QR[.]Discord[.]Token[.]Grabber[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

QR.Discord.Token.Grabber.7z
Size

67.7MB
MD5

1d91d18ced4426eb935341d2142b098e
SHA1

8ebbeeb816052d26adb1c68297f8a6b1af746634
SHA256

724d3f4db11d82439b133765a86606cc48cf9a37c304829a95de960ef0a299c7
SHA512

9cf8d2405fb168e700a4d032e7334c1c4ac01f508c5f6c5a8d4404a991d05add8760d4f30762806e0582b77044e980b767d7e2863078db793356db4c538ed65a
SSDEEP

1572864:/uqjPnooFr3kBR+WRoL2SZobmeHmiWA/PFNSlgQoLEQsf:/uKnooUBRhoL9oS12PFNIocf

Score

3^/10

qr link

Malware Config

Signatures

One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
qr link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/browser/chromedriver.exe

Files

QR.Discord.Token.Grabber.7z
.7z
QR Discord Token Grabber/QR-dtg.py
.py .js
QR Discord Token Grabber/README.md
QR Discord Token Grabber/[1] install_requirements.bat
QR Discord Token Grabber/[2] run.bat
QR Discord Token Grabber/browser.7z
.7z
browser/84.0.4147.85/84.0.4147.85.manifest
browser/84.0.4147.85/Extensions/external_extensions.json
browser/84.0.4147.85/Locales/am.pak
browser/84.0.4147.85/Locales/ar.pak
browser/84.0.4147.85/Locales/bg.pak
browser/84.0.4147.85/Locales/bn.pak
browser/84.0.4147.85/Locales/ca.pak
browser/84.0.4147.85/Locales/cs.pak
browser/84.0.4147.85/Locales/da.pak
browser/84.0.4147.85/Locales/de.pak
browser/84.0.4147.85/Locales/el.pak
browser/84.0.4147.85/Locales/en-GB.pak
browser/84.0.4147.85/Locales/en-US.pak
browser/84.0.4147.85/Locales/es-419.pak
browser/84.0.4147.85/Locales/es.pak
browser/84.0.4147.85/Locales/et.pak
browser/84.0.4147.85/Locales/fa.pak
browser/84.0.4147.85/Locales/fi.pak
browser/84.0.4147.85/Locales/fil.pak
browser/84.0.4147.85/Locales/fr.pak
browser/84.0.4147.85/Locales/gu.pak
browser/84.0.4147.85/Locales/he.pak
browser/84.0.4147.85/Locales/hi.pak
browser/84.0.4147.85/Locales/hr.pak
browser/84.0.4147.85/Locales/hu.pak
browser/84.0.4147.85/Locales/id.pak
browser/84.0.4147.85/Locales/it.pak
browser/84.0.4147.85/Locales/ja.pak
browser/84.0.4147.85/Locales/kn.pak
browser/84.0.4147.85/Locales/ko.pak
browser/84.0.4147.85/Locales/lt.pak
browser/84.0.4147.85/Locales/lv.pak
browser/84.0.4147.85/Locales/ml.pak
browser/84.0.4147.85/Locales/mr.pak
browser/84.0.4147.85/Locales/ms.pak
browser/84.0.4147.85/Locales/nb.pak
browser/84.0.4147.85/Locales/nl.pak
browser/84.0.4147.85/Locales/pl.pak
browser/84.0.4147.85/Locales/pt-BR.pak
browser/84.0.4147.85/Locales/pt-PT.pak
browser/84.0.4147.85/Locales/ro.pak
browser/84.0.4147.85/Locales/ru.pak
browser/84.0.4147.85/Locales/sk.pak
browser/84.0.4147.85/Locales/sl.pak
browser/84.0.4147.85/Locales/sr.pak
browser/84.0.4147.85/Locales/sv.pak
browser/84.0.4147.85/Locales/sw.pak
browser/84.0.4147.85/Locales/ta.pak
browser/84.0.4147.85/Locales/te.pak
browser/84.0.4147.85/Locales/th.pak
browser/84.0.4147.85/Locales/tr.pak
browser/84.0.4147.85/Locales/uk.pak
browser/84.0.4147.85/Locales/vi.pak
browser/84.0.4147.85/Locales/zh-CN.pak
browser/84.0.4147.85/Locales/zh-TW.pak
browser/84.0.4147.85/MEIPreload/manifest.json
browser/84.0.4147.85/MEIPreload/preloaded_data.pb
browser/84.0.4147.85/VisualElements/Logo.png
.png
browser/84.0.4147.85/VisualElements/LogoBeta.png
.png
browser/84.0.4147.85/VisualElements/LogoCanary.png
.png
browser/84.0.4147.85/VisualElements/LogoDev.png
.png
browser/84.0.4147.85/VisualElements/SmallLogo.png
.png
browser/84.0.4147.85/VisualElements/SmallLogoBeta.png
.png
browser/84.0.4147.85/VisualElements/SmallLogoCanary.png
.png
browser/84.0.4147.85/VisualElements/SmallLogoDev.png
.png
browser/84.0.4147.85/WidevineCdm/LICENSE
browser/84.0.4147.85/WidevineCdm/_platform_specific/win_x64/widevinecdm.dll
.dll windows:5 windows x64 arch:x64

72eb92f44d96b3dcafd83c71405d194d

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

da:d3:1f:13:35:22:55:7f:98:fa:75:40:4e:bc:cf:2d:85:41:13:02:db:48:40:65:c6:b7:aa:1a:ef:d3:0f:e8
Signer

Actual PE Digest

da:d3:1f:13:35:22:55:7f:98:fa:75:40:4e:bc:cf:2d:85:41:13:02:db:48:40:65:c6:b7:aa:1a:ef:d3:0f:e8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\b\s\w\ir\cache\builder\src\out\Release\widevinecdm.dll.pdb

Imports

advapi32

SystemFunction036
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

dbghelp

SymGetSearchPathW
SymInitialize
SymGetLineFromAddr64
SymSetSearchPathW
SymSetOptions
SymFromAddr

psapi

GetMappedFileNameW

user32

EnumDisplayMonitors
GetMonitorInfoW

winmm

timeGetTime

kernel32

LoadLibraryA
VirtualQueryEx
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetFileType
SetStdHandle
GetConsoleMode
GetConsoleCP
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
GetLocaleInfoW
GetVersionExW
GetLastError
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
TlsAlloc
TlsGetValue
TlsSetValue
RtlVirtualUnwind
HeapCreate
HeapDestroy
GetCurrentDirectoryW
CreateFileW
WriteFile
OutputDebugStringA
CloseHandle
SetLastError
GetCurrentProcessId
GetLocalTime
GetTickCount
GetModuleFileNameW
FormatMessageA
GetModuleHandleW
GetProcAddress
FlushFileBuffers
GetFileSizeEx
ReadFile
SetFilePointerEx
DuplicateHandle
GetCurrentProcess
SetCurrentDirectoryW
GetLogicalDriveStringsW
QueryDosDeviceW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
IsDebuggerPresent
RaiseException
Sleep
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadId
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCommandLineW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
GetNativeSystemInfo
FindClose
FindFirstFileExW
FindNextFileW
TryAcquireSRWLockExclusive
FreeLibrary
LoadLibraryExW
LoadLibraryW
TerminateProcess
TlsFree
SwitchToThread
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSection
DeleteCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ExitThread
TerminateThread
GetExitCodeThread
WaitForSingleObjectEx
InitializeCriticalSectionEx
SleepConditionVariableCS
TryEnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
DecodePointer
CompareStringW
LCMapStringW

ole32

CoTaskMemFree

Exports

Exports

CreateCdmInstance
DeinitializeCdmModule
GetCdmVersion
GetHandleVerifier
InitializeCdmModule_4
VerifyCdmHost_0

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
browser/84.0.4147.85/WidevineCdm/_platform_specific/win_x64/widevinecdm.dll.sig
browser/84.0.4147.85/WidevineCdm/manifest.json
browser/84.0.4147.85/chrome.dll
.dll windows:5 windows x64 arch:x64

edfed4508505053bb9c68b5be80477bb

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:f0:cc:9d:44:ff:a9:bb:dc:70:f3:c6:2e:97:f8:95:bb:f4:59:a0:cf:67:7e:0e:3e:dc:a4:37:81:a4:57:c2
Signer

Actual PE Digest

49:f0:cc:9d:44:ff:a9:bb:dc:70:f3:c6:2e:97:f8:95:bb:f4:59:a0:cf:67:7e:0e:3e:dc:a4:37:81:a4:57:c2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

chrome.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AllocConsole
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
CallbackMayRunLong
CancelIo
CancelIoEx
CheckRemoteDebuggerPresent
ClearCommError
CloseHandle
CloseThreadpool
CloseThreadpoolWork
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateThreadpool
CreateThreadpoolWork
CreateToolhelp32Snapshot
DebugActiveProcess
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteProcThreadAttributeList
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
EnumSystemLocalesW
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextFileA
FindNextFileW
FindNextVolumeW
FindResourceW
FindVolumeClose
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommModemStatus
GetCommState
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleDisplayMode
GetConsoleMode
GetCurrencyFormatEx
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatEx
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetDynamicTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetGeoInfoW
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeHandleStateW
GetNativeSystemInfo
GetNumberFormatEx
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessIoCounters
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadId
GetThreadPreferredUILanguages
GetThreadPriority
GetThreadPriorityBoost
GetThreadTimes
GetTickCount
GetTimeFormatEx
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVersion
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32EmptyWorkingSet
K32EnumProcessModules
K32GetMappedFileNameW
K32GetModuleFileNameExW
K32GetModuleInformation
K32GetPerformanceInfo
K32GetProcessMemoryInfo
K32QueryWorkingSetEx
LCIDToLocaleName
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocaleNameToLCID
LockFile
LockFileEx
LockResource
MapViewOfFile
MapViewOfFileEx
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
PowerClearRequest
PowerCreateRequest
PowerSetRequest
Process32FirstW
Process32NextW
ProcessIdToSessionId
PurgeComm
QueryDosDeviceW
QueryFullProcessImageNameW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
QueryUnbiasedInterruptTime
RaiseException
RaiseFailFastException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ReplaceFileW
ResetEvent
ResolveLocaleName
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlCaptureStackBackTrace
RtlDeleteFunctionTable
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SearchPathW
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetInformationJobObject
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadContext
SetThreadExecutionState
SetThreadPriority
SetThreadPriorityBoost
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SleepEx
SubmitThreadpoolWork
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitCommEvent
WaitForDebugEvent
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWorkCallbacks
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA
lstrcmpiW

