PyObject_HasAttrString
PyCapsule_Import
PyObject_CallMethod
PyTuple_Size
PyType_Ready
PyErr_BadArgument
PyLong_AsLong
PyType_IsSubtype
PyDict_SetItemString
PyImport_ImportModule
PySequence_Tuple
PyErr_NoMemory
_PyArg_ParseTuple_SizeT
PyBytes_FromString
_Py_NotImplementedStruct
_Py_BuildValue_SizeT
PyObject_Call

kernel32

LocalFree
CloseHandle
SetLastError
lstrlenW
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalAlloc
FormatMessageW
TlsAlloc
GetLastError
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsFree
DosDateTimeToFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
memcpy
__C_specific_handler
__current_exception_context
__current_exception
__std_terminate
memcmp
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
free

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vfprintf

api-ms-win-crt-time-l1-1-0

_mktime64

api-ms-win-crt-string-l1-1-0

wcsncpy
strncpy
strcmp
_wcsdup

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

floor

Exports

Exports

??0PyACL@@QEAA@HH@Z
??0PyACL@@QEAA@PEAU_ACL@@@Z
??0PyDEVMODEW@@QEAA@G@Z
??0PyDEVMODEW@@QEAA@PEAU_devicemodeW@@@Z
??0PyDEVMODEW@@QEAA@XZ
??0PyHANDLE@@QEAA@AEBV0@@Z
??0PyHANDLE@@QEAA@PEAX@Z
??0PyHKEY@@QEAA@$$QEAV0@@Z
??0PyHKEY@@QEAA@AEBV0@@Z
??0PyHKEY@@QEAA@PEAX@Z
??0PyIID@@QEAA@AEBU_GUID@@@Z
??0PyOVERLAPPED@@QEAA@PEBVsMyOverlapped@0@@Z
??0PyOVERLAPPED@@QEAA@XZ
??0PySECURITY_ATTRIBUTES@@QEAA@AEBU_SECURITY_ATTRIBUTES@@@Z
??0PySECURITY_ATTRIBUTES@@QEAA@XZ
??0PySECURITY_DESCRIPTOR@@QEAA@PEAX@Z
??0PySECURITY_DESCRIPTOR@@QEAA@_J@Z
??0PySID@@QEAA@PEAX@Z
??0PySID@@QEAA@_JPEAX@Z
??0PyWAVEFORMATEX@@QEAA@AEBUtWAVEFORMATEX@@@Z
??0PyWAVEFORMATEX@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@AEBU_OVERLAPPED@@@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@XZ
??1PyACL@@QEAA@XZ
??1PyDEVMODEW@@IEAA@XZ
??1PyHANDLE@@UEAA@XZ
??1PyHKEY@@UEAA@XZ
??1PyOVERLAPPED@@QEAA@XZ
??1PySECURITY_ATTRIBUTES@@QEAA@XZ
??1PySECURITY_DESCRIPTOR@@QEAA@XZ
??1PySID@@QEAA@XZ
??1PyWAVEFORMATEX@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
??1PyWin_AutoFreeBstr@@QEAA@XZ
??4PyACL@@QEAAAEAV0@AEBV0@@Z
??4PyDEVMODEW@@QEAAAEAV0@AEBV0@@Z
??4PyHANDLE@@QEAAAEAV0@AEBV0@@Z
??4PyHKEY@@QEAAAEAV0@$$QEAV0@@Z
??4PyHKEY@@QEAAAEAV0@AEBV0@@Z
??4PyIID@@QEAAAEAV0@$$QEAV0@@Z
??4PyIID@@QEAAAEAV0@AEBV0@@Z
??4PyOVERLAPPED@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_ATTRIBUTES@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_DESCRIPTOR@@QEAAAEAV0@AEBV0@@Z
??4PySID@@QEAAAEAV0@AEBV0@@Z
??4PyWAVEFORMATEX@@QEAAAEAV0@AEBV0@@Z
??4PyWin_AutoFreeBstr@@QEAAAEAV0@AEBV0@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@$$QEAV01@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@AEBV01@@Z
??BPyHANDLE@@QEAAPEAXXZ
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
??_7PyHANDLE@@6B@
??_7PyHKEY@@6B@
??_FPyIID@@QEAAXXZ
??_FPySECURITY_DESCRIPTOR@@QEAAXXZ
??_FPyWin_AutoFreeBstr@@QEAAXXZ
?AddAccessAllowedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddMandatoryAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Clear@PyDEVMODEW@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@UEAAHXZ
?Close@PyHKEY@@UEAAHXZ
?DeleteAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Detach@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?GetACL@PyACL@@QEAAPEAU_ACL@@XZ
?GetAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAceCount@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclRevision@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclSize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetDEVMODE@PyDEVMODEW@@QEAAPEAU_devicemodeW@@XZ
?GetLength@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetLength@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetOverlapped@PyOVERLAPPED@@QEAAPEAU_OVERLAPPED@@XZ
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?GetSA@PySECURITY_ATTRIBUTES@@QEAAPEAU_SECURITY_ATTRIBUTES@@XZ
?GetSD@PySECURITY_DESCRIPTOR@@QEAAPEAXXZ
?GetSID@PySID@@QEAAPEAXXZ
?GetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSidIdentifierAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthorityCount@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetTypeName@PyHANDLE@@UEAAPEBDXZ
?GetTypeName@PyHKEY@@UEAAPEBDXZ
?Initialize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySID@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIID@@QEAAHAEAV1@@Z
?IsEqual@PyIID@@QEAAHAEBU_GUID@@@Z
?IsEqual@PyIID@@QEAAHPEAU_object@@@Z
?IsSelfRelative@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PyACL@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySID@@SAPEAU_object@@PEAU2@0@Z
?PyACLType@@3U_typeobject@@A
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
?PyDEVMODEWType@@3U_typeobject@@A
?PyGetAuditedPermissionsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetEffectiveRightsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetExplicitEntriesFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyHANDLEType@@3U_typeobject@@A
?PyIIDType@@3U_typeobject@@A
?PyOVERLAPPEDType@@3U_typeobject@@A
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PySECURITY_ATTRIBUTESType@@3U_typeobject@@A
?PySECURITY_DESCRIPTORType@@3U_typeobject@@A
?PySIDType@@3U_typeobject@@A
?PySetEntriesInAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PySocket_AsSOCKET@@YAHPEAU_object@@PEA_K@Z
?PyWAVEFORMATEXType@@3U_typeobject@@A
?PyWinCoreString_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinExc_COMError@@3PEAU_object@@EA
?PyWinGlobals_Ensure@@YAHXZ
?PyWinGlobals_Free@@YAXXZ
?PyWinInterpreterLock_Acquire@@YAXXZ
