C:\Users\jjangli\Documents\GitHub\AlphaFS\AlphaFS\obj\Net452\AlphaFS.pdb
Overview
overview
10Static
static
3!ŞetUp_51...FS.dll
windows7-x64
1!ŞetUp_51...FS.dll
windows10-2004-x64
1!ŞetUp_51...se.dll
windows7-x64
1!ŞetUp_51...se.dll
windows10-2004-x64
1!ŞetUp_51...on.dll
windows7-x64
1!ŞetUp_51...on.dll
windows10-2004-x64
1!ŞetUp_51...le.dll
windows7-x64
1!ŞetUp_51...le.dll
windows10-2004-x64
1!ŞetUp_51...1].exe
windows7-x64
1!ŞetUp_51...1].exe
windows10-2004-x64
1!ŞetUp_51...et.dll
windows7-x64
1!ŞetUp_51...et.dll
windows10-2004-x64
1!ŞetUp_51...ng.dll
windows7-x64
1!ŞetUp_51...ng.dll
windows10-2004-x64
1!ŞetUp_51...GL.dll
windows7-x64
1!ŞetUp_51...GL.dll
windows10-2004-x64
3!ŞetUp_51...-1.dll
windows7-x64
3!ŞetUp_51...-1.dll
windows10-2004-x64
3!ŞetUp_51...up.exe
windows7-x64
1!ŞetUp_51...up.exe
windows10-2004-x64
10!ŞetUp_51...et.xls
windows7-x64
1!ŞetUp_51...et.xls
windows10-2004-x64
1!ŞetUp_51...lf.dll
windows7-x64
1!ŞetUp_51...lf.dll
windows10-2004-x64
1!ŞetUp_51...st.asp
windows7-x64
3!ŞetUp_51...st.asp
windows10-2004-x64
3Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/AlphaFS.dll
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/AlphaFS.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/License.dll
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/License.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/Newtonsoft.Json.dll
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/Newtonsoft.Json.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral7
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/VersionStable.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/VersionStable.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/ErrorLog/DirectoryMonitor_[1MB]_[1].exe
Resource
win7-20240704-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/ErrorLog/DirectoryMonitor_[1MB]_[1].exe
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Extreme.Net.dll
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Extreme.Net.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Injecting.dll
Resource
win7-20240704-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral14
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Injecting.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libEGL.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libEGL.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral17
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libgcc_s_dw2-1.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral18
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libgcc_s_dw2-1.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral19
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral21
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/caret.xls
Resource
win7-20240705-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral22
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/caret.xls
Resource
win10v2004-20240704-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral23
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/msedge_elf.dll
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral24
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/msedge_elf.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral25
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/test.asp
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral26
Sample
!ŞetUp_51286--#PaSꞨKḙy#$$/test.asp
Resource
win10v2004-20240704-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
a4f7b21dc88bdcf27cbe929d4bba979f759320b53f7e826bc0a77f55ebbf866c
-
Size
4.1MB
-
MD5
69cf15bf1f894ed8a9e8027bbbb6741b
-
SHA1