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNameSpaceProvidersW
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSALookupServiceBeginW
WSALookupServiceEnd
WSALookupServiceNextW
WSARecvFrom
WSAResetEvent
WSASend
WSASendTo
WSASetEvent
WSASetServiceW
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
WSCEnumProtocols
WSCGetProviderPath
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

iphlpapi

CancelIPChangeNotify
FreeMibTable
GetAdaptersAddresses
GetIfTable2
GetInterfaceInfo
IpReleaseAddress
IpRenewAddress
NotifyAddrChange

oleaut32

LoadRegTypeLi
LoadTypeLi
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VarCmp
VarUI4FromStr
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime

winmm

midiInAddBuffer
midiInClose
midiInGetDevCapsW
midiInGetNumDevs
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInUnprepareHeader
midiOutClose
midiOutGetDevCapsW
midiOutGetNumDevs
midiOutLongMsg
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutShortMsg
midiOutUnprepareHeader
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime
waveInGetNumDevs
waveOutClose
waveOutGetNumDevs
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

secur32

AcquireCredentialsHandleA
AcquireCredentialsHandleW
CompleteAuthToken
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
GetUserNameExW
InitializeSecurityContextA
InitializeSecurityContextW
LsaConnectUntrusted
LsaDeregisterLogonProcess
LsaFreeReturnBuffer
LsaLogonUser
QueryContextAttributesW
QuerySecurityPackageInfoW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock
RegisterGPNotification
UnregisterGPNotification

wintrust

CryptCATAdminAcquireContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
WTHelperProvDataFromStateData
WinVerifyTrust

uiautomationcore

UiaGetReservedMixedAttributeValue
UiaGetReservedNotSupportedValue
UiaHostProviderFromHwnd
UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent
UiaRaiseStructureChangedEvent
UiaReturnRawElementProvider

crypt32

CertAddCertificateContextToStore
CertAddEncodedCertificateToStore
CertCloseStore
CertCompareCertificateName
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertFindCertificateInStore
CertFindChainInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetIntendedKeyUsage
CertGetIssuerCertificateFromStore
CertGetNameStringW
CertOpenStore
CertOpenSystemStoreW
CertSetCertificateContextProperty
CertVerifyCertificateChainPolicy
CertVerifyTimeValidity
CryptAcquireCertificatePrivateKey
CryptDecodeObjectEx
CryptInstallOIDFunctionAddress
CryptMsgClose
CryptMsgGetParam
CryptProtectData
CryptQueryObject
CryptUnprotectData
CryptVerifyCertificateSignatureEx

chrome_elf

ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsThirdPartyInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

dwrite

DWriteCreateFactory

winspool.drv

ClosePrinter
DeviceCapabilitiesW
DocumentPropertiesW
EnumPrintersW
FindClosePrinterChangeNotification
FindFirstPrinterChangeNotification
FindNextPrinterChangeNotification
ord203
GetJobW
GetPrinterDriverW
GetPrinterW
OpenPrinterW

dbghelp

StackWalk64
SymCleanup
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

dhcpcsvc

DhcpCApiInitialize
DhcpRequestParams

Exports

Exports

ChromeMain
CrashForExceptionInNonABICompliantCodeRange
GetHandleVerifier
IsSandboxedProcess
RelaunchChromeBrowserWithNewCommandLineIfNeeded
VR_GetGenericInterface
VR_GetInitToken
VR_GetRuntimePath
VR_GetStringForHmdError
VR_GetVRInitErrorAsEnglishDescription
VR_GetVRInitErrorAsSymbol
VR_InitInternal
VR_InitInternal2
VR_IsHmdPresent
VR_IsInterfaceVersionValid
VR_IsRuntimeInstalled
VR_RuntimePath
VR_ShutdownInternal
_ovly_debug_event
nacl_global_xlate_base
nacl_thread_ids
nacl_user

Sections

.text
Size: 104.7MB - Virtual size: 104.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17.3MB - Virtual size: 17.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 408KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 108B

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/chrome.dll.sig
browser/84.0.4147.85/chrome.exe.sig
browser/84.0.4147.85/chrome_100_percent.pak
browser/84.0.4147.85/chrome_200_percent.pak
browser/84.0.4147.85/chrome_elf.dll
.dll windows:5 windows x64 arch:x64

3b74d11283939bf0c0f514e79f43c0d8

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:21:27:04:45:19:e3:61:33:61:4e:2d:e2:26:c8:85:b3:49:ea:e3:10:2f:c3:d7:e0:11:d0:07:9b:e3:6f:0d
Signer

Actual PE Digest

95:21:27:04:45:19:e3:61:33:61:4e:2d:e2:26:c8:85:b3:49:ea:e3:10:2f:c3:d7:e0:11:d0:07:9b:e3:6f:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

chrome_elf.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetHandleVerifier
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsThirdPartyInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk
SignalChromeElf
SignalInitializeCrashReporting

Sections

.text
Size: 647KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oldntma
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/chrome_pwa_launcher.exe
.exe windows:5 windows x64 arch:x64

8bea80cb63da9a627d37eb7f882f6534

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:53:fb:92:98:59:4a:bc:13:66:3c:01:dd:c5:32:58:90:27:68:ac:c2:3f:2f:21:75:2e:8a:96:c5:d9:07:fb
Signer

Actual PE Digest

94:53:fb:92:98:59:4a:bc:13:66:3c:01:dd:c5:32:58:90:27:68:ac:c2:3f:2f:21:75:2e:8a:96:c5:d9:07:fb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

chrome_pwa_launcher.exe.pdb

Imports

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateProcessW
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UpdateProcThreadAttribute
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

advapi32

CreateProcessAsUserW
EventRegister
EventUnregister
EventWriteTransfer
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

user32

AllowSetForegroundWindow

winmm

timeGetTime

ole32

CoTaskMemFree

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 12B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/d3dcompiler_47.dll
.dll windows:10 windows x64 arch:x64

4004e7f7eff525b82926d9696cb4db19

Code Sign

33:00:00:00:c3:3b:b8:10:d6:ab:75:9c:84:00:00:00:00:00:c3
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:D236-37DA-9761,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/09/2017, 18:07

Not After

12/09/2018, 18:07

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:ac:68:cf:5d:17:21:66:80:b3:3a:75:5a:f7:9b:a8:cf:a4:a9:ea:0a:d8:7f:7f:64:68:e2:b3:93:a4:eb:9a
Signer

Actual PE Digest

90:ac:68:cf:5d:17:21:66:80:b3:3a:75:5a:f7:9b:a8:cf:a4:a9:ea:0a:d8:7f:7f:64:68:e2:b3:93:a4:eb:9a

Digest Algorithm

sha256

PE Digest Matches

true

fa:90:fa:70:4f:be:7b:a4:ac:bd:95:97:95:be:bb:d0:a7:a6:8b:11
Signer

Actual PE Digest

fa:90:fa:70:4f:be:7b:a4:ac:bd:95:97:95:be:bb:d0:a7:a6:8b:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

msvcrt

_unlock
_lock
??1type_info@@UEAA@XZ
strncpy_s
malloc
_strnicmp
atoi
isdigit
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
_callnewh
_isnan
_purecall
__isascii
_clearfp
_controlfp
_strdup
_mbstrlen
_vsnwprintf
strtoul
isxdigit
isalpha
atof
strchr
setlocale
strnlen
__dllonexit
modf
isspace
wcsncmp
wcsncpy_s
_wcsicmp
memcpy
memset
fclose
bsearch
qsort
strcat_s
strstr
_onexit
memcmp
strcmp
_snwprintf_s
__unDName
fread
fseek
_wfsopen
wcstoul
_fileno
sscanf_s
_filelengthi64
towlower
_wcsnicmp
_wsplitpath_s
wcscpy_s
wcsncat_s
wcsrchr
swprintf_s
_wfullpath
_wmakepath_s
_time64
_chsize_s
_close
_read
_write
_lseeki64
_get_osfhandle
_open_osfhandle
_wcsdup
wcscat_s
ftell
_mbscmp
_memicmp
_wgetenv
toupper
_atoi64
_errno
strtod
__CxxFrameHandler3
_strtoui64
?terminate@@YAXXZ
_CxxThrowException
tan
strrchr
tolower
_finite
_fpclass
memmove
strcpy_s
memcpy_s
isalnum
getenv
free
_stricmp
sprintf_s
_vsnprintf
strncmp
_wsopen
acos
asin
atan
atan2
ceil
cos
cosh
exp
floor
floorf
fmod
log
pow
sin
sinh
sqrt
tanh