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinMethod_NewACL@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewHANDLE@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewOVERLAPPED@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_ATTRIBUTES@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTimeStamp@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewWAVEFORMATEX@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsACL@@YAHPEAU_object@@PEAPEAU_ACL@@H@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsChars@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsOVERLAPPED@@YAHPEAU_object@@PEAPEAU_OVERLAPPED@@H@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinObject_AsPyOVERLAPPED@@YAHPEAU_object@@PEAPEAVPyOVERLAPPED@@H@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSID@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsWAVEFORMATEX@@YAHPEAU_object@@PEAPEAUtWAVEFORMATEX@@H@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_FreeBstr@@YAXPEA_W@Z
?PyWinObject_FreeChars@@YAXPEAD@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEAD@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromOVERLAPPED@@YAPEAU_object@@PEBU_OVERLAPPED@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_FromSECURITY_ATTRIBUTES@@YAPEAU_object@@AEBU_SECURITY_ATTRIBUTES@@@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSID@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinObject_FromTimeStamp@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinThreadState_Clear@@YAXXZ
?PyWinThreadState_Ensure@@YAHXZ
?PyWinThreadState_Free@@YAXXZ
?PyWinTimeObject_Fromtime_t@@YAPEAU_object@@_J@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWin_CopyString@@YAPEADPEBD@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWin_InterpreterState@@3PEAU_is@@EA
?PyWin_MakePendingCalls@@YAXXZ
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWin_RegisterErrorMessageModule@@YAHKKPEAUHINSTANCE__@@@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_SetBasicCOMError@@YAPEAU_object@@J@Z
?SetACL@PyACL@@QEAAHPEAU_ACL@@@Z
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?SetSD@PySECURITY_DESCRIPTOR@@QEAAHPEAX@Z
?SetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?asStr@PyHANDLE@@QEAAPEAU_object@@XZ
?binaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?deallocFunc@PyACL@@SAXPEAU_object@@@Z
?deallocFunc@PyDEVMODEW@@SAXPEAU_object@@@Z
?deallocFunc@PyHANDLE@@SAXPEAU_object@@@Z
?deallocFunc@PyIID@@SAXPEAU_object@@@Z
?deallocFunc@PyOVERLAPPED@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_ATTRIBUTES@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_DESCRIPTOR@@SAXPEAU_object@@@Z
?deallocFunc@PySID@@SAXPEAU_object@@@Z
?deallocFunc@PyWAVEFORMATEX@@SAXPEAU_object@@@Z
?get_DeviceName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DriverData@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_FormName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_handle@PyHANDLE@@SAPEAU_object@@PEAU2@PEAX@Z
?getattro@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySECURITY_ATTRIBUTES@@SAPEAU_object@@PEAU2@0@Z
?getbufferinfo@PySECURITY_DESCRIPTOR@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getbufferinfo@PySID@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getset@PyDEVMODEW@@2PAUPyGetSetDef@@A
?getset@PyHANDLE@@2PAUPyGetSetDef@@A
?hash@PyHANDLE@@QEAA_JXZ
?hash@PyIID@@QEAA_JXZ
?hashFunc@PyHANDLE@@SA_JPEAU_object@@@Z
?hashFunc@PyIID@@SA_JPEAU_object@@@Z
?hashFunc@PyOVERLAPPED@@SA_JPEAU_object@@@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?intFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?len@PyWinBufferView@@QEAAKXZ
?longFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?members@PyDEVMODEW@@2PAUPyMemberDef@@A
?members@PyOVERLAPPED@@2PAUPyMemberDef@@A
?members@PySECURITY_ATTRIBUTES@@2PAUPyMemberDef@@A
?members@PyWAVEFORMATEX@@2PAUPyMemberDef@@A
?methods@PyACL@@2PAUPyMethodDef@@A
?methods@PyDEVMODEW@@2PAUPyMethodDef@@A
?methods@PyHANDLE@@2PAUPyMethodDef@@A
?methods@PySECURITY_ATTRIBUTES@@2PAUPyMethodDef@@A
?methods@PySECURITY_DESCRIPTOR@@2PAUPyMethodDef@@A
?methods@PySID@@2PAUPyMethodDef@@A
?modify_in_place@PyDEVMODEW@@QEAAXXZ
?nonzeroFunc@PyHANDLE@@SAHPEAU_object@@@Z
?ok@PyWinBufferView@@QEAA_NXZ
?print@PyHANDLE@@QEAAHPEAU_iobuf@@H@Z
?printFunc@PyHANDLE@@SAHPEAU_object@@PEAU_iobuf@@H@Z
?ptr@PyWinBufferView@@QEAAPEAXXZ
?release@PyWinBufferView@@QEAAXXZ
?repr@PyIID@@QEAAPEAU_object@@XZ
?reprFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?richcompare@PyHANDLE@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PyIID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PySID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompareFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyIID@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PySID@@SAPEAU_object@@PEAU2@0H@Z
?set_DeviceName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_DriverData@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_FormName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?setattro@PyOVERLAPPED@@SAHPEAU_object@@00@Z
?setattro@PySECURITY_ATTRIBUTES@@SAHPEAU_object@@00@Z
?str@PyIID@@QEAAPEAU_object@@XZ
?strFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?strFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?strFunc@PySID@@SAPEAU_object@@PEAU2@@Z
?ternaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@00@Z
?tp_new@PyDEVMODEW@@SAPEAU_object@@PEAU_typeobject@@PEAU2@1@Z
?unaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
DllMain
PyInit_pywintypes