e9802c99576be9f6db21ab12f20497e76b12fd4b
-
SHA256
a4f7b21dc88bdcf27cbe929d4bba979f759320b53f7e826bc0a77f55ebbf866c
-
SHA512
4f9e4e22bac5e832cc13ad470fd7feac1559dae87867a890cc02cdd856dbde708e7156b5f0953efd2f1e91e2e0498236a79192f15db2a8534e1c35e0b9ef25e6
-
SSDEEP
98304:4Tf4xuskaKg8Qn0Jk9793JFQ5CpIYA4whaZA8DSgiGBIF3E+1cp:4LhfaKxQ0Jk9b65eIsyYHLWFULp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack002/!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/AlphaFS.dll unpack002/!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Extreme.Net.dll
Files
-
a4f7b21dc88bdcf27cbe929d4bba979f759320b53f7e826bc0a77f55ebbf866c.zip
Password: infected
-
0f94f6a5c219c17ba7c1c5d9be967e576c7a8f0e097a14706b13feed3aaafe7d.zip.zip
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/AlphaFS.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 356KB - Virtual size: 356KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/License.dll
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
06:ce:e1:31:be:6d:55:c8:07:f7:c0:c7:fb:44:e6:20Certificate
IssuerCN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=USNot Before15/01/2021, 00:00Not After14/01/2046, 23:59SubjectCN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:de:32:e9:50:9b:44:aa:34:b1:da:f1:bc:0e:c8:73Certificate
IssuerCN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=USNot Before15/07/2021, 00:00Not After14/07/2031, 23:59SubjectCN=.NET Foundation Projects Code Signing CA2,O=.NET Foundation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0c:d1:40:7a:5a:bd:ed:43:d5:c1:73:12:1d:38:c5:29Certificate
IssuerCN=.NET Foundation Projects Code Signing CA2,O=.NET Foundation,C=USNot Before13/08/2021, 00:00Not After29/10/2024, 23:59SubjectSERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21/09/2022, 00:00Not After21/11/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
3a:57:8c:7c:68:8b:18:66:50:3e:ca:01:8e:c9:25:ce:98:4d:c3:92:f9:6d:09:57:64:2e:4c:79:0e:24:5a:52Signer
Actual PE Digest3a:57:8c:7c:68:8b:18:66:50:3e:ca:01:8e:c9:25:ce:98:4d:c3:92:f9:6d:09:57:64:2e:4c:79:0e:24:5a:52Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/Src/Newtonsoft.Json/obj/Release/net45/Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 681KB - Virtual size: 680KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Debugs/VersionStable.dll.dll windows:5 windows x64 arch:x64
dc9fbafd0b96c0a640df70f088bfd2b0
Code Sign
33:00:00:02:d0:e7:eb:7c:2e:f6:ce:23:e1:00:00:00:00:02:d0Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before12/05/2022, 20:46Not After11/05/2023, 20:46SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:a4:ca:6d:58:de:c5:0e:e0:41:d9:32:8f:62:f5:2a:0b:c9:f5:56:80:3e:5d:8d:0c:49:97:4c:24:c9:8a:22Signer
Actual PE Digest05:a4:ca:6d:58:de:c5:0e:e0:41:d9:32:8f:62:f5:2a:0b:c9:f5:56:80:3e:5d:8d:0c:49:97:4c:24:c9:8a:22Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\a\_work\e\src\out\Release_x64\WebView2Loader.dll.pdb
Imports
kernel32
CloseHandle
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
Exports
Exports
CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString
Sections
.text Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gxfg Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.retplne Size: 512B - Virtual size: 92B
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.voltbl Size: 512B - Virtual size: 68B
_RDATA Size: 512B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/ErrorLog/DirectoryMonitor_[1MB]_[1].exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5e:4f:4d:ea:a5:0c:13:c8:84:b8:12:e2:21:c6:bc:29Certificate
IssuerCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBNot Before30/11/2022, 00:00Not After29/11/2025, 23:59SubjectCN=DevEnterprise Software,O=DevEnterprise Software,ST=KwaZulu-Natal,C=ZAExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/05/2023, 00:00Not After02/08/2034, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5e:4f:4d:ea:a5:0c:13:c8:84:b8:12:e2:21:c6:bc:29Certificate
IssuerCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBNot Before30/11/2022, 00:00Not After29/11/2025, 23:59SubjectCN=DevEnterprise Software,O=DevEnterprise Software,ST=KwaZulu-Natal,C=ZAExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/05/2023, 00:00Not After02/08/2034, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
dd:a1:cc:af:a3:94:b6:e7:63:9f:e9:f3:f5:be:a6:2b:31:09:ad:7f:cb:3e:b3:bf:64:29:00:4d:8c:82:a5:b7Signer
Actual PE Digestdd:a1:cc:af:a3:94:b6:e7:63:9f:e9:f3:f5:be:a6:2b:31:09:ad:7f:cb:3e:b3:bf:64:29:00:4d:8c:82:a5:b7Digest Algorithmsha256PE Digest Matchestrue70:21:a3:4a:09:25:e5:34:a7:21:5f:ee:df:f4:a1:60:41:4f:ed:00Signer
Actual PE Digest70:21:a3:4a:09:25:e5:34:a7:21:5f:ee:df:f4:a1:60:41:4f:ed:00Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Dev\dirmon\src\DevEnterprise.DirectoryMonitor.UI\obj\Release\DirectoryMonitor.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 366KB - Virtual size: 366KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Extreme.Net.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\scarf\source\repos\Extreme.Net\obj\Debug\Extreme.Net.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 118KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/Injecting.dll.dll windows:6 windows x64 arch:x64
489e398f49ceeda3418bb4d259205037
Code Sign
04:e1:80:52:e9:b5:5c:1f:0a:83:7a:3e:c2:3b:e7:50Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before13/01/2020, 00:00Not After20/01/2021, 12:00SubjectSERIALNUMBER=6543638,CN=Krisp Technologies\, Inc,O=Krisp Technologies\, Inc,L=Berkeley,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8a:67:17:5d:b0:0a:7d:67:d4:30:8d:ac:17:2f:87:8b:ad:30:c1:1d:d0:e9:dc:ef:17:89:ba:a3:56:85:f8:bdSigner
Actual PE Digest8a:67:17:5d:b0:0a:7d:67:d4:30:8d:ac:17:2f:87:8b:ad:30:c1:1d:d0:e9:dc:ef:17:89:ba:a3:56:85:f8:bdDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
winmm
timeGetTime
kernel32
InitializeSListHead
DebugBreak
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetStdHandle
WriteFile
IsDebuggerPresent
OutputDebugStringA
FormatMessageA
RaiseException
GetProcAddress
CloseHandle
SetEvent
ResetEvent
SetLastError
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetStartupInfoW
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
EncodePointer
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
CreateFileW
HeapSize
HeapReAlloc
WriteConsoleW
Exports
Exports
??0AEC@krips_aec@@QEAA@AEBV01@@Z
??0AEC@krips_aec@@QEAA@XZ
??1AEC@krips_aec@@UEAA@XZ
??4AEC@krips_aec@@QEAAAEAV01@AEBV01@@Z
??_7AEC@krips_aec@@6B@
?create@AEC@krips_aec@@SAPEAV12@AEBUConfig@12@@Z
?create@AEC@krips_aec@@SAPEAV12@XZ
?kChunkSizeMs@AEC@krips_aec@@2HB
Sections
.text Size: 358KB - Virtual size: 358KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 113KB - Virtual size: 113KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libEGL.dll.dll windows:6 windows x86 arch:x86
a44c6eed545a636cf24d9bf63188ef0c
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:d7:d0:4b:42:84:68:84:7f:bb:6a:50:d3:70:6d:1cCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before02/06/2021, 00:00Not After06/06/2022, 23:59SubjectSERIALNUMBER=HBA 722586,CN=Avira Operations GmbH & Co. KG,OU=Engineering Services,O=Avira Operations GmbH & Co. KG,L=Tettnang,ST=Baden-Württemberg,C=DE,1.3.6.1.4.1.311.60.2.1.1=#1303556c6d,1.3.6.1.4.1.311.60.2.1.2=#0c12426164656e2d57c3bc727474656d62657267,1.3.6.1.4.1.311.60.2.1.3=#13024445,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