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
CreateFileA
SetLastError
FlushViewOfFile
MapViewOfFileEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
SetFileAttributesW
LCMapStringW
GetFileAttributesW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
LocalAlloc
LoadLibraryExW
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
CreateFileW
GetLastError
GetFileSizeEx
ReadFile
CloseHandle
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress

advapi32

CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
CryptDestroyHash
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 868KB - Virtual size: 867KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/default_apps/docs.crx
.zip
icon_128.png
.png
icon_16.png
.png
main.html
.html
main.js
manifest.json
browser/84.0.4147.85/default_apps/drive.crx
.zip
128.png
.png
_locales/ar/messages.json
_locales/bg/messages.json
_locales/ca/messages.json
_locales/cs/messages.json
_locales/da/messages.json
_locales/de/messages.json
_locales/el/messages.json
_locales/en_GB/messages.json
_locales/en_US/messages.json
_locales/es/messages.json
_locales/es_419/messages.json
_locales/et/messages.json
_locales/eu/messages.json
_locales/fi/messages.json
_locales/fil/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/hi/messages.json
_locales/hr/messages.json
_locales/hu/messages.json
_locales/id/messages.json
_locales/it/messages.json
_locales/ja/messages.json
_locales/ko/messages.json
_locales/lt/messages.json
_locales/lv/messages.json
_locales/ms/messages.json
_locales/nl/messages.json
_locales/no/messages.json
_locales/pl/messages.json
_locales/pt_BR/messages.json
_locales/pt_PT/messages.json
_locales/ro/messages.json
_locales/ru/messages.json
_locales/sk/messages.json
_locales/sl/messages.json
_locales/sr/messages.json
_locales/sv/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/uk/messages.json
_locales/vi/messages.json
_locales/zh_CN/messages.json
_locales/zh_TW/messages.json
manifest.json
browser/84.0.4147.85/default_apps/external_extensions.json
browser/84.0.4147.85/default_apps/gmail.crx
.zip
128.png
.png
_locales/ar/messages.json
_locales/bg/messages.json
_locales/ca/messages.json
_locales/cs/messages.json
_locales/da/messages.json
_locales/de/messages.json
_locales/el/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fi/messages.json
_locales/fil/messages.json
_locales/fr/messages.json
_locales/hi/messages.json
_locales/hr/messages.json
_locales/hu/messages.json
_locales/id/messages.json
_locales/it/messages.json
_locales/ja/messages.json
_locales/ko/messages.json
_locales/lt/messages.json
_locales/lv/messages.json
_locales/nl/messages.json
_locales/no/messages.json
_locales/pl/messages.json
_locales/pt_BR/messages.json
_locales/pt_PT/messages.json
_locales/ro/messages.json
_locales/ru/messages.json
_locales/se/messages.json
_locales/sk/messages.json
_locales/sl/messages.json
_locales/sr/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/uk/messages.json
_locales/vi/messages.json
_locales/zh_CN/messages.json
_locales/zh_TW/messages.json
manifest.json
browser/84.0.4147.85/default_apps/youtube.crx
.zip
128.png
.png
_locales/ar/messages.json
_locales/bg/messages.json
_locales/ca/messages.json
_locales/cs/messages.json
_locales/da/messages.json
_locales/de/messages.json
_locales/el/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fi/messages.json
_locales/fil/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/hi/messages.json
_locales/hr/messages.json
_locales/hu/messages.json
_locales/id/messages.json
_locales/it/messages.json
_locales/ja/messages.json
_locales/ko/messages.json
_locales/lt/messages.json
_locales/lv/messages.json
_locales/nl/messages.json
_locales/no/messages.json
_locales/pl/messages.json
_locales/pt_BR/messages.json
_locales/pt_PT/messages.json
_locales/ro/messages.json
_locales/ru/messages.json
_locales/sk/messages.json
_locales/sl/messages.json
_locales/sr/messages.json
_locales/sv/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/uk/messages.json
_locales/vi/messages.json
_locales/zh_CN/messages.json
_locales/zh_TW/messages.json
manifest.json
browser/84.0.4147.85/elevation_service.exe
.exe windows:5 windows x64 arch:x64

05e7c2e1b3b8cfd9a4a7808baf6ff89e

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:5d:a7:ed:ea:5c:48:33:c5:47:1d:e2:9b:ef:29:8c:25:3e:97:f9:08:d8:a8:3d:73:20:b5:23:7f:3b:7e:a5
Signer

Actual PE Digest

25:5d:a7:ed:ea:5c:48:33:c5:47:1d:e2:9b:ef:29:8c:25:3e:97:f9:08:d8:a8:3d:73:20:b5:23:7f:3b:7e:a5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

elevation_service.exe.pdb

Imports

advapi32

AddAce
CopySid
CreateProcessAsUserW
EventRegister
EventUnregister
EventWriteTransfer
GetAclInformation
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSidLengthRequired
GetSidSubAuthority
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
IsValidSid
MakeAbsoluteSD
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegisterServiceCtrlHandlerW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetServiceStatus
StartServiceCtrlDispatcherW
SystemFunction036

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AssignProcessToJobObject
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateProcessW
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MoveFileExW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SwitchToThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UpdateProcThreadAttribute
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

ole32

CoAddRefServerProcess
CoImpersonateClient
CoInitializeEx
CoInitializeSecurity
CoRegisterClassObject
CoReleaseServerProcess
CoResumeClassObjects
CoRevertToSelf
CoRevokeClassObject
CoTaskMemFree
CoUninitialize
IIDFromString

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

user32

AllowSetForegroundWindow

shlwapi

PathMatchSpecW

winmm

timeGetTime

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 12B

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/eventlog_provider.dll
.dll windows:5 windows x64 arch:x64

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:1f:23:9f:8e:39:04:39:b0:32:78:07:15:00:be:0b:2d:53:ee:1f:01:5a:6f:14:ef:19:9a:fc:60:27:58:d8
Signer

Actual PE Digest

8d:1f:23:9f:8e:39:04:39:b0:32:78:07:15:00:be:0b:2d:53:ee:1f:01:5a:6f:14:ef:19:9a:fc:60:27:58:d8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

eventlog_provider.dll.pdb

Exports

Exports

?fn@@YA_NXZ

Sections

.text
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/icudtl.dat
browser/84.0.4147.85/libEGL.dll
.dll windows:5 windows x64 arch:x64

473add2829e325fddbfbed09790ab4d8

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

80:ba:e6:16:c9:32:90:00:c2:34:26:81:e1:e0:34:36:23:e4:0f:20:79:06:35:2f:42:61:32:db:aa:7d:a7:ae
Signer

Actual PE Digest

80:ba:e6:16:c9:32:90:00:c2:34:26:81:e1:e0:34:36:23:e4:0f:20:79:06:35:2f:42:61:32:db:aa:7d:a7:ae

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libEGL.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDupNativeFenceFDANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncValuesCHROMIUM
eglInitialize
eglLabelObjectKHR
eglMakeCurrent
eglPostSubBufferNV
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseDeviceANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/libGLESv2.dll
.dll windows:5 windows x64 arch:x64

0ad9888aed83c203e5869b021ff3c09e

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:61:ae:35:bf:04:e7:21:8c:5c:3d:7d:59:a0:3d:33:45:df:f1:8b:10:c2:73:a4:8f:a4:f2:3d:2b:7c:99:d0
Signer

Actual PE Digest

02:61:ae:35:bf:04:e7:21:8c:5c:3d:7d:59:a0:3d:33:45:df:f1:8b:10:c2:73:a4:8f:a4:f2:3d:2b:7c:99:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libGLESv2.dll.pdb

Imports

user32

CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
GetClassInfoA
GetClientRect
GetDC
GetWindowThreadProcessId
InvalidateRect
IsIconic
IsWindow
LoadCursorA
RegisterClassA
ReleaseDC
UnregisterClassA
WindowFromDC

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateMutexW
CreateThread
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