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/select.pyd
.dll windows:6 windows x64 arch:x64

fc4f7d736924aa67a1bd7b7b80894df9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:5d:91:bd:1b:e6:22:4b:12:60:5e:45:71:31:42:db:93:3e:07:5a:fd:03:fa:d8:47:73:78:bf:85:4a:05:f5
Signer

Actual PE Digest

69:5d:91:bd:1b:e6:22:4b:12:60:5e:45:71:31:42:db:93:3e:07:5a:fd:03:fa:d8:47:73:78:bf:85:4a:05:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\select.pdb

Imports

ws2_32

select
__WSAFDIsSet
WSAGetLastError

python311

PyModuleDef_Init
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
PyModule_GetState
PyEval_RestoreThread
_PyTime_AsTimeval
_PyDeadline_Init
PyErr_CheckSignals
PyExc_OSError
PyObject_AsFileDescriptor
PyList_New
PySequence_Fast
PyModule_AddObjectRef
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_ValueError
PyErr_SetString
_Py_NoneStruct
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
_PyTime_FromSecondsObject
PyUnicode_InternFromString
PyErr_SetExcFromWindowsErr
PyList_SetItem
_PyTime_AsTimeval_clamp

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_errno
_initterm
_initterm_e
_seh_filter_dll

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit_select

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/ucrtbase.dll
.dll windows:10 windows x64 arch:x64

ea4d5e085d5bbdbd19dcce14d926b29e

Code Sign

33:00:00:00:be:a4:0f:f5:c9:a5:0e:e1:30:00:00:00:00:00:be
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:843D-37F6-F104,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/09/2017, 18:07

Not After

12/09/2018, 18:07

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:c7:42:3f:a9:31:d7:0e:9c:bb:20:5b:7f:8f:25:81:7c:32:9c:5e:f9:db:53:f9:1f:f0:86:b8:2a:6d:0c:63
Signer

Actual PE Digest

b2:c7:42:3f:a9:31:d7:0e:9c:bb:20:5b:7f:8f:25:81:7c:32:9c:5e:f9:db:53:f9:1f:f0:86:b8:2a:6d:0c:63

Digest Algorithm

sha256

PE Digest Matches

true

7b:01:a9:04:e4:f8:18:b8:ce:65:ed:c2:c4:e6:89:5a:36:ea:75:8d
Signer

Actual PE Digest

7b:01:a9:04:e4:f8:18:b8:ce:65:ed:c2:c4:e6:89:5a:36:ea:75:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ucrtbase.pdb

Imports

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetErrorMode
RaiseException
GetLastError
SetLastError

api-ms-win-core-heap-l1-1-0

HeapCompact
HeapWalk
HeapAlloc
HeapSize
HeapReAlloc
HeapQueryInformation
GetProcessHeap
HeapFree
HeapValidate

api-ms-win-core-processthreads-l1-1-0

CreateThread
ExitThread
ExitProcess
GetCurrentProcess
TlsAlloc
GetCurrentThread
CreateProcessW
TlsSetValue
GetCurrentProcessId
GetCurrentThreadId
ResumeThread
TlsFree
GetStartupInfoW
GetExitCodeProcess
TerminateProcess
TlsGetValue

api-ms-win-core-file-l1-1-0

WriteFile
GetDiskFreeSpaceW
GetLogicalDrives
SetFileTime
SetFilePointerEx
LockFileEx
UnlockFileEx
FlushFileBuffers
SetEndOfFile
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesExW
GetDriveTypeW
GetFileInformationByHandle
GetFullPathNameW
FindFirstFileExW
CreateFileW
FindNextFileW
ReadFile
GetFileType
FindClose

api-ms-win-core-libraryloader-l1-1-0

FreeLibraryAndExitThread
GetModuleHandleExW
LoadLibraryExW
GetModuleHandleW
GetProcAddress
FreeLibrary
GetModuleFileNameW

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-processenvironment-l1-1-0

SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
GetStdHandle
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetCommandLineA

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringW
WideCharToMultiByte
GetStringTypeW

api-ms-win-core-localization-l1-2-0

GetCPInfo
GetLocaleInfoW
LCMapStringW
EnumSystemLocalesW
IsValidCodePage
GetUserDefaultLCID
GetOEMCP
IsValidLocale
GetACP

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo
SetLocalTime

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-console-l1-1-0

PeekConsoleInputA
SetConsoleCtrlHandler
WriteConsoleW
GetConsoleCP
SetConsoleMode
GetNumberOfConsoleInputEvents
ReadConsoleW
ReadConsoleInputW
GetConsoleMode

