Audio-Win10_Win11-6[.]0[.]9360[.]1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Audio-Win10_Win11-6.0.9360.1.zip
Size

52.4MB
MD5

c849de9b01ee8ce06dc5330a3d8034e5
SHA1

acd8a07de18a11aa5ad001c7fa81e9ed18f85f82
SHA256

b0cbcec90f9080bfaeedd4c7248214cde8a83ffce1a5c7fdc24bbea5c4873ec5
SHA512

c5aa3a99fdf5a8345a9eec522a20e67fc2e155b856e055ca068ccd93f76f141544aa65f0c6fae76cdfc9d86c05b916804ada0327f1ec5fe2edee493a79299b63
SSDEEP

1572864:2F1ksY2a0ueaT7GYZFgbD4aTsPL4L4ajDfD:y+kuj7dHOTsjo4a/fD

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Win64/RTKVHD64.sys
unpack001/Win64/Realtek/RealtekAPO_1046/RltkAPOU64.dll
unpack001/Win64/Realtek/RealtekService_531/RtkApi64U.dll
unpack001/Win64/Realtek/RealtekService_531/RtkAudUServiceConf64.dll
unpack001/Win64/Realtek/RealtekService_531/RtkAudUServiceRes64.dll
unpack001/Win64/Realtek/RealtekService_531/RtkCfg64.dll
unpack001/Win64/Realtek/RealtekSstPpDll_27/RTKSpeechPP.dll
unpack001/Win64/Realtek/RealtekSstPpDll_27/RTKSpeechPP2.dll
unpack001/Win64/Realtek/RealtekUAPO2_19/RltkAPOU642.dll
unpack001/Win64/Realtek/RealtekUAPO2_19/RtkIntU642.dll
unpack001/Win64/Realtek/RealtekUAPO2_19/RtkMicUUn642.dll
unpack001/Win64/Realtek/RealtekUAPO2_19/RtkUApo2Api.dll

Files

Audio-Win10_Win11-6.0.9360.1.zip
.zip

Password: asd
0x0403.ini
0x0404.ini
0x0405.ini
0x0406.ini
0x0407.ini
0x0408.ini
0x0409.ini
0x040a.ini
0x040b.ini
0x040c.ini
0x040e.ini
0x0410.ini
0x0411.ini
0x0412.ini
0x0413.ini
0x0414.ini
0x0415.ini
0x0416.ini
0x0419.ini
0x041a.ini
0x041b.ini
0x041d.ini
0x041e.ini
0x041f.ini
0x0421.ini
0x0424.ini
0x042d.ini
0x0804.ini
0x0816.ini
0x0c0c.ini
ChCfg.exe
.exe windows:4 windows x86 arch:x86

Password: asd

c062542419a816c407b09c909072a761

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:80:89:2e:01:15:b0:b7:7a:a3:59:4b:9a:73:39:53
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

21/07/2010, 00:00

Not After

11/06/2013, 23:59

Subject

CN=Realtek Semiconductor Corp,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=RTCN,O=Realtek Semiconductor Corp,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f
Signer

Actual PE Digest

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord2
ord1

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

kernel32

SetFilePointer
GetLastError
LocalFree
LocalAlloc
DeviceIoControl
WriteConsoleA
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
RtlUnwind
HeapSize
VirtualAlloc

user32

SendMessageA
RegisterWindowMessageA
EnumWindows
GetWindowTextA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ISSetup.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: asd

affd663658d87f17e7be2cfe73546714

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83
Signer

Actual PE Digest

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83

Digest Algorithm

sha256

PE Digest Matches

true

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10
Signer

Actual PE Digest

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rpcrt4

UuidCreate

gdiplus

GdipCreateBitmapFromResource

user32

LoadStringW

gdi32

SaveDC

advapi32

LookupPrivilegeValueW

shell32

SHGetMalloc

ole32

CLSIDFromString

oleaut32

GetErrorInfo

shlwapi

SHStrDupW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
GetScriptEngine
InstallEngineTypelib
RemoveEngineTypelib
SuiteIsFeatureInstalled
SuiteStartupInstall

Sections

.text
Size: 642KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RtlExUpd.dll
.dll windows:4 windows x86 arch:x86

Password: asd

9f7ffb06514957b955f0e9a1ce93e4af

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:fc:fa:c0:8e:21:6a:1c:1f:da:a6:b7:7b:b2:d6:6e
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