38:63:de:f8Certificate
IssuerCN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.netNot Before24/12/1999, 17:50Not After24/07/2029, 14:15SubjectCN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.netKey Usages
KeyUsageCertSign
KeyUsageCRLSign
58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate
IssuerCN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.netNot Before22/07/2015, 19:02Not After22/06/2029, 19:32SubjectCN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4Certificate
IssuerCN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=USNot Before22/07/2020, 15:33Not After29/12/2030, 16:29SubjectCN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CAExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
24:d0:8c:30:f1:40:a5:a2:e9:c1:1c:32:60:a5:fd:f1:5c:98:8d:d7:02:e0:b2:3e:cb:0a:38:a6:df:c4:87:84Signer
Actual PE Digest24:d0:8c:30:f1:40:a5:a2:e9:c1:1c:32:60:a5:fd:f1:5c:98:8d:d7:02:e0:b2:3e:cb:0a:38:a6:df:c4:87:84Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\temp\aq0p54no\common\amswsccomm\amswsccomm.pdb
Imports
shlwapi
PathFileExistsW
kernel32
ReadFile
WriteFile
CloseHandle
CreateFileW
PeekNamedPipe
Sleep
GetSystemTime
FlushFileBuffers
HeapSize
GetLastError
SetUnhandledExceptionFilter
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
EncodePointer
DecodePointer
LCMapStringEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetCPInfo
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileAttributesExW
SetFileAttributesW
DeleteFileW
MoveFileExW
GetFileType
GetDriveTypeW
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetEndOfFile
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetTimeZoneInformation
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
GetCurrentDirectoryW
GetFullPathNameW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
crypt32
CryptProtectData
CryptUnprotectData
rpcrt4
UuidCreate
RpcStringFreeW
UuidToStringW
Exports
Exports
AMSWSC_authenticate
AMSWSC_notify_expiration
AMSWSC_prepare_uninstall
AMSWSC_register_remediation
AMSWSC_set_log_callback
AMSWSC_shutdown_protected_service
AMSWSC_unregister_remediation
AMSWSC_update_protection_update_substatus
AMSWSC_update_scan_substatus
AMSWSC_update_settings_substatus
AMSWSC_update_status
Sections
.text Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Libs/libgcc_s_dw2-1.dll.dll windows:6 windows x86 arch:x86
72e2cd9e129b18aa647a30bd6ed95591
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15/06/2016, 00:00Not After15/06/2024, 00:00SubjectCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
61:29:15:27:00:00:00:00:00:2aCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15/04/2011, 19:55Not After15/04/2021, 20:05SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
2a:09:50:26:3e:06:49:6a:27:81:f5:50Certificate
IssuerCN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before11/07/2018, 11:33Not After11/07/2021, 11:33SubjectSERIALNUMBER=HRA 722586,CN=Avira Operations GmbH & Co. KG,OU=Cloud\, Services and Infrastructure,O=Avira Operations GmbH & Co. KG,STREET=Kaplaneiweg 1,L=Tettnang,ST=Baden-Wuerttemberg,C=DE,1.2.840.113549.1.9.1=#0c0c63614061766972612e636f6d,1.3.6.1.4.1.311.60.2.1.1=#1303556c6d,1.3.6.1.4.1.311.60.2.1.2=#1312426164656e2d577565727474656d62657267,1.3.6.1.4.1.311.60.2.1.3=#13024445,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
11:21:b4:55:35:1e:bb:1a:b2:4f:97:ef:07:fe:2a:b3:0b:8aCertificate
IssuerCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BENot Before24/05/2016, 00:00Not After24/06/2027, 00:00SubjectCN=GlobalSign TSA for Standard - G2,O=GMO GlobalSign Pte Ltd,C=SGExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
04:00:00:00:00:01:2f:4e:e1:52:d7Certificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After28/01/2028, 12:00SubjectCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageCertSign
KeyUsageCRLSign
22:4c:b7:e1:ed:ee:0d:dc:8d:0b:ae:1f:fa:51:6b:56:0e:0d:52:05:ce:94:ae:bb:43:7d:df:bc:60:ec:0c:7bSigner
Actual PE Digest22:4c:b7:e1:ed:ee:0d:dc:8d:0b:ae:1f:fa:51:6b:56:0e:0d:52:05:ce:94:ae:bb:43:7d:df:bc:60:ec:0c:7bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\SRC\Sources\Avira\antivirus\AV\BuildOutput\Bin\Release\avgio-oasdk.dll.pdb
Imports
kernel32
SetProcessWorkingSetSize
VerifyVersionInfoW
DeleteFileW
GetFileSize
SetFileAttributesW
WriteFile
CreateIoCompletionPort
PostQueuedCompletionStatus
GetFileSizeEx
ReadFile
SetFilePointerEx
QueryPerformanceCounter
GetQueuedCompletionStatus
LoadLibraryW
ResetEvent
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
TerminateThread
GetTickCount
VirtualQuery
MapViewOfFile
UnmapViewOfFile
WriteConsoleW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetSystemInfo
OpenProcess
GetCurrentProcessId
GetCurrentProcess
Sleep
QueryPerformanceFrequency
SetErrorMode
VerSetConditionMask
GetModuleFileNameW
CreateEventW
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetOverlappedResult
DeviceIoControl
CreateFileW
SetLastError
GetLastError
CloseHandle
SetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
InterlockedFlushSList
RaiseException
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
MoveFileExW
HeapValidate
GetConsoleMode
GetFileType
ExitProcess
HeapFree
HeapAlloc
GetStdHandle
LCMapStringW
MultiByteToWideChar
GetProcessHeap
SetStdHandle
GetConsoleOutputCP
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
FlushFileBuffers
HeapSize
DecodePointer
advapi32
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
SetServiceStatus
TraceMessage
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
Exports
Exports
AVGDLL01
AVGDLL02
AVGDLL03
AVGDLL04
AVGDLL05
AVGDLL06
AVGDLL07
AVGDLL08
AVGDLL09
AVGDLL10
AVGDLL11
AVGDLL12
AVGDLL13
AVGDLL14
AVGDLL15
Sections
.text Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Projects/Manager.cpp
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Projects/Source.cpp
-
!ŞetUp_51286--#PaSꞨKḙy#$$/Setup.exe.exe windows:5 windows x64 arch:x64
b7e244ba46aac2a40ea643244bcedc5b
Code Sign
33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2023, 19:51Not After16/10/2024, 19:51SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
bb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1Signer
Actual PE Digestbb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\a\_work\e\src\out\Release_x64\identity_helper.exe.pdb
Imports
msedge_elf
GetInstallDetailsPayload
SignalInitializeCrashReporting
advapi32
BuildTrusteeWithSidW
ConvertStringSidToSidW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
EventRegister
EventSetInformation
EventUnregister
EventWrite
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
IsValidAcl
IsValidSecurityDescriptor
IsValidSid
RegCloseKey
RegGetValueW
RegOpenKeyExW
RegQueryValueExW
SetEntriesInAclW
SetNamedSecurityInfoW
SetSecurityInfo
dbghelp
SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW
winmm
timeGetTime
kernel32
AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileMappingW
CreateFileW
CreateThread
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
PrefetchVirtualMemory
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadInformation
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrlenA
api-ms-win-core-winrt-l1-1-0
RoInitialize
RoUninitialize
ole32
CoCreateInstance
CoTaskMemFree
shell32
CommandLineToArgvW
ord680
SHGetFolderPathW
SHGetKnownFolderPath
oleaut32
SysAllocString
SysAllocStringLen
SysFreeString
VariantClear
Exports
Exports
GetHandleVerifier
OQS_CPU_has_extension
OQS_KEM_alg_count
OQS_KEM_alg_identifier
OQS_KEM_alg_is_enabled
OQS_KEM_decaps
OQS_KEM_encaps
OQS_KEM_free
OQS_KEM_keypair
OQS_KEM_kyber_768_decaps
OQS_KEM_kyber_768_encaps
OQS_KEM_kyber_768_keypair
OQS_KEM_new
OQS_MEM_cleanse
OQS_MEM_insecure_free
OQS_MEM_secure_bcmp
OQS_MEM_secure_free
OQS_SIG_alg_count
OQS_SIG_alg_identifier
OQS_SIG_alg_is_enabled
OQS_SIG_free
OQS_SIG_keypair
OQS_SIG_new
OQS_SIG_sign
OQS_SIG_verify
OQS_destroy
OQS_init
OQS_randombytes
OQS_randombytes_custom_algorithm
OQS_randombytes_nist_kat_init_256bit
OQS_randombytes_switch_algorithm
OQS_version
Sections
.text Size: 868KB - Virtual size: 867KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 62KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gxfg Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.retplne Size: 512B - Virtual size: 140B
.tls Size: 512B - Virtual size: 397B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/caret.xls
-
!ŞetUp_51286--#PaSꞨKḙy#$$/msedge_elf.dll.dll windows:5 windows x64 arch:x64
e5e4f3f5367c0c82df24a4723fbd8a3c
Code Sign
33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19/10/2023, 19:51Not After16/10/2024, 19:51SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
25:ea:4e:5d:aa:06:d9:55:19:b1:db:ee:1d:df:6e:96:13:24:60:c8:b5:6f:ea:57:11:55:3b:4d:10:5e:30:1dSigner
Actual PE Digest25:ea:4e:5d:aa:06:d9:55:19:b1:db:ee:1d:df:6e:96:13:24:60:c8:b5:6f:ea:57:11:55:3b:4d:10:5e:30:1dDigest Algorithmsha256PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\a\_work\e\src\out\Release_x64\msedge_elf.dll.pdb
Imports
kernel32
AcquireSRWLockExclusive
AddVectoredExceptionHandler
AssignProcessToJobObject
CancelIo
CloseHandle
CompareStringW
ConnectNamedPipe
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeClientProcessId
GetNamedPipeServerProcessId
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
HeapAlloc
HeapFree
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetMappedFileNameW
K32GetModuleInformation
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointerEx
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessMitigationPolicy
SetStdHandle
SetThreadInformation
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA
lstrcmpiW
lstrlenA
ntdll
NtClose
NtCreateKey
NtDeleteKey
NtOpenKeyEx
NtQueryValueKey
NtSetValueKey
RtlFormatCurrentUserKeyPath
RtlFreeUnicodeString
RtlGetLastNtStatus
RtlInitUnicodeString
oleaut32
GetErrorInfo
SetErrorInfo
SysAllocString
SysFreeString
SysStringLen
Exports
Exports
??0PwaHelperImpl@edge_pwahelper@@QEAA@XZ
??1PwaHelperImpl@edge_pwahelper@@UEAA@XZ
??_7PwaHelperImpl@edge_pwahelper@@6B@
?AppendMojoServerBindingInfo@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVCommandLine@base@@@Z
?BadgeNotification@PwaHelperImpl@edge_pwahelper@@UEAAXW4BadgeNotificationType@mojom@2@AEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@@Z
?BindWidgetManager@PwaHelperImpl@edge_pwahelper@@AEAAXV?$ScopedHandleBase@VMessagePipeHandle@mojo@@@mojo@@@Z
?DigitalGoodsAbortPaymentApp@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AX_N@Z@base@@@Z
?DigitalGoodsConsume@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@@Z@base@@@Z