dxgi

CreateDXGIFactory1

gdi32

ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers

Exports

Exports

??0PlatformMethods@angle@@QEAA@XZ
??4PlatformMethods@angle@@QEAAAEAU01@$$QEAU01@@Z
??4PlatformMethods@angle@@QEAAAEAU01@AEBU01@@Z
?ActiveShaderProgram@gl@@YAXII@Z
?ActiveShaderProgramContextANGLE@gl@@YAXPEAXII@Z
?ActiveTexture@gl@@YAXI@Z
?ActiveTextureContextANGLE@gl@@YAXPEAXI@Z
?AlphaFunc@gl@@YAXIM@Z
?AlphaFuncContextANGLE@gl@@YAXPEAXIM@Z
?AlphaFuncx@gl@@YAXIH@Z
?AlphaFuncxContextANGLE@gl@@YAXPEAXIH@Z
?AttachShader@gl@@YAXII@Z
?AttachShaderContextANGLE@gl@@YAXPEAXII@Z
?BeginQuery@gl@@YAXII@Z
?BeginQueryContextANGLE@gl@@YAXPEAXII@Z
?BeginQueryEXT@gl@@YAXII@Z
?BeginQueryEXTContextANGLE@gl@@YAXPEAXII@Z
?BeginTransformFeedback@gl@@YAXI@Z
?BeginTransformFeedbackContextANGLE@gl@@YAXPEAXI@Z
?BindAttribLocation@gl@@YAXIIPEBD@Z
?BindAttribLocationContextANGLE@gl@@YAXPEAXIIPEBD@Z
?BindBuffer@gl@@YAXII@Z
?BindBufferBase@gl@@YAXIII@Z
?BindBufferBaseContextANGLE@gl@@YAXPEAXIII@Z
?BindBufferContextANGLE@gl@@YAXPEAXII@Z
?BindBufferRange@gl@@YAXIII_J0@Z
?BindBufferRangeContextANGLE@gl@@YAXPEAXIII_J1@Z
?BindFragDataLocationEXT@gl@@YAXIIPEBD@Z
?BindFragDataLocationEXTContextANGLE@gl@@YAXPEAXIIPEBD@Z
?BindFragDataLocationIndexedEXT@gl@@YAXIIIPEBD@Z
?BindFragDataLocationIndexedEXTContextANGLE@gl@@YAXPEAXIIIPEBD@Z
?BindFramebuffer@gl@@YAXII@Z
?BindFramebufferContextANGLE@gl@@YAXPEAXII@Z
?BindFramebufferOES@gl@@YAXII@Z
?BindFramebufferOESContextANGLE@gl@@YAXPEAXII@Z
?BindImageTexture@gl@@YAXIIHEHII@Z
?BindImageTextureContextANGLE@gl@@YAXPEAXIIHEHII@Z
?BindProgramPipeline@gl@@YAXI@Z
?BindProgramPipelineContextANGLE@gl@@YAXPEAXI@Z
?BindRenderbuffer@gl@@YAXII@Z
?BindRenderbufferContextANGLE@gl@@YAXPEAXII@Z
?BindRenderbufferOES@gl@@YAXII@Z
?BindRenderbufferOESContextANGLE@gl@@YAXPEAXII@Z
?BindSampler@gl@@YAXII@Z
?BindSamplerContextANGLE@gl@@YAXPEAXII@Z
?BindTexture@gl@@YAXII@Z
?BindTextureContextANGLE@gl@@YAXPEAXII@Z
?BindTransformFeedback@gl@@YAXII@Z
?BindTransformFeedbackContextANGLE@gl@@YAXPEAXII@Z
?BindUniformLocationCHROMIUM@gl@@YAXIHPEBD@Z
?BindUniformLocationCHROMIUMContextANGLE@gl@@YAXPEAXIHPEBD@Z
?BindVertexArray@gl@@YAXI@Z
?BindVertexArrayContextANGLE@gl@@YAXPEAXI@Z
?BindVertexArrayOES@gl@@YAXI@Z
?BindVertexArrayOESContextANGLE@gl@@YAXPEAXI@Z
?BindVertexBuffer@gl@@YAXII_JH@Z
?BindVertexBufferContextANGLE@gl@@YAXPEAXII_JH@Z
?BlendBarrier@gl@@YAXXZ
?BlendBarrierContextANGLE@gl@@YAXPEAX@Z
?BlendColor@gl@@YAXMMMM@Z
?BlendColorContextANGLE@gl@@YAXPEAXMMMM@Z
?BlendEquation@gl@@YAXI@Z
?BlendEquationContextANGLE@gl@@YAXPEAXI@Z
?BlendEquationSeparate@gl@@YAXII@Z
?BlendEquationSeparateContextANGLE@gl@@YAXPEAXII@Z
?BlendEquationSeparatei@gl@@YAXIII@Z
?BlendEquationSeparateiContextANGLE@gl@@YAXPEAXIII@Z
?BlendEquationSeparateiEXT@gl@@YAXIII@Z
?BlendEquationSeparateiEXTContextANGLE@gl@@YAXPEAXIII@Z
?BlendEquationSeparateiOES@gl@@YAXIII@Z
?BlendEquationSeparateiOESContextANGLE@gl@@YAXPEAXIII@Z
?BlendEquationi@gl@@YAXII@Z
?BlendEquationiContextANGLE@gl@@YAXPEAXII@Z
?BlendEquationiEXT@gl@@YAXII@Z
?BlendEquationiEXTContextANGLE@gl@@YAXPEAXII@Z
?BlendEquationiOES@gl@@YAXII@Z
?BlendEquationiOESContextANGLE@gl@@YAXPEAXII@Z
?BlendFunc@gl@@YAXII@Z
?BlendFuncContextANGLE@gl@@YAXPEAXII@Z
?BlendFuncSeparate@gl@@YAXIIII@Z
?BlendFuncSeparateContextANGLE@gl@@YAXPEAXIIII@Z
?BlendFuncSeparatei@gl@@YAXIIIII@Z
?BlendFuncSeparateiContextANGLE@gl@@YAXPEAXIIIII@Z
?BlendFuncSeparateiEXT@gl@@YAXIIIII@Z
?BlendFuncSeparateiEXTContextANGLE@gl@@YAXPEAXIIIII@Z
?BlendFuncSeparateiOES@gl@@YAXIIIII@Z
?BlendFuncSeparateiOESContextANGLE@gl@@YAXPEAXIIIII@Z
?BlendFunci@gl@@YAXIII@Z
?BlendFunciContextANGLE@gl@@YAXPEAXIII@Z
?BlendFunciEXT@gl@@YAXIII@Z
?BlendFunciEXTContextANGLE@gl@@YAXPEAXIII@Z
?BlendFunciOES@gl@@YAXIII@Z
?BlendFunciOESContextANGLE@gl@@YAXPEAXIII@Z
?BlitFramebuffer@gl@@YAXHHHHHHHHII@Z
?BlitFramebufferANGLE@gl@@YAXHHHHHHHHII@Z
?BlitFramebufferANGLEContextANGLE@gl@@YAXPEAXHHHHHHHHII@Z
?BlitFramebufferContextANGLE@gl@@YAXPEAXHHHHHHHHII@Z
?BufferData@gl@@YAXI_JPEBXI@Z
?BufferDataContextANGLE@gl@@YAXPEAXI_JPEBXI@Z
?BufferStorageMemEXT@gl@@YAXI_JI_K@Z
?BufferStorageMemEXTContextANGLE@gl@@YAXPEAXI_JI_K@Z
?BufferSubData@gl@@YAXI_J0PEBX@Z
?BufferSubDataContextANGLE@gl@@YAXPEAXI_J1PEBX@Z
?CheckFramebufferStatus@gl@@YAII@Z
?CheckFramebufferStatusContextANGLE@gl@@YAIPEAXI@Z
?CheckFramebufferStatusOES@gl@@YAII@Z
?CheckFramebufferStatusOESContextANGLE@gl@@YAIPEAXI@Z
?Clear@gl@@YAXI@Z
?ClearBufferfi@gl@@YAXIHMH@Z
?ClearBufferfiContextANGLE@gl@@YAXPEAXIHMH@Z
?ClearBufferfv@gl@@YAXIHPEBM@Z
?ClearBufferfvContextANGLE@gl@@YAXPEAXIHPEBM@Z
?ClearBufferiv@gl@@YAXIHPEBH@Z
?ClearBufferivContextANGLE@gl@@YAXPEAXIHPEBH@Z
?ClearBufferuiv@gl@@YAXIHPEBI@Z
?ClearBufferuivContextANGLE@gl@@YAXPEAXIHPEBI@Z
?ClearColor@gl@@YAXMMMM@Z
?ClearColorContextANGLE@gl@@YAXPEAXMMMM@Z
?ClearColorx@gl@@YAXHHHH@Z
?ClearColorxContextANGLE@gl@@YAXPEAXHHHH@Z
?ClearContextANGLE@gl@@YAXPEAXI@Z
?ClearDepthf@gl@@YAXM@Z
?ClearDepthfContextANGLE@gl@@YAXPEAXM@Z
?ClearDepthx@gl@@YAXH@Z
?ClearDepthxContextANGLE@gl@@YAXPEAXH@Z
?ClearStencil@gl@@YAXH@Z
?ClearStencilContextANGLE@gl@@YAXPEAXH@Z
?ClientActiveTexture@gl@@YAXI@Z
?ClientActiveTextureContextANGLE@gl@@YAXPEAXI@Z
?ClientWaitSync@gl@@YAIPEAU__GLsync@@I_K@Z
?ClientWaitSyncContextANGLE@gl@@YAIPEAXPEAU__GLsync@@I_K@Z
?ClipPlanef@gl@@YAXIPEBM@Z
?ClipPlanefContextANGLE@gl@@YAXPEAXIPEBM@Z
?ClipPlanex@gl@@YAXIPEBH@Z
?ClipPlanexContextANGLE@gl@@YAXPEAXIPEBH@Z
?Color4f@gl@@YAXMMMM@Z
?Color4fContextANGLE@gl@@YAXPEAXMMMM@Z
?Color4ub@gl@@YAXEEEE@Z
?Color4ubContextANGLE@gl@@YAXPEAXEEEE@Z