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-namedpipe-l1-1-0

CreatePipe
PeekNamedPipe

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualProtect
VirtualQuery

api-ms-win-core-util-l1-1-0

EncodePointer
Beep

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList

Exports

Exports

_Cbuild
_Cmulcc
_Cmulcr
_CreateFrameInfo
_CxxThrowException
_Exit
_FCbuild
_FCmulcc
_FCmulcr
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_Getdays
_Getmonths
_Gettnames
_IsExceptionObjectToBeDestroyed
_LCbuild
_LCmulcc
_LCmulcr
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__acrt_iob_func
__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
__current_exception
__current_exception_context
__daylight
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__doserrno
__dstbias
__fpe_flt_rounds
__fpecode
__initialize_lconv_for_unsigned_char
__intrinsic_setjmp
__intrinsic_setjmpex
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__commode
__p__environ
__p__fmode
__p__mbcasemap
__p__mbctype
__p__pgmptr
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__processing_throw
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__setusermatherr
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
__strncnt
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__wcserror
__wcserror_s
__wcsncnt
_abs64
_access
_access_s
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_base
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chgsignf
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_configthreadlocale
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_copysign
_copysignf
_cputs
_cputws
_creat
_create_locale
_crt_at_quick_exit
_crt_atexit
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_d_int
_dclass
_dexp
_difftime32
_difftime64
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_endthread
_endthreadex
_eof
_errno
_except1
_execl
_execle
_execlp
_execlpe
_execute_onexit_table
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_finitef
_flushall
_fpclass
_fpclassf
_fpieee_flt
_fpreset
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_base
_free_locale
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_fullpath
_futime32
_futime64
_fwrite_nolock
_gcvt
_gcvt_s
_get_FMA3_enable
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_osfhandle
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_stream_buffer_pointers
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_timezone
_get_tzname
_get_unexpected
_get_wide_winmain_command_line
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwc_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_heapchk
_heapmin
_heapwalk
_hypot
_hypotf
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_is_exception_typeof
_isalnum_l
_isalpha_l
_isatty
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcblank
_ismbcblank_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_isnan
_isnanf
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_itoa
_itoa_s
_itow
_itow_s
_j0
_j1
_jn
_kbhit
_ld_int
_ldclass
_ldexp
_ldlog
_ldpcomp
_ldpoly
_ldscale
_ldsign
_ldsin
_ldtest
_ldunscale
_lfind
_lfind_s
_loaddll
_local_unwind
_localtime32

Sections

.text
Size: 702KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/unicodedata.pyd
.dll windows:6 windows x64 arch:x64

bb6f6d951dbdd290ecf382ca57459172

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:a2:17:6b:cf:b4:02:26:96:16:c7:ae:f2:63:74:c1:a1:d4:d5:43:08:08:23:d2:81:59:68:a2:a2:79:c0:d1
Signer

Actual PE Digest

75:a2:17:6b:cf:b4:02:26:96:16:c7:ae:f2:63:74:c1:a1:d4:d5:43:08:08:23:d2:81:59:68:a2:a2:79:c0:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\unicodedata.pdb

Imports

python311

PyCapsule_GetPointer
PyUnicode_FromStringAndSize
PyModule_AddObjectRef
_Py_Dealloc
PyUnicode_FromString
_Py_FalseStruct
PyModule_AddStringConstant
PyModule_AddType
PyModule_Type
_PyUnicode_Ready
_Py_TrueStruct
_PyUnicode_ToDigit
PyModule_AddObject
PyMem_Realloc
PyUnicode_Compare
PyType_FromSpec
PyObject_GC_Track
PyModuleDef_Init
PyUnicode_FromKindAndData
PyErr_NoMemory
PyMem_Free
PyCapsule_New
PyObject_GC_Del
_PyObject_GC_New
PyMem_Malloc
PyType_IsSubtype
PyErr_Format
PyExc_ValueError
PyErr_SetString
_PyArg_BadArgument
_PyUnicode_ToDecimalDigit
_PyUnicode_ToNumeric
PyFloat_FromDouble
_Py_ctype_toupper
PyUnicode_FromOrdinal
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_GenericGetAttr
PyErr_Occurred
PyExc_KeyError
_PyArg_CheckPositional
PyOS_snprintf
PyUnicode_CompareWithASCIIString
_PyArg_Parse_SizeT

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit_unicodedata

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/win32/win32api.pyd
.dll windows:6 windows x64 arch:x64

2000df8846b8f315bdc5cce6da06b275

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32api.pdb

Imports

user32

ChangeDisplaySettingsW
GetCursorPos
SetCursorPos
ShowCursor
RegisterWindowMessageW
PostQuitMessage
PostThreadMessageW
SetCursor
mouse_event
ClipCursor
LoadCursorW
WinHelpW
GetSysColor
LoadKeyboardLayoutW
GetKeyboardLayout
GetKeyboardLayoutList
SetClassWord
ExitWindowsEx
GetKeyboardLayoutNameW
VkKeyScanW
SetSysColors
MapVirtualKeyExW
VkKeyScanExA
GetAsyncKeyState
GetKeyboardState
LoadStringW
VkKeyScanA
GetWindowLongPtrW
SetClassLongPtrW
MessageBeep
GetSystemMetrics
SendMessageW
SetWindowWord
ToAsciiEx
SetWindowLongPtrW
MessageBoxExW
keybd_event
GetFocus
MapVirtualKeyW
GetKeyState
EnumDisplaySettingsW
VkKeyScanExW
PostMessageW

advapi32

InitiateSystemShutdownW
RegNotifyChangeKeyValue
RegGetKeySecurity
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
AbortSystemShutdownW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
GetUserNameW
OpenThreadToken
LookupAccountSidW
RegEnumValueW
RegQueryValueExW
RegSetValueW
GetTokenInformation

shell32

DragQueryFileW
ShellExecuteW
DragFinish
CommandLineToArgvW
FindExecutableW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