?DigitalGoodsGetDetails@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$vector@V?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$StructPtr@VItemDetails@mojom@payments@@@mojo@@V?$allocator@V?$StructPtr@VItemDetails@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?DigitalGoodsInvokePaymentApp@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4PurchaseResponseCode@mojom@edge_pwahelper@@@Z@base@@@Z
?DigitalGoodsListPurchaseHistory@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@V?$allocator@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?DigitalGoodsListPurchases@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@V?$allocator@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?GetAppAcquisitionDetail@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4AcquisitionInfoResponseCode@mojom@edge_acquisition_info@@V?$InlinedStructPtr@VAcquisitionDetails@mojom@edge_acquisition_info@@@mojo@@@Z@base@@@Z
?InitMojo@PwaHelperImpl@edge_pwahelper@@AEAAXXZ
?InitializeAppUserModelIdForCurrentProcess@PwaHelperImpl@edge_pwahelper@@QEAA_NXZ
?OnClientConnected@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVWaitableEvent@base@@@Z
?PinTileToStart@PwaHelperImpl@edge_pwahelper@@UEAAXXZ
?PinTileToTaskbar@PwaHelperImpl@edge_pwahelper@@UEAAXXZ
?SetPwaHwnd@PwaHelperImpl@edge_pwahelper@@UEAAX_K@Z
?SetSingletonProcessId@PwaHelperImpl@edge_pwahelper@@UEAAXI@Z
?Shutdown@PwaHelperImpl@edge_pwahelper@@AEAAXI@Z
?StartAppWithIncomingMojo@PwaHelperImpl@edge_pwahelper@@QEAAXVPlatformChannelEndpoint@mojo@@@Z
?StartAppWithPlatformChannel@PwaHelperImpl@edge_pwahelper@@QEAAXV?$unique_ptr@VCommandLine@base@@U?$default_delete@VCommandLine@base@@@__Cr@std@@@__Cr@std@@@Z
?StartProcessWithMojoIPC@PwaHelperImpl@edge_pwahelper@@QEAAKPEAXV?$unique_ptr@VCommandLine@base@@U?$default_delete@VCommandLine@base@@@__Cr@std@@@__Cr@std@@V?$unique_ptr@VScopedTempDir@base@@U?$default_delete@VScopedTempDir@base@@@__Cr@std@@@45@@Z
?TryActivateInstance@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVCommandLine@base@@@Z
?ValidateHandShake@PwaHelperImpl@edge_pwahelper@@AEAAXXZ
ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetElfLoadThreadId
GetHandleVerifier
GetInjectionMitigationStatus
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBrowserProcess
IsExtensionPointDisableSet
IsThirdPartyInitialized
OQS_CPU_has_extension
OQS_KEM_alg_count
OQS_KEM_alg_identifier
OQS_KEM_alg_is_enabled
OQS_KEM_decaps
OQS_KEM_encaps
OQS_KEM_free
OQS_KEM_keypair
OQS_KEM_kyber_768_decaps
OQS_KEM_kyber_768_encaps
OQS_KEM_kyber_768_keypair
OQS_KEM_new
OQS_MEM_cleanse
OQS_MEM_insecure_free
OQS_MEM_secure_bcmp
OQS_MEM_secure_free
OQS_SIG_alg_count
OQS_SIG_alg_identifier
OQS_SIG_alg_is_enabled
OQS_SIG_free
OQS_SIG_keypair
OQS_SIG_new
OQS_SIG_sign
OQS_SIG_verify
OQS_destroy
OQS_init
OQS_randombytes
OQS_randombytes_custom_algorithm
OQS_randombytes_nist_kat_init_256bit
OQS_randombytes_switch_algorithm
OQS_version
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetTelemetryLevel_ExportThunk
SetUploadConsent_ExportThunk
SignalChromeElf
SignalInitializeCrashReporting
StartAppWithParameter
Sections
.text Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 597KB - Virtual size: 596KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 73KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.crthunk Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gxfg Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.retplne Size: 512B - Virtual size: 196B
.rodata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.tls Size: 1024B - Virtual size: 522B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CPADinfo Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
malloc_h Size: 512B - Virtual size: 226B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
!ŞetUp_51286--#PaSꞨKḙy#$$/test.asp