?Color4x@gl@@YAXHHHH@Z
?Color4xContextANGLE@gl@@YAXPEAXHHHH@Z
?ColorMask@gl@@YAXEEEE@Z
?ColorMaskContextANGLE@gl@@YAXPEAXEEEE@Z
?ColorMaski@gl@@YAXIEEEE@Z
?ColorMaskiContextANGLE@gl@@YAXPEAXIEEEE@Z
?ColorMaskiEXT@gl@@YAXIEEEE@Z
?ColorMaskiEXTContextANGLE@gl@@YAXPEAXIEEEE@Z
?ColorMaskiOES@gl@@YAXIEEEE@Z
?ColorMaskiOESContextANGLE@gl@@YAXPEAXIEEEE@Z
?ColorPointer@gl@@YAXHIHPEBX@Z
?ColorPointerContextANGLE@gl@@YAXPEAXHIHPEBX@Z
?CompileShader@gl@@YAXI@Z
?CompileShaderContextANGLE@gl@@YAXPEAXI@Z
?CompressedCopyTextureCHROMIUM@gl@@YAXII@Z
?CompressedCopyTextureCHROMIUMContextANGLE@gl@@YAXPEAXII@Z
?CompressedTexImage2D@gl@@YAXIHIHHHHPEBX@Z
?CompressedTexImage2DContextANGLE@gl@@YAXPEAXIHIHHHHPEBX@Z
?CompressedTexImage2DRobustANGLE@gl@@YAXIHIHHHHHPEBX@Z
?CompressedTexImage2DRobustANGLEContextANGLE@gl@@YAXPEAXIHIHHHHHPEBX@Z
?CompressedTexImage3D@gl@@YAXIHIHHHHHPEBX@Z
?CompressedTexImage3DContextANGLE@gl@@YAXPEAXIHIHHHHHPEBX@Z
?CompressedTexImage3DOES@gl@@YAXIHIHHHHHPEBX@Z
?CompressedTexImage3DOESContextANGLE@gl@@YAXPEAXIHIHHHHHPEBX@Z
?CompressedTexImage3DRobustANGLE@gl@@YAXIHIHHHHHHPEBX@Z
?CompressedTexImage3DRobustANGLEContextANGLE@gl@@YAXPEAXIHIHHHHHHPEBX@Z
?CompressedTexSubImage2D@gl@@YAXIHHHHHIHPEBX@Z
?CompressedTexSubImage2DContextANGLE@gl@@YAXPEAXIHHHHHIHPEBX@Z
?CompressedTexSubImage2DRobustANGLE@gl@@YAXIHHHHHIHHPEBX@Z
?CompressedTexSubImage2DRobustANGLEContextANGLE@gl@@YAXPEAXIHHHHHIHHPEBX@Z
?CompressedTexSubImage3D@gl@@YAXIHHHHHHHIHPEBX@Z
?CompressedTexSubImage3DContextANGLE@gl@@YAXPEAXIHHHHHHHIHPEBX@Z
?CompressedTexSubImage3DOES@gl@@YAXIHHHHHHHIHPEBX@Z
?CompressedTexSubImage3DOESContextANGLE@gl@@YAXPEAXIHHHHHHHIHPEBX@Z
?CompressedTexSubImage3DRobustANGLE@gl@@YAXIHHHHHHHIHHPEBX@Z
?CompressedTexSubImage3DRobustANGLEContextANGLE@gl@@YAXPEAXIHHHHHHHIHHPEBX@Z
?CopyBufferSubData@gl@@YAXII_J00@Z
?CopyBufferSubDataContextANGLE@gl@@YAXPEAXII_J11@Z
?CopyImageSubData@gl@@YAXIIHHHHIIHHHHHHH@Z
?CopyImageSubDataContextANGLE@gl@@YAXPEAXIIHHHHIIHHHHHHH@Z
?CopySubTexture3DANGLE@gl@@YAXIHIIHHHHHHHHHHEEE@Z
?CopySubTexture3DANGLEContextANGLE@gl@@YAXPEAXIHIIHHHHHHHHHHEEE@Z
?CopySubTextureCHROMIUM@gl@@YAXIHIIHHHHHHHEEE@Z
?CopySubTextureCHROMIUMContextANGLE@gl@@YAXPEAXIHIIHHHHHHHEEE@Z
?CopyTexImage2D@gl@@YAXIHIHHHHH@Z
?CopyTexImage2DContextANGLE@gl@@YAXPEAXIHIHHHHH@Z
?CopyTexSubImage2D@gl@@YAXIHHHHHHH@Z
?CopyTexSubImage2DContextANGLE@gl@@YAXPEAXIHHHHHHH@Z
?CopyTexSubImage3D@gl@@YAXIHHHHHHHH@Z
?CopyTexSubImage3DContextANGLE@gl@@YAXPEAXIHHHHHHHH@Z
?CopyTexSubImage3DOES@gl@@YAXIHHHHHHHH@Z
?CopyTexSubImage3DOESContextANGLE@gl@@YAXPEAXIHHHHHHHH@Z
?CopyTexture3DANGLE@gl@@YAXIHIIHHIEEE@Z
?CopyTexture3DANGLEContextANGLE@gl@@YAXPEAXIHIIHHIEEE@Z
?CopyTextureCHROMIUM@gl@@YAXIHIIHHIEEE@Z
?CopyTextureCHROMIUMContextANGLE@gl@@YAXPEAXIHIIHHIEEE@Z
?CoverageModulationCHROMIUM@gl@@YAXI@Z
?CoverageModulationCHROMIUMContextANGLE@gl@@YAXPEAXI@Z
?CreateMemoryObjectsEXT@gl@@YAXHPEAI@Z
?CreateMemoryObjectsEXTContextANGLE@gl@@YAXPEAXHPEAI@Z
?CreateProgram@gl@@YAIXZ
?CreateProgramContextANGLE@gl@@YAIPEAX@Z
?CreateShader@gl@@YAII@Z
?CreateShaderContextANGLE@gl@@YAIPEAXI@Z
?CreateShaderProgramv@gl@@YAIIHPEBQEBD@Z
?CreateShaderProgramvContextANGLE@gl@@YAIPEAXIHPEBQEBD@Z
?CullFace@gl@@YAXI@Z
?CullFaceContextANGLE@gl@@YAXPEAXI@Z
?CurrentPaletteMatrixOES@gl@@YAXI@Z
?CurrentPaletteMatrixOESContextANGLE@gl@@YAXPEAXI@Z
?DebugMessageCallback@gl@@YAXP6AXIIIIHPEBDPEBX@Z1@Z
?DebugMessageCallbackContextANGLE@gl@@YAXPEAXP6AXIIIIHPEBDPEBX@Z2@Z
?DebugMessageCallbackKHR@gl@@YAXP6AXIIIIHPEBDPEBX@Z1@Z
?DebugMessageCallbackKHRContextANGLE@gl@@YAXPEAXP6AXIIIIHPEBDPEBX@Z2@Z
?DebugMessageControl@gl@@YAXIIIHPEBIE@Z
?DebugMessageControlContextANGLE@gl@@YAXPEAXIIIHPEBIE@Z
?DebugMessageControlKHR@gl@@YAXIIIHPEBIE@Z
?DebugMessageControlKHRContextANGLE@gl@@YAXPEAXIIIHPEBIE@Z
?DebugMessageInsert@gl@@YAXIIIIHPEBD@Z
?DebugMessageInsertContextANGLE@gl@@YAXPEAXIIIIHPEBD@Z
?DebugMessageInsertKHR@gl@@YAXIIIIHPEBD@Z
?DebugMessageInsertKHRContextANGLE@gl@@YAXPEAXIIIIHPEBD@Z
?DeleteBuffers@gl@@YAXHPEBI@Z
?DeleteBuffersContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteFencesNV@gl@@YAXHPEBI@Z
?DeleteFencesNVContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteFramebuffers@gl@@YAXHPEBI@Z
?DeleteFramebuffersContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteFramebuffersOES@gl@@YAXHPEBI@Z
?DeleteFramebuffersOESContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteMemoryObjectsEXT@gl@@YAXHPEBI@Z
?DeleteMemoryObjectsEXTContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteProgram@gl@@YAXI@Z
?DeleteProgramContextANGLE@gl@@YAXPEAXI@Z
?DeleteProgramPipelines@gl@@YAXHPEBI@Z
?DeleteProgramPipelinesContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteQueries@gl@@YAXHPEBI@Z
?DeleteQueriesContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteQueriesEXT@gl@@YAXHPEBI@Z
?DeleteQueriesEXTContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteRenderbuffers@gl@@YAXHPEBI@Z
?DeleteRenderbuffersContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteRenderbuffersOES@gl@@YAXHPEBI@Z
?DeleteRenderbuffersOESContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteSamplers@gl@@YAXHPEBI@Z
?DeleteSamplersContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteSemaphoresEXT@gl@@YAXHPEBI@Z
?DeleteSemaphoresEXTContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteShader@gl@@YAXI@Z
?DeleteShaderContextANGLE@gl@@YAXPEAXI@Z
?DeleteSync@gl@@YAXPEAU__GLsync@@@Z
?DeleteSyncContextANGLE@gl@@YAXPEAXPEAU__GLsync@@@Z
?DeleteTextures@gl@@YAXHPEBI@Z
?DeleteTexturesContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteTransformFeedbacks@gl@@YAXHPEBI@Z
?DeleteTransformFeedbacksContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteVertexArrays@gl@@YAXHPEBI@Z
?DeleteVertexArraysContextANGLE@gl@@YAXPEAXHPEBI@Z
?DeleteVertexArraysOES@gl@@YAXHPEBI@Z
?DeleteVertexArraysOESContextANGLE@gl@@YAXPEAXHPEBI@Z
?DepthFunc@gl@@YAXI@Z
?DepthFuncContextANGLE@gl@@YAXPEAXI@Z
?DepthMask@gl@@YAXE@Z
?DepthMaskContextANGLE@gl@@YAXPEAXE@Z
?DepthRangef@gl@@YAXMM@Z
?DepthRangefContextANGLE@gl@@YAXPEAXMM@Z
?DepthRangex@gl@@YAXHH@Z
?DepthRangexContextANGLE@gl@@YAXPEAXHH@Z
?DetachShader@gl@@YAXII@Z
?DetachShaderContextANGLE@gl@@YAXPEAXII@Z
?Disable@gl@@YAXI@Z
?DisableClientState@gl@@YAXI@Z
?DisableClientStateContextANGLE@gl@@YAXPEAXI@Z
?DisableContextANGLE@gl@@YAXPEAXI@Z
?DisableExtensionANGLE@gl@@YAXPEBD@Z
?DisableExtensionANGLEContextANGLE@gl@@YAXPEAXPEBD@Z
?DisableVertexAttribArray@gl@@YAXI@Z
?DisableVertexAttribArrayContextANGLE@gl@@YAXPEAXI@Z
?Disablei@gl@@YAXII@Z
?DisableiContextANGLE@gl@@YAXPEAXII@Z
?DisableiEXT@gl@@YAXII@Z
?DisableiEXTContextANGLE@gl@@YAXPEAXII@Z
?DisableiOES@gl@@YAXII@Z
?DisableiOESContextANGLE@gl@@YAXPEAXII@Z
?DiscardFramebufferEXT@gl@@YAXIHPEBI@Z
?DiscardFramebufferEXTContextANGLE@gl@@YAXPEAXIHPEBI@Z
?DispatchCompute@gl@@YAXIII@Z
?DispatchComputeContextANGLE@gl@@YAXPEAXIII@Z
?DispatchComputeIndirect@gl@@YAX_J@Z
?DispatchComputeIndirectContextANGLE@gl@@YAXPEAX_J@Z
?DrawArrays@gl@@YAXIHH@Z
?DrawArraysContextANGLE@gl@@YAXPEAXIHH@Z
?DrawArraysIndirect@gl@@YAXIPEBX@Z
?DrawArraysIndirectContextANGLE@gl@@YAXPEAXIPEBX@Z
?DrawArraysInstanced@gl@@YAXIHHH@Z
?DrawArraysInstancedANGLE@gl@@YAXIHHH@Z
?DrawArraysInstancedANGLEContextANGLE@gl@@YAXPEAXIHHH@Z
?DrawArraysInstancedBaseInstanceANGLE@gl@@YAXIHHHI@Z
?DrawArraysInstancedBaseInstanceANGLEContextANGLE@gl@@YAXPEAXIHHHI@Z
?DrawArraysInstancedContextANGLE@gl@@YAXPEAXIHHH@Z
?DrawArraysInstancedEXT@gl@@YAXIHHH@Z
?DrawArraysInstancedEXTContextANGLE@gl@@YAXPEAXIHHH@Z
?DrawBuffers@gl@@YAXHPEBI@Z
?DrawBuffersContextANGLE@gl@@YAXPEAXHPEBI@Z
?DrawBuffersEXT@gl@@YAXHPEBI@Z
?DrawBuffersEXTContextANGLE@gl@@YAXPEAXHPEBI@Z
?DrawElements@gl@@YAXIHIPEBX@Z
?DrawElementsBaseVertex@gl@@YAXIHIPEBXH@Z
?DrawElementsBaseVertexContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawElementsBaseVertexEXT@gl@@YAXIHIPEBXH@Z
?DrawElementsBaseVertexEXTContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawElementsBaseVertexOES@gl@@YAXIHIPEBXH@Z
?DrawElementsBaseVertexOESContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawElementsContextANGLE@gl@@YAXPEAXIHIPEBX@Z
?DrawElementsIndirect@gl@@YAXIIPEBX@Z
?DrawElementsIndirectContextANGLE@gl@@YAXPEAXIIPEBX@Z
?DrawElementsInstanced@gl@@YAXIHIPEBXH@Z
?DrawElementsInstancedANGLE@gl@@YAXIHIPEBXH@Z
?DrawElementsInstancedANGLEContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawElementsInstancedBaseVertex@gl@@YAXIHIPEBXHH@Z
?DrawElementsInstancedBaseVertexBaseInstanceANGLE@gl@@YAXIHIPEBXHHI@Z
?DrawElementsInstancedBaseVertexBaseInstanceANGLEContextANGLE@gl@@YAXPEAXIHIPEBXHHI@Z
?DrawElementsInstancedBaseVertexContextANGLE@gl@@YAXPEAXIHIPEBXHH@Z
?DrawElementsInstancedBaseVertexEXT@gl@@YAXIHIPEBXHH@Z
?DrawElementsInstancedBaseVertexEXTContextANGLE@gl@@YAXPEAXIHIPEBXHH@Z
?DrawElementsInstancedBaseVertexOES@gl@@YAXIHIPEBXHH@Z
?DrawElementsInstancedBaseVertexOESContextANGLE@gl@@YAXPEAXIHIPEBXHH@Z
?DrawElementsInstancedContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawElementsInstancedEXT@gl@@YAXIHIPEBXH@Z
?DrawElementsInstancedEXTContextANGLE@gl@@YAXPEAXIHIPEBXH@Z
?DrawRangeElements@gl@@YAXIIIHIPEBX@Z
?DrawRangeElementsBaseVertex@gl@@YAXIIIHIPEBXH@Z
?DrawRangeElementsBaseVertexContextANGLE@gl@@YAXPEAXIIIHIPEBXH@Z
?DrawRangeElementsBaseVertexEXT@gl@@YAXIIIHIPEBXH@Z
?DrawRangeElementsBaseVertexEXTContextANGLE@gl@@YAXPEAXIIIHIPEBXH@Z
?DrawRangeElementsBaseVertexOES@gl@@YAXIIIHIPEBXH@Z
?DrawRangeElementsBaseVertexOESContextANGLE@gl@@YAXPEAXIIIHIPEBXH@Z
?DrawRangeElementsContextANGLE@gl@@YAXPEAXIIIHIPEBX@Z
?DrawTexfOES@gl@@YAXMMMMM@Z
?DrawTexfOESContextANGLE@gl@@YAXPEAXMMMMM@Z
?DrawTexfvOES@gl@@YAXPEBM@Z
?DrawTexfvOESContextANGLE@gl@@YAXPEAXPEBM@Z
?DrawTexiOES@gl@@YAXHHHHH@Z
?DrawTexiOESContextANGLE@gl@@YAXPEAXHHHHH@Z
?DrawTexivOES@gl@@YAXPEBH@Z
?DrawTexivOESContextANGLE@gl@@YAXPEAXPEBH@Z
?DrawTexsOES@gl@@YAXFFFFF@Z
?DrawTexsOESContextANGLE@gl@@YAXPEAXFFFFF@Z
?DrawTexsvOES@gl@@YAXPEBF@Z
?DrawTexsvOESContextANGLE@gl@@YAXPEAXPEBF@Z
?DrawTexxOES@gl@@YAXHHHHH@Z
?DrawTexxOESContextANGLE@gl@@YAXPEAXHHHHH@Z
?DrawTexxvOES@gl@@YAXPEBH@Z
?DrawTexxvOESContextANGLE@gl@@YAXPEAXPEBH@Z
?EGLImageTargetRenderbufferStorageOES@gl@@YAXIPEAX@Z
?EGLImageTargetRenderbufferStorageOESContextANGLE@gl@@YAXPEAXI0@Z
?EGLImageTargetTexture2DOES@gl@@YAXIPEAX@Z
?EGLImageTargetTexture2DOESContextANGLE@gl@@YAXPEAXI0@Z
?Enable@gl@@YAXI@Z
?EnableClientState@gl@@YAXI@Z
?EnableClientStateContextANGLE@gl@@YAXPEAXI@Z
?EnableContextANGLE@gl@@YAXPEAXI@Z
?EnableVertexAttribArray@gl@@YAXI@Z
?EnableVertexAttribArrayContextANGLE@gl@@YAXPEAXI@Z
?Enablei@gl@@YAXII@Z
?EnableiContextANGLE@gl@@YAXPEAXII@Z
?EnableiEXT@gl@@YAXII@Z
?EnableiEXTContextANGLE@gl@@YAXPEAXII@Z
?EnableiOES@gl@@YAXII@Z
?EnableiOESContextANGLE@gl@@YAXPEAXII@Z
?EndQuery@gl@@YAXI@Z
?EndQueryContextANGLE@gl@@YAXPEAXI@Z
?EndQueryEXT@gl@@YAXI@Z
?EndQueryEXTContextANGLE@gl@@YAXPEAXI@Z
?EndTransformFeedback@gl@@YAXXZ
?EndTransformFeedbackContextANGLE@gl@@YAXPEAX@Z
?FenceSync@gl@@YAPEAU__GLsync@@II@Z
?FenceSyncContextANGLE@gl@@YAPEAU__GLsync@@PEAXII@Z
?Finish@gl@@YAXXZ
?FinishContextANGLE@gl@@YAXPEAX@Z
?FinishFenceNV@gl@@YAXI@Z
?FinishFenceNVContextANGLE@gl@@YAXPEAXI@Z