06/01/2020, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/01/2019, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:15:f7:a2:0c:c4:ec:79:eb:43:0b:53:c7:10:44:52:2f:6d:7b:5b:58:44:06:60:a4:f5:17:4f:cb:34:72:47
Signer

Actual PE Digest

59:15:f7:a2:0c:c4:ec:79:eb:43:0b:53:c7:10:44:52:2f:6d:7b:5b:58:44:06:60:a4:f5:17:4f:cb:34:72:47

Digest Algorithm

sha256

PE Digest Matches

true

e2:38:55:61:3d:83:6e:8f:80:fd:40:af:85:ca:94:05:8c:64:1c:8d
Signer

Actual PE Digest

e2:38:55:61:3d:83:6e:8f:80:fd:40:af:85:ca:94:05:8c:64:1c:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDevRegKey
SetupOpenInfFileA
SetupCloseInfFile
SetupFindNextLine
SetupGetFieldCount
SetupGetStringFieldA
SetupFindFirstLineA
CM_Get_DevNode_Status_Ex
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList

kernel32

GlobalFlags
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
MoveFileA
GetThreadLocale
ReadFile
SetFilePointer
FlushFileBuffers
GetFullPathNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RtlUnwind
GetCurrentDirectoryA
GetProcessHeap
RaiseException
ExitProcess
HeapSize
GetACP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringA
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalLock
GlobalUnlock
FormatMessageA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLangID
GetUserDefaultLangID
SetFileAttributesA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
Sleep
SetLastError
GetCurrentThread
GetCurrentProcess
GlobalAlloc
GetWindowsDirectoryA
lstrcatA
LoadLibraryA
GetFileSize
WriteFile
FreeLibrary
lstrlenA
CompareStringW
CompareStringA
LocalFree
LocalAlloc
CreateFileA
DeviceIoControl
CloseHandle
GetVersionExA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetCommandLineA

user32

ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDlgCtrlID
GetWindowRect
GetClassNameA
GetWindowTextA
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetWindow
PtInRect
GetSystemMetrics
CharUpperA
wsprintfA
TabbedTextOutA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DestroyMenu
RealGetWindowClassA
GetDesktopWindow
PostMessageA
MessageBoxA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
PostQuitMessage
CheckMenuItem
EnableMenuItem
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA

gdi32

DeleteDC
GetStockObject
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
GetUserNameA
OpenThreadToken
OpenProcessToken
GetTokenInformation
LookupPrivilegeNameA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyA
RegEnumValueA
RegCloseKey
RegSetValueExA