python311

PyExc_SystemError
PyLong_FromLong
Py_BuildValue
_Py_NoneStruct
PyExc_WindowsError
PyErr_SetString
PyExc_ValueError
PyErr_Format
_Py_Dealloc
PyUnicode_AsUTF8
PyList_New
PyList_Append
PyObject_GenericSetAttr
PyExc_NotImplementedError
PyArg_ParseTupleAndKeywords
_Py_NewReference
PyExc_TypeError
PyArg_ParseTuple
PyExc_Exception
PyErr_SetObject
PyBool_FromLong
_Py_BuildValue_SizeT
PyLong_AsUnsignedLong
PyModule_AddIntConstant
PyBytes_AsString
PySequence_GetItem
PyErr_Occurred
PyEval_SaveThread
PyList_SetSlice
PyExc_MemoryError
PyLong_FromUnsignedLongLong
PyGILState_Release
PyTuple_New
PyDict_SetItemString
PyList_Size
PyUnicode_FromWideChar
PyLong_FromUnsignedLong
_PyArg_ParseTupleAndKeywords_SizeT
PyTuple_GetItem
PyModule_GetDict
_PyArg_ParseTuple_SizeT
PyLong_AsLong
PyUnicode_AsWideCharString
PyModule_Create2
PyType_Ready
PyErr_Clear
PyTuple_Size
PySequence_Check
PyMem_Free
PyTuple_SetItem
PyErr_NoMemory
PyObject_CallObject
PyBytes_FromStringAndSize
PyEval_RestoreThread
PySys_WriteStderr
PyObject_Call
PyUnicode_GetLength
PyThreadState_Swap
PyErr_Print
PyObject_GenericGetAttr
PyMem_Malloc
PyCallable_Check
PyObject_IsTrue
PyObject_IsSubclass
PyGILState_Ensure

pywintypes311

?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinThreadState_Ensure@@YAHXZ
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinThreadState_Free@@YAXXZ
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?len@PyWinBufferView@@QEAAKXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?ok@PyWinBufferView@@QEAA_NXZ
??1PyWinBufferView@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
?PyWinInterpreterLock_Acquire@@YAXXZ

kernel32

GetLogicalDrives
GetVolumeInformationW
SetConsoleCtrlHandler
SizeofResource
GetConsoleTitleW
GetEnvironmentVariableW
GetSystemPowerStatus
WriteProfileStringW
GetTempPathW
GetPrivateProfileSectionW
FindClose
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
SetThreadLocale
FindFirstFileW
SearchPathW
WritePrivateProfileStringW
CompareStringW
GetSystemDefaultLCID
SetLastError
GetProfileSectionW
SetLocalTime
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetStdHandle
EnumResourceTypesW
SetTimeZoneInformation
ExpandEnvironmentStringsW
GetShortPathNameW
GetDiskFreeSpaceW
GetPrivateProfileIntW
TerminateProcess
GetProfileIntW
GetUserDefaultLangID
GetModuleFileNameW
GetThreadLocale
SetEnvironmentVariableW
SetSystemTime
EnumResourceNamesW
GetStartupInfoW
DuplicateHandle
GetSystemDefaultLangID
FindFirstChangeNotificationW
OpenProcess
GetVersion
SetFileAttributesW
GetLogicalDriveStringsW
EndUpdateResourceW
GetPrivateProfileStringW
FormatMessageW
GetTimeZoneInformation
GetTickCount64
GetLastError
OutputDebugStringW
GetUserDefaultLCID
GetDiskFreeSpaceExW
GetCurrentThread
FindCloseChangeNotification
LockResource
DeleteFileW
CloseHandle
EnumResourceLanguagesW
GetSystemInfo
WriteProfileSectionW
LoadLibraryW
FindResourceExW
LoadResource
GetLocalTime
SetStdHandle
UpdateResourceW
FindNextChangeNotification
GetWindowsDirectoryW
Beep
GetProcAddress
LocalFree
GetTimeFormatW
MoveFileExW
GetComputerNameW
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
CopyFileW
GetProfileStringW
SleepEx
SetErrorMode
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualQuery
VirtualProtect
RaiseException
GenerateConsoleCtrlEvent
LoadLibraryExW
OpenThread
MoveFileW
SetConsoleTitleW
GetDateFormatW
DebugBreak
GlobalMemoryStatus
GetSystemTime
GetTempFileNameW
BeginUpdateResourceW
WritePrivateProfileSectionW
WinExec

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__current_exception
__current_exception_context
memset
_CxxThrowException
memcpy

api-ms-win-crt-convert-l1-1-0

_itow

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_at_quick_exit
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

?PyDISPLAY_DEVICEType@@3U_typeobject@@A
PyInit_win32api

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/win32/win32clipboard.pyd
.dll windows:6 windows x64 arch:x64

6590f9e16ffe4a803450d945792e846e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32clipboard.pdb

Imports

gdi32

GetEnhMetaFileBits
GetMetaFileBitsEx

user32

GetClipboardFormatNameW
EnumClipboardFormats
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
CountClipboardFormats
RegisterClipboardFormatW
SetClipboardViewer
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
GetPriorityClipboardFormat
OpenClipboard
ChangeClipboardChain
CloseClipboard
EmptyClipboard

shell32

DragQueryFileW

python311

_Py_TrueStruct
PyBytes_FromStringAndSize
PyErr_NoMemory
PyTuple_SetItem
PyMem_Free
PyErr_Clear
PyModule_Create2
PyUnicode_AsWideCharString
_PyArg_ParseTuple_SizeT
PyModule_GetDict
_Py_Dealloc
PyErr_Format
PyEval_RestoreThread
PyErr_SetString
PyUnicode_FromWideChar
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyExc_TypeError
PyBytes_FromString
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyModule_AddIntConstant
_Py_BuildValue_SizeT
PyExc_ValueError

pywintypes311

?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_AsChars@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinGlobals_Ensure@@YAHXZ
??0PyWinBufferView@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeChars@@YAXPEAD@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinExc_ApiError@@3PEAU_object@@EA

kernel32

GlobalSize
GlobalAlloc
LoadLibraryW
GetProcAddress
GlobalLock
FreeLibrary
GlobalUnlock
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetLastError

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler
__std_terminate
memset
memcpy

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_cexit
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate

Exports

Exports

PyInit_win32clipboard

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/win32/win32gui.pyd
.dll windows:6 windows x64 arch:x64