?Flush@gl@@YAXXZ
?FlushContextANGLE@gl@@YAXPEAX@Z
?FlushMappedBufferRange@gl@@YAXI_J0@Z
?FlushMappedBufferRangeContextANGLE@gl@@YAXPEAXI_J1@Z
?FlushMappedBufferRangeEXT@gl@@YAXI_J0@Z
?FlushMappedBufferRangeEXTContextANGLE@gl@@YAXPEAXI_J1@Z
?Fogf@gl@@YAXIM@Z
?FogfContextANGLE@gl@@YAXPEAXIM@Z
?Fogfv@gl@@YAXIPEBM@Z
?FogfvContextANGLE@gl@@YAXPEAXIPEBM@Z
?Fogx@gl@@YAXIH@Z
?FogxContextANGLE@gl@@YAXPEAXIH@Z
?Fogxv@gl@@YAXIPEBH@Z
?FogxvContextANGLE@gl@@YAXPEAXIPEBH@Z
?FramebufferParameteri@gl@@YAXIIH@Z
?FramebufferParameteriContextANGLE@gl@@YAXPEAXIIH@Z
?FramebufferRenderbuffer@gl@@YAXIIII@Z
?FramebufferRenderbufferContextANGLE@gl@@YAXPEAXIIII@Z
?FramebufferRenderbufferOES@gl@@YAXIIII@Z
?FramebufferRenderbufferOESContextANGLE@gl@@YAXPEAXIIII@Z
?FramebufferTexture2D@gl@@YAXIIIIH@Z
?FramebufferTexture2DContextANGLE@gl@@YAXPEAXIIIIH@Z
?FramebufferTexture2DMultisampleEXT@gl@@YAXIIIIHH@Z
?FramebufferTexture2DMultisampleEXTContextANGLE@gl@@YAXPEAXIIIIHH@Z
?FramebufferTexture2DOES@gl@@YAXIIIIH@Z
?FramebufferTexture2DOESContextANGLE@gl@@YAXPEAXIIIIH@Z
?FramebufferTexture3DOES@gl@@YAXIIIIHH@Z
?FramebufferTexture3DOESContextANGLE@gl@@YAXPEAXIIIIHH@Z
?FramebufferTexture@gl@@YAXIIIH@Z
?FramebufferTextureContextANGLE@gl@@YAXPEAXIIIH@Z
?FramebufferTextureEXT@gl@@YAXIIIH@Z
?FramebufferTextureEXTContextANGLE@gl@@YAXPEAXIIIH@Z
?FramebufferTextureLayer@gl@@YAXIIIHH@Z
?FramebufferTextureLayerContextANGLE@gl@@YAXPEAXIIIHH@Z
?FramebufferTextureMultiviewOVR@gl@@YAXIIIHHH@Z
?FramebufferTextureMultiviewOVRContextANGLE@gl@@YAXPEAXIIIHHH@Z
?FrontFace@gl@@YAXI@Z
?FrontFaceContextANGLE@gl@@YAXPEAXI@Z
?Frustumf@gl@@YAXMMMMMM@Z
?FrustumfContextANGLE@gl@@YAXPEAXMMMMMM@Z
?Frustumx@gl@@YAXHHHHHH@Z
?FrustumxContextANGLE@gl@@YAXPEAXHHHHHH@Z
?GenBuffers@gl@@YAXHPEAI@Z
?GenBuffersContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenFencesNV@gl@@YAXHPEAI@Z
?GenFencesNVContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenFramebuffers@gl@@YAXHPEAI@Z
?GenFramebuffersContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenFramebuffersOES@gl@@YAXHPEAI@Z
?GenFramebuffersOESContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenProgramPipelines@gl@@YAXHPEAI@Z
?GenProgramPipelinesContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenQueries@gl@@YAXHPEAI@Z
?GenQueriesContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenQueriesEXT@gl@@YAXHPEAI@Z
?GenQueriesEXTContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenRenderbuffers@gl@@YAXHPEAI@Z
?GenRenderbuffersContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenRenderbuffersOES@gl@@YAXHPEAI@Z
?GenRenderbuffersOESContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenSamplers@gl@@YAXHPEAI@Z
?GenSamplersContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenSemaphoresEXT@gl@@YAXHPEAI@Z
?GenSemaphoresEXTContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenTextures@gl@@YAXHPEAI@Z
?GenTexturesContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenTransformFeedbacks@gl@@YAXHPEAI@Z
?GenTransformFeedbacksContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenVertexArrays@gl@@YAXHPEAI@Z
?GenVertexArraysContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenVertexArraysOES@gl@@YAXHPEAI@Z
?GenVertexArraysOESContextANGLE@gl@@YAXPEAXHPEAI@Z
?GenerateMipmap@gl@@YAXI@Z
?GenerateMipmapContextANGLE@gl@@YAXPEAXI@Z
?GenerateMipmapOES@gl@@YAXI@Z
?GenerateMipmapOESContextANGLE@gl@@YAXPEAXI@Z
?GetActiveAttrib@gl@@YAXIIHPEAH0PEAIPEAD@Z
?GetActiveAttribContextANGLE@gl@@YAXPEAXIIHPEAH1PEAIPEAD@Z
?GetActiveUniform@gl@@YAXIIHPEAH0PEAIPEAD@Z
?GetActiveUniformBlockName@gl@@YAXIIHPEAHPEAD@Z
?GetActiveUniformBlockNameContextANGLE@gl@@YAXPEAXIIHPEAHPEAD@Z
?GetActiveUniformBlockiv@gl@@YAXIIIPEAH@Z
?GetActiveUniformBlockivContextANGLE@gl@@YAXPEAXIIIPEAH@Z
?GetActiveUniformBlockivRobustANGLE@gl@@YAXIIIHPEAH0@Z
?GetActiveUniformBlockivRobustANGLEContextANGLE@gl@@YAXPEAXIIIHPEAH1@Z
?GetActiveUniformContextANGLE@gl@@YAXPEAXIIHPEAH1PEAIPEAD@Z
?GetActiveUniformsiv@gl@@YAXIHPEBIIPEAH@Z
?GetActiveUniformsivContextANGLE@gl@@YAXPEAXIHPEBIIPEAH@Z
?GetAttachedShaders@gl@@YAXIHPEAHPEAI@Z
?GetAttachedShadersContextANGLE@gl@@YAXPEAXIHPEAHPEAI@Z
?GetAttribLocation@gl@@YAHIPEBD@Z
?GetAttribLocationContextANGLE@gl@@YAHPEAXIPEBD@Z
?GetBooleani_v@gl@@YAXIIPEAE@Z
?GetBooleani_vContextANGLE@gl@@YAXPEAXIIPEAE@Z
?GetBooleani_vRobustANGLE@gl@@YAXIIHPEAHPEAE@Z
?GetBooleani_vRobustANGLEContextANGLE@gl@@YAXPEAXIIHPEAHPEAE@Z
?GetBooleanv@gl@@YAXIPEAE@Z
?GetBooleanvContextANGLE@gl@@YAXPEAXIPEAE@Z
?GetBooleanvRobustANGLE@gl@@YAXIHPEAHPEAE@Z
?GetBooleanvRobustANGLEContextANGLE@gl@@YAXPEAXIHPEAHPEAE@Z
?GetBufferParameteri64v@gl@@YAXIIPEA_J@Z
?GetBufferParameteri64vContextANGLE@gl@@YAXPEAXIIPEA_J@Z
?GetBufferParameteri64vRobustANGLE@gl@@YAXIIHPEAHPEA_J@Z
?GetBufferParameteri64vRobustANGLEContextANGLE@gl@@YAXPEAXIIHPEAHPEA_J@Z
?GetBufferParameteriv@gl@@YAXIIPEAH@Z
?GetBufferParameterivContextANGLE@gl@@YAXPEAXIIPEAH@Z
?GetBufferParameterivRobustANGLE@gl@@YAXIIHPEAH0@Z
?GetBufferParameterivRobustANGLEContextANGLE@gl@@YAXPEAXIIHPEAH1@Z
?GetBufferPointerv@gl@@YAXIIPEAPEAX@Z
?GetBufferPointervContextANGLE@gl@@YAXPEAXIIPEAPEAX@Z
?GetBufferPointervOES@gl@@YAXIIPEAPEAX@Z
?GetBufferPointervOESContextANGLE@gl@@YAXPEAXIIPEAPEAX@Z
?GetBufferPointervRobustANGLE@gl@@YAXIIHPEAHPEAPEAX@Z
?GetBufferPointervRobustANGLEContextANGLE@gl@@YAXPEAXIIHPEAHPEAPEAX@Z
?GetClipPlanef@gl@@YAXIPEAM@Z
?GetClipPlanefContextANGLE@gl@@YAXPEAXIPEAM@Z
?GetClipPlanex@gl@@YAXIPEAH@Z
?GetClipPlanexContextANGLE@gl@@YAXPEAXIPEAH@Z
?GetDebugMessageLog@gl@@YAIIHPEAI000PEAHPEAD@Z