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

ChkAPOSupportDolbyPCEE4_DAA
ChkAPOSupportDolbyPCEE4_DHT
ChkBroadComID
ChkDellAlienwareModel
ChkDellControlinStartMenu
ChkDolbyPCEE4_SelectorDemoOnly_Supported
ChkDolbyPCEE4_SelectorEditorOnly_Supported
ChkDolbyPCEE4_SelectorOnly_Supported
ChkDolbyPCEE4_SetupPCEE4Prog_NoDemo
ChkDolbyPCEE4_SetupPCEE4Prog_NoEditor
ChkDolbyPCEE4_SetupPCEE4Prog_NoSelector
ChkHDMISupported
ChkLoadDrvPrivilege
ChkRtkCPLSupported
ChkRtkNewGUISupported
ChkRtkRegKeyEmpty_x64_CU
ChkRtkRegKeyEmpty_x64_LM
ChkRtkRegKeyEmpty_x86_CU
ChkRtkRegKeyEmpty_x86_LM
ChkSupportAPODTSAPOUltraPCBoost
ChkSupportAPOSupportSonceFocus30
ChkSupportAPOSupportSonceFocus30_NoSonicFocusGUI
ChkSupportAPOSupportSonceFocus30_SonicFocusGUI
ChkSupportAPOSupportSonceFocus30_SonicMasterGUI
ChkSupportDolbySpruce
ChkSupportDolby_DS1_DAA
ChkSupportDolby_DS1_DHT
ChkSupportHP_AIO
ChkSupportHP_AIO_SonicFocusBeats
ChkSupportMaxxAudio30
ChkSupportMaxxVolumeSD
ChkSupportSoundRoom
Chk_AsusOnlySupportSonicRadar3
Chk_AudioMgrShortcutW81_Supported
Chk_DTSEntryLevelForSetupProgram
Chk_DolbyFlex3_UseDS1PCF
Chk_ExecuteDTSStudioSoundInstallers
Chk_GUISubType_RTGS_HP_BEATS_Supported
Chk_GUISubType_RTGS_HP_BEATS_TOWER_Supported
Chk_GUISubType_RTGS_HP_BanO_DTS_Supported
Chk_GUISubType_RTGS_HP_BanO_DTS_TOWER_Supported
Chk_GUISubType_RTGS_HP_BanO_Supported
Chk_GUISubType_RTGS_HP_BanO_TOWER_Supported
Chk_HP_AIO_Model_Customized01_Supported
Chk_HP_ShortcutFolderNameReq
Chk_MAXX_MA3TCelticUI_Supported
Chk_SRSAPO3Support
Chk_SRS_GUISubType_Supported
Chk_SRS_HPPremiumBlackSkin_RTGS_HPDTS_SOUND_Supported
Chk_SRS_HPPremiumBlackSkin_Supported
Chk_SSTEnableDTS
Chk_SSTEnableDolbyAX2
Chk_SetupDS1Prog_AddEditorShortcut
Chk_SupportDTSHPX
Chk_SupportDolbyDAX2
Chk_SupportNahimicAPO_Supported
Chk_SupportNahimicSonicRadar20_Supported
Chk_SupportSonicMapper2
Chk_SupportSonicMapper3
Chk_SupportYamahaAPO
Chk_SupportYamahaAPO2
Chk_VistaNoDoblyUI_Official_Supported
ConfirmRtkDrv
DelIncorrectUserFile
DrvInfVerCompare
ExtractBANG_OLUFSENIcon
ExtractBOPlayIcon
ExtractBeatsIcon
ExtractDTSIcon
ExtractHideWin
ExtractRtkIcon
ExtractSRSIcon
ExtractSetupService
GetAudioInterface
GetDrvPolicy
GetHDASubID
GetOSVersion
GetRtkHDAudioGlobalPolicy
GetRtkHDAudioGlobalPolicy_APODTSAPOUltraPCBoost_All
GetRtkHDAudioGlobalPolicy_APOSupportSonicFocus30
GetRtkHDAudioGlobalPolicy_APOSupportSonicFocus30_SF3GUIType
GetRtkHDAudioGlobalPolicy_APOUseMaxx30
GetRtkHDAudioGlobalPolicy_APOUseMaxxVolumeSD
GetRtkHDAudioGlobalPolicy_HPAIOModel
GetRtkHDAudioGlobalPolicy_SonicFocusBeats
GetRtkHDAudioGlobalPolicy_SoundRoom
GetRtkHDAudioGlobalPolicy_SupDSpruce
HideISWizardWin
IdentifyDrvSupport
IsMediaCenterOS
IsServerOS
SetCDfmt
SetDSHWAcceleration_BasicLv

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RtlUpd64.exe
.exe windows:4 windows x64 arch:x64

Password: asd

26bde1dc018b227552922334d20e0016

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:8a:6b:7f:a9:90:92:3a:5f:bc:64:38:4e:e6:32:37:20:1d:46:e4:14:95:4f:51:6b:ad:71:77:a5:20:e9:47
Signer

Actual PE Digest

53:8a:6b:7f:a9:90:92:3a:5f:bc:64:38:4e:e6:32:37:20:1d:46:e4:14:95:4f:51:6b:ad:71:77:a5:20:e9:47

Digest Algorithm

sha256

PE Digest Matches

true

d2:d3:a7:d6:63:5e:10:d7:c9:53:88:c9:1f:50:6d:d4:6e:98:2a:7a
Signer

Actual PE Digest

d2:d3:a7:d6:63:5e:10:d7:c9:53:88:c9:1f:50:6d:d4:6e:98:2a:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Work\VCNET\Work\RtlUpd\x64\Release\RtlUpd64.pdb

Imports

setupapi

CM_Get_DevNode_Status
SetupGetTargetPathW
CM_Get_Parent
CM_Get_Device_IDW
SetupCopyOEMInfW
SetupDiOpenDevRegKey
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupFindNextLine
SetupCloseInfFile
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupGetFieldCount
SetupGetStringFieldW
SetupFindFirstLineW
SetupDiGetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInfoListDetailW
CM_Get_DevNode_Status_Ex
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList

newdev

DiInstallDriverW
UpdateDriverForPlugAndPlayDevicesW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
GetThreadLocale
SystemTimeToFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
GlobalFlags
MoveFileW
GetStringTypeExW
lstrcmpiW
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetShortPathNameW
SetErrorMode
GetVersionExW
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesW
GetFileTime
GlobalReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
RaiseException