43844ac41b302cdc6cb7d5f7d6fcc995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32gui.pdb

Imports

gdi32

InvertRgn
GetMiterLimit
DeleteObject
PtInRegion
RestoreDC
SetStretchBltMode
Ellipse
SetBkColor
MoveToEx
RectInRegion
GetTextColor
SetArcDirection
Polygon
GetViewportExtEx
GetObjectW
SetViewportOrgEx
Rectangle
ExtCreatePen
CreatePen
LineTo
SetBkMode
GetGraphicsMode
EndPath
SetTextColor
GetTextExtentPoint32W
DeleteDC
SetPixelV
OffsetRgn
GetTextAlign
GetPixel
SetPolyFillMode
EqualRgn
CreatePatternBrush
GetTextMetricsW
StrokeAndFillPath
StrokePath
SetViewportExtEx
EnumFontFamiliesW
SetMiterLimit
GetWindowOrgEx
Polyline
CreatePolygonRgn
ArcTo
ExtFloodFill
PathToRegion
SetWindowExtEx
PolyBezier
GetPath
CreateRoundRectRgn
GetCurrentPositionEx
PolyBezierTo
CreateRectRgnIndirect
GetStockObject
CreateEllipticRgnIndirect
SetWindowOrgEx
CreateDCW
ResetDCW
PaintRgn
Chord
CreateHatchBrush
BeginPath
GetStretchBltMode
CreateBrushIndirect
GetTextFaceW
GetTextCharacterExtra
FrameRgn
AbortPath
StretchBlt
SetGraphicsMode
PatBlt
SetPixel
CreateCompatibleDC
FillPath
GetBkMode
Arc
GetWindowExtEx
SelectObject
Pie
SaveDC
PolylineTo
CreateCompatibleBitmap
BitBlt
GetPolyFillMode
SetRectRgn
GetBkColor
CloseFigure
SetMapMode
CreateSolidBrush
CreateBitmap
SetROP2
CreateFontIndirectW
GetCurrentObject
SetTextAlign
CombineRgn
FlattenPath
GetMapMode
GetObjectType
RoundRect
FillRgn
ExtTextOutW
SetTextCharacterExtra
GetRgnBox
WidenPath
GetROP2
GetArcDirection
GetViewportOrgEx

user32

FindWindowW
ScrollWindowEx
LoadIconW
TranslateMessage
TranslateAcceleratorW
BringWindowToTop
SetCapture
DestroyMenu
FlashWindow
CreateAcceleratorTableW
EnumWindows
SetMenu
MoveWindow
IsWindowEnabled
DialogBoxIndirectParamW
GetForegroundWindow
GetSysColor
GetTopWindow
RegisterHotKey
GetDlgItemTextW
DrawFocusRect
SetMenuDefaultItem
CreateIconFromResource
SetDoubleClickTime
FrameRect
GetDoubleClickTime
ValidateRect
SetWindowPlacement
RegisterClassW
SetDlgItemTextW
WindowFromDC
CreateCaret
IsChild
PaintDesktop
EnumPropsExW
PeekMessageW
DestroyAcceleratorTable
SetMenuItemInfoW
DefDlgProcW
ClientToScreen
GetDlgCtrlID
CreateIconIndirect
DestroyIcon
GetMenuDefaultItem
IsDialogMessageW
RedrawWindow
GetCursorInfo
DispatchMessageW
GetCapture
RegisterDeviceNotificationW
InvalidateRgn
IsWindow
ReplyMessage
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
GetClassLongPtrW
DrawIcon
GetWindowPlacement
WindowFromPoint
GetWindowLongPtrW
WaitMessage
GetScrollInfo
ChildWindowFromPointEx
SetMenuItemBitmaps
SetClassLongPtrW
CreatePopupMenu
DragDetect
SetWindowTextW
UnregisterClassW
EndDialog
GetCursor
SendMessageW
ScreenToClient
DeleteMenu
GetIconInfo
CreateWindowExW
FillRect
HideCaret
CopyIcon
SetWindowRgn
SetWindowLongPtrW
EnumChildWindows
ValidateRgn
GetMenuItemCount
SetActiveWindow
InvertRect
MessageBoxW
SetWindowPos
IsWindowVisible
GetCaretPos
GetDC
DestroyWindow
InsertMenuItemW
GetFocus
SendMessageTimeoutW
GetMenu
GetMenuItemID
GetWindowRect
FindWindowExW
GetWindow
CheckMenuRadioItem
PostMessageW
CallWindowProcW
GetUpdateRgn
LoadMenuW
ModifyMenuW
GetMenuState
CloseWindow
GetSystemMenu
DefWindowProcW
GetMenuItemInfoW
GetMessageW
SetScrollInfo
DrawAnimatedRects
GetWindowTextLengthW
GetWindowLongW
LoadCursorW
GetWindowDC
EnumThreadWindows
InsertMenuW
SetCursor
GetDlgItemInt
RemoveMenu
CheckMenuItem
GetClientRect
GetDlgItem
AppendMenuW
GetClassLongW
GetMenuItemRect
DrawTextW
PostThreadMessageW
DrawIconEx
ShowCaret
PostQuitMessage
GetDesktopWindow
GetSysColorBrush
GetNextDlgGroupItem
CreateDialogIndirectParamW
DestroyCaret
GetClassNameW
SetParent
MessageBeep
DrawMenuBar
EnableMenuItem
DrawEdge
SystemParametersInfoW
SetDlgItemInt
CreateMenu
GetParent
RegisterWindowMessageW
DialogBoxParamW
CascadeWindows
PtInRect
UnregisterDeviceNotification
UpdateWindow
ReleaseCapture
SetForegroundWindow
LoadImageW
InvalidateRect
GetAncestor
IsIconic
ChildWindowFromPoint
ReleaseDC
GetCursorPos
BeginPaint
GetNextDlgTabItem
EndPaint
GetWindowRgn
EnableWindow
GetWindowTextW
SetFocus