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 239KB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/nacl_irt_x86_64.nexe
.elf linux x64
browser/84.0.4147.85/notification_helper.exe
.exe windows:5 windows x64 arch:x64

bb6a0acc0808934960b53ad7574cbc6c

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:d3:55:b1:86:37:92:5a:a6:b3:5f:81:65:62:80:b6:e7:ce:4f:80:fa:6f:df:ea:9f:4c:1b:61:b2:d1:76:e0
Signer

Actual PE Digest

24:d3:55:b1:86:37:92:5a:a6:b3:5f:81:65:62:80:b6:e7:ce:4f:80:fa:6f:df:ea:9f:4c:1b:61:b2:d1:76:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

notification_helper.exe.pdb

Imports

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteExW

user32

AllowSetForegroundWindow
SendInput

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateNamedPipeW
CreateProcessW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
ReplaceFileW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcmpW

ole32

CoAddRefServerProcess
CoRegisterClassObject
CoReleaseServerProcess
CoResumeClassObjects
CoRevokeClassObject
CoTaskMemFree

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeGetTime

shlwapi

PathMatchSpecW

advapi32

BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
ConvertStringSecurityDescriptorToSecurityDescriptorW
EventRegister
EventUnregister
EventWriteTransfer
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SystemFunction036

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 655KB - Virtual size: 655KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/resources.pak
browser/84.0.4147.85/swiftshader/libEGL.dll
.dll windows:5 windows x64 arch:x64

a9e49d20df10f15c9224d2a4846c15d0

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:83:44:af:e4:19:e9:e3:ac:06:03:39:84:b1:44:21:4d:be:9d:b8:a6:67:e3:b7:eb:b3:36:7d:dd:dd:ce:10
Signer

Actual PE Digest

c3:83:44:af:e4:19:e9:e3:ac:06:03:39:84:b1:44:21:4d:be:9d:b8:a6:67:e3:b7:eb:b3:36:7d:dd:dd:ce:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libEGL.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

GetClientRect
GetDC
IsWindow
ReleaseDC

gdi32

GetDeviceCaps

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/swiftshader/libGLESv2.dll
.dll windows:5 windows x64 arch:x64

957c979fb8f5a24d19c4ab4a923f6738

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:69:f6:37:e9:e0:61:e1:64:09:67:ec:2d:6f:db:df:85:79:b1:4d:15:11:a0:16:b7:8c:a9:fd:dc:f3:1c:3f
Signer

Actual PE Digest

b1:69:f6:37:e9:e0:61:e1:64:09:67:ec:2d:6f:db:df:85:79:b1:4d:15:11:a0:16:b7:8c:a9:fd:dc:f3:1c:3f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libGLESv2.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventA
CreateEventW
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

ChangeDisplaySettingsA
ClientToScreen
GetClientRect
GetDC
GetSystemMetrics
GetWindowLongA
GetWindowRect
ReleaseDC
SetRect
SetWindowLongA
SetWindowPos

gdi32

CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceGammaRamp
SelectObject
SetDeviceGammaRamp
StretchBlt

ws2_32

WSACleanup
WSAStartup
accept
bind
closesocket
getaddrinfo
listen
recv
select
send
socket

Exports

Exports

glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBindVertexArrayOES
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDeleteVertexArraysOES
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenVertexArraysOES
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glIsVertexArrayOES
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/84.0.4147.85/v8_context_snapshot.bin
browser/SetupMetrics/20200710022159.pma
browser/chrome.VisualElementsManifest.xml
browser/chrome.exe
.exe windows:5 windows x64 arch:x64

e06bfefad3923e011bc295438a5c4832

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:c7:41:ac:f7:25:66:3c:88:da:46:86:70:02:8b:89:be:27:ae:d7:2d:05:0c:41:77:3c:47:60:9b:e8:17:6a
Signer

Actual PE Digest

34:c7:41:ac:f7:25:66:3c:88:da:46:86:70:02:8b:89:be:27:ae:d7:2d:05:0c:41:77:3c:47:60:9b:e8:17:6a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

chrome.exe.pdb

Imports

chrome_elf

GetInstallDetailsPayload
SignalChromeElf
SignalInitializeCrashReporting

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
CloseHandle
CompareStringW
ConnectNamedPipe
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateSemaphoreW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadId
GetThreadLocale
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersion
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetPerformanceInfo
K32GetProcessMemoryInfo
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MapViewOfFile
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PeekNamedPipe
PostQueuedCompletionStatus
ProcessIdToSessionId
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
SleepEx
SuspendThread
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
Wow64GetThreadContext
WriteConsoleW
WriteFile
WriteProcessMemory
lstrlenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

GetHandleVerifier
IsSandboxedProcess

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/chrome_proxy.exe
.exe windows:5 windows x64 arch:x64

47abec7b734d5935fb44815b63b4e249

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:8a:98:98:8a:e5:df:a6:74:70:7a:4e:6f:bd:4d:82:bf:71:56:f2:6d:1d:3f:a5:5f:f4:e0:f3:35:46:b0:4f
Signer

Actual PE Digest

7a:8a:98:98:8a:e5:df:a6:74:70:7a:4e:6f:bd:4d:82:bf:71:56:f2:6d:1d:3f:a5:5f:f4:e0:f3:35:46:b0:4f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

chrome_proxy.exe.pdb

Imports

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateProcessW
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UpdateProcThreadAttribute
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

advapi32

CreateProcessAsUserW
EventRegister
EventUnregister
EventWriteTransfer
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

user32

AllowSetForegroundWindow

winmm

timeGetTime

ole32

CoTaskMemFree

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 513KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/chromedriver.exe
.exe windows:5 windows x86 arch:x86

5a3acb915ab46f117be1775929e00b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

chromedriver.exe.pdb

Imports

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
EventRegister
EventUnregister
EventWriteTransfer
InitializeAcl
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
SystemFunction036

user32

ActivateKeyboardLayout
AllowSetForegroundWindow
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetQueueStatus
GetWindowLongW
KillTimer
LoadKeyboardLayoutW
MapVirtualKeyW
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
SetTimer
SetWindowLongW
ToUnicode
TranslateMessage
UnregisterClassW
VkKeyScanW

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSARecvFrom
WSAResetEvent
WSASend
WSASendTo
WSASocketW
WSAStartup
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_ntop
ioctlsocket
listen
ntohs
recv
recvfrom
sendto
setsockopt
shutdown
socket

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AssignProcessToJobObject
CallbackMayRunLong
CancelIo
CloseHandle
CloseThreadpool
CloseThreadpoolWork
CompareStringW
ConnectNamedPipe
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateNamedPipeW
CreateProcessW
CreateThread
CreateThreadpool
CreateThreadpoolWork
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalMemoryStatusEx
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSRWLockShared
RemoveDirectoryW
ReplaceFileW
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetStdHandle
SetThreadPriority
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SubmitThreadpoolWork
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWaitEx
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWorkCallbacks
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

iphlpapi

GetAdaptersAddresses

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

shlwapi

PathMatchSpecW

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize

crypt32

CertAddEncodedCertificateToStore
CertCloseStore
CertCompareCertificateName
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetIssuerCertificateFromStore
CertOpenStore
CertSetCertificateContextProperty
CertVerifyCertificateChainPolicy
CryptDecodeObjectEx
CryptInstallOIDFunctionAddress
CryptVerifyCertificateSignatureEx

secur32

AcquireCredentialsHandleW
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
InitializeSecurityContextW
QueryContextAttributesW
QuerySecurityPackageInfoW

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

urlmon

CoInternetCreateSecurityManager

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 359B

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
browser/master_preferences
QR Discord Token Grabber/resources/final_qr.png
.png
- https://discord.com/ra/yrAc8C72YoUCCFiD55gXKHTFBPvXHEYwzfpw3nZJQYQ
QR Discord Token Grabber/resources/overlay.png
.png
QR Discord Token Grabber/resources/qr_code.png
.png
- https://discord.com/ra/yrAc8C72YoUCCFiD55gXKHTFBPvXHEYwzfpw3nZJQYQ
QR Discord Token Grabber/resources/template.png
.png

Sharing

General

Malware Config

Signatures

Files

72eb92f44d96b3dcafd83c71405d194d

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2fCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

da:d3:1f:13:35:22:55:7f:98:fa:75:40:4e:bc:cf:2d:85:41:13:02:db:48:40:65:c6:b7:aa:1a:ef:d3:0f:e8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

dbghelp

psapi

user32

winmm

kernel32

ole32

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 1.5MB - Virtual size: 1.8MB

.pdata Size: 81KB - Virtual size: 81KB

.rodata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 16KB

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 1.0MB - Virtual size: 1.0MB

edfed4508505053bb9c68b5be80477bb

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2fCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

49:f0:cc:9d:44:ff:a9:bb:dc:70:f3:c6:2e:97:f8:95:bb:f4:59:a0:cf:67:7e:0e:3e:dc:a4:37:81:a4:57:c2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

iphlpapi

oleaut32

winmm

secur32

userenv

wintrust

uiautomationcore

crypt32

chrome_elf

version

dwrite

winspool.drv

dbghelp

winhttp

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

da:d3:1f:13:35:22:55:7f:98:fa:75:40:4e:bc:cf:2d:85:41:13:02:db:48:40:65:c6:b7:aa:1a:ef:d3:0f:e8
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 1.5MB - Virtual size: 1.8MB

.pdata
Size: 81KB - Virtual size: 81KB

.rodata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 16KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 1.0MB - Virtual size: 1.0MB

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

49:f0:cc:9d:44:ff:a9:bb:dc:70:f3:c6:2e:97:f8:95:bb:f4:59:a0:cf:67:7e:0e:3e:dc:a4:37:81:a4:57:c2
Signer

.text
Size: 104.7MB - Virtual size: 104.7MB

.rdata
Size: 17.3MB - Virtual size: 17.3MB

.data
Size: 408KB - Virtual size: 2.6MB

.pdata
Size: 4.0MB - Virtual size: 4.0MB

.00cfg
Size: 512B - Virtual size: 16B

.retplne
Size: 512B - Virtual size: 108B

.rodata
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 433B

CPADinfo
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 279KB - Virtual size: 278KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

95:21:27:04:45:19:e3:61:33:61:4e:2d:e2:26:c8:85:b3:49:ea:e3:10:2f:c3:d7:e0:11:d0:07:9b:e3:6f:0d
Signer

.text
Size: 647KB - Virtual size: 646KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 13KB - Virtual size: 36KB

.pdata
Size: 26KB - Virtual size: 25KB

.00cfg
Size: 512B - Virtual size: 16B

.crthunk
Size: 512B - Virtual size: 64B

.oldntma
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

CPADinfo
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

94:53:fb:92:98:59:4a:bc:13:66:3c:01:dd:c5:32:58:90:27:68:ac:c2:3f:2f:21:75:2e:8a:96:c5:d9:07:fb
Signer