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_Remove
ImageList_GetIcon
_TrackMouseEvent
ImageList_LoadImageW
ord17
ImageList_Destroy
ImageList_Replace
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_SetBkColor
ImageList_ReplaceIcon
InitCommonControlsEx

shell32

DragAcceptFiles
Shell_NotifyIconW
ExtractIconW
ExtractIconExW

python311

PySys_WriteStderr
_Py_TrueStruct
PyEval_CallObjectWithKeywords
PyCallable_Check
PyObject_IsTrue
PyObject_Call
PyErr_Print
PyExc_TypeError
_Py_NewReference
PyDict_DelItem
PyGILState_Ensure
PyObject_CallObject
PyDict_GetItem
PyErr_NoMemory
PyLong_FromVoidPtr
PyMem_Free
PyDict_New
PyDict_SetItem
PyObject_GenericSetAttr
PyTuple_Size
PyErr_Clear
PyObject_GetAttrString
PyType_Ready
PyModule_Create2
PyUnicode_AsWideCharString
PyUnicode_AsUTF8
PyLong_AsLong
PyErr_Fetch
_PyArg_ParseTuple_SizeT
PyModule_GetDict
PyTuple_GetItem
PyLong_AsUnsignedLongMask
PyExc_PendingDeprecationWarning
_Py_FalseStruct
PyFloat_FromDouble
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_AttributeError
PyEval_RestoreThread
PyLong_AsUnsignedLong
PyErr_Occurred
PyDict_SetItemString
PyTuple_New
PyLong_AsLongLong
PyBytes_AsStringAndSize
PyGILState_Release
PyBytes_FromString
PyExc_MemoryError
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_WarnEx
_Py_BuildValue_SizeT
PyBool_FromLong
PySequence_Tuple
PyArg_ParseTuple
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyList_Append
PyList_New
_Py_Dealloc
PyLong_FromUnsignedLong
PyExc_ValueError
PyErr_SetString
_Py_NoneStruct
Py_BuildValue
PyLong_FromLong

pywintypes311

??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
?ok@PyWinBufferView@@QEAA_NXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyHANDLEType@@3U_typeobject@@A
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
??0PyHANDLE@@QEAA@PEAX@Z
??1PyHANDLE@@UEAA@XZ
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
??0PyWinBufferView@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
QueryPerformanceCounter
IsBadStringPtrW
IsBadReadPtr
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetLastError
SetLastError
IsBadWritePtr
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalFree
RtlCaptureContext
IsProcessorFeaturePresent
GlobalAlloc

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
__current_exception
__current_exception_context
memset

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
_callnewh

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_initialize_narrow_environment

Exports

Exports

DllMain
PyInit_win32gui

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/win32/win32process.pyd
.dll windows:6 windows x64 arch:x64

f53ca7fceaa6b605e5f94ce576a4f328

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32process.pdb

Imports

advapi32

CreateProcessAsUserW

user32

GetWindowThreadProcessId
AttachThreadInput

python311

PyList_New
PyUnicode_AsWideCharString
PyUnicode_AsUTF8
PyLong_AsLong
PyModule_Create2
PyModule_GetDict
PyLong_AsUnsignedLongMask
_Py_Dealloc
PyErr_SetFromErrno
PyMapping_Size
PyErr_Format
PyLong_FromUnsignedLong
PyErr_SetString
PyExc_AttributeError
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyGILState_Release
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyBytes_AsString
_Py_BuildValue_SizeT
PyBool_FromLong
PyType_Ready
PyList_Append
PyMapping_Keys
PyMapping_Check
PyEval_CallObjectWithKeywords
PyEval_RestoreThread
PyErr_Print
PyCallable_Check
PyMapping_Values
PyExc_TypeError
_Py_NewReference
PyGILState_Ensure
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyTuple_SetItem
PyMem_Free
PyList_GetItem
PyBytes_Size
_PyArg_ParseTuple_SizeT
PyObject_GenericSetAttr

pywintypes311

?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyHANDLEType@@3U_typeobject@@A
?PyWinGlobals_Ensure@@YAHXZ
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetExitCodeProcess
VirtualFreeEx
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
ReadProcessMemory
ExitProcess
VirtualAllocEx
GetProcAddress
GetPriorityClass
LoadLibraryW
GetThreadPriority
GetLastError
GetExitCodeThread
ResumeThread
SuspendThread
GetProcessVersion
SetThreadPriority
GetProcessAffinityMask
TerminateProcess
GetCurrentProcess
SetPriorityClass
WriteProcessMemory
GetStartupInfoW
SetThreadAffinityMask

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
__std_terminate
__std_exception_destroy
_CxxThrowException
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_beginthreadex
terminate

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit_win32process

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_internal/yarl/_quoting_c.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

fbdabb1c96f66eac02c4b13f933a3c8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

python311

PyTuple_New
PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyGC_Disable
PyExc_AttributeError
PyTuple_GetSlice
PyErr_SetString
PyObject_GetIter
PyNumber_Add
PyErr_WarnFormat
PyExc_ValueError
PyDict_Next
PyErr_Format
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyNumber_InPlaceAdd
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyErr_Restore
PyUnicode_Join
PyExc_OverflowError
PyCode_NewWithPosOnlyArgs
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyCapsule_GetPointer
PyObject_GC_Del
PyLong_AsLong
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
Py_Version
PyVectorcall_Function
PyList_New
PySlice_New
PyObject_GC_IsFinalized
PyImport_AddModule
PyType_Ready
PyThreadState_EnterTracing
PyUnicode_Contains
PyObject_GetAttrString
PyList_Append
PyObject_RichCompareBool
PyUnicode_DecodeUTF8Stateful
PyUnicode_Decode
PyException_SetTraceback
PyCapsule_New
_PyObject_GenericGetAttrWithDict
PyObject_VectorcallDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_CallFinalizerFromDealloc
_PyDict_GetItem_KnownHash
PyMem_Free
PyExc_StopIteration
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyObject_GetItem
PyUnicode_FromKindAndData
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyDict_DelItem
PyUnicode_Compare
PyObject_IsSubclass
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyObject_Str
PyExc_NameError
PyTuple_Pack
Py_OptimizeFlag
_PyUnicode_Ready
PyMem_Malloc
PyExc_IndexError
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyUnicode_DecodeASCII
PyExc_SystemError
_PyObject_GC_New
PyType_Modified
PyUnicode_FromString
_PyType_Lookup
PyUnicode_Format
PyObject_Size
PyObject_Call
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
_Py_NoneStruct
PyBytes_FromString
PyLong_AsUnsignedLongLong
PyUnicode_FromOrdinal
PyModule_GetName
PyObject_GetAttr
PyInterpreterState_GetID
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyThreadState_LeaveTracing
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyTraceBack_Here
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
PyImport_ImportModule
Py_LeaveRecursiveCall
PyExc_DeprecationWarning
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyLong_AsUnsignedLong
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyException_GetTraceback
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyGC_Enable
PyErr_Clear
PyBaseObject_Type

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
strrchr
memset
memcpy
memcmp

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initterm_e
_initterm
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

PyInit__quoting_c

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/Vanguard.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

aferoghwrop
erhgrq

Sections

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
bin/luau.dll
.dll windows:6 windows x64 arch:x64

dfd11645eb4732c0409f51f0532c3683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\llama\Downloads\compiler-src-main\compiler-src-main\x64\Release\incognito-luau.pdb

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSListHead

msvcp140

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??Bid@locale@std@@QEAA_KXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr
__std_exception_destroy
memcmp
memcpy
memmove
__std_exception_copy
_purecall
__std_type_info_destroy_list
memset
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strchr
__std_terminate

api-ms-win-crt-stdio-l1-1-0

fflush
ungetc
fsetpos
fwrite
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
_get_stream_buffer_pointers
fgetc
setvbuf
fgetpos
fclose
_fseeki64
fread
fputc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_errno
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_seh_filter_dll
_invalid_parameter_noinfo
_configure_narrow_argv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-string-l1-1-0

strnlen
islower
isdigit
ispunct
isalnum
isxdigit
isalpha
strncpy
isupper
isgraph
toupper
strpbrk
strncat
strcspn
isspace
strspn
tolower
iscntrl
strcpy_s
strcmp

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc
_aligned_malloc

api-ms-win-crt-math-l1-1-0

asin
log2
acos
fmod
tan
log
atan2
cos
ldexp
frexp
tanh
pow
cosh
log10
modf
sin
atan
round
sqrt
floorf
sinh
_dsign
exp
floor
ceilf
ceil

api-ms-win-crt-convert-l1-1-0

strtoull
strtod
atoi
strtoul

api-ms-win-crt-time-l1-1-0

clock
_time64
strftime
_localtime64_s
_gmtime64_s
_difftime64

Exports

Exports

RBXCompile
RBXDecompress
RBXRawCompile
Setup

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
main.exe
.exe windows:5 windows x64 arch:x64

5bc16b5845145eb0edb88983820691b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetWindowThreadProcessId
ShowWindow

kernel32

GetModuleFileNameW
SetDllDirectoryW
CreateSymbolicLinkW
GetProcAddress
CreateDirectoryW
GetCommandLineW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetDriveTypeW
RemoveDirectoryW
GetTempPathW
CloseHandle
FormatMessageW
Sleep
GetCurrentProcess
GetCurrentProcessId
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
LocalFree
SetConsoleCtrlHandler
GetConsoleWindow
CreateFileW
FindFirstFileExW
GetFinalPathNameByHandleW
MultiByteToWideChar
WideCharToMultiByte
HeapReAlloc
GetLastError
WriteConsoleW
SetEndOfFile
WaitForSingleObject
LeaveCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReadFile
GetFullPathNameW
SetStdHandle
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
SetEnvironmentVariableW
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

118dde577a38119350ab495f68a0326f

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8Certificate

Extended Key Usages

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14Certificate

Key Usages

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0Signer

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

vcruntime140_1

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 332KB - Virtual size: 332KB

.rdata Size: 181KB - Virtual size: 180KB

.data Size: 7KB - Virtual size: 13KB

.pdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 2KB - Virtual size: 2KB

Password: infected

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cdSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 3KB - Virtual size: 2KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 512B - Virtual size: 416B

Password: infected

bf380ca954cbf10d1a4cef9ec18e46fd

Code Sign

33:00:00:02:54:ca:2b:f3:cb:9d:da:a6:75:00:00:00:00:02:54Certificate

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

.text
Size: 332KB - Virtual size: 332KB

.rdata
Size: 181KB - Virtual size: 180KB

.data
Size: 7KB - Virtual size: 13KB

.pdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 2KB - Virtual size: 2KB

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cd
Signer

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 512B - Virtual size: 416B

33:00:00:02:54:ca:2b:f3:cb:9d:da:a6:75:00:00:00:00:02:54
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

6b:64:bf:50:2b:89:f2:c5:be:a7:9b:85:01:0a:13:26:74:a1:c4:23:31:89:41:11:45:75:15:9f:1f:ef:f1:63
Signer

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 1020B

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 512B - Virtual size: 324B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

f2:4a:4b:71:95:d5:d3:ad:e2:6f:aa:04:3d:75:f0:27:bb:2e:3c:ef:52:a0:5b:8b:c8:80:a1:ea:6c:36:d4:dc
Signer

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 7KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 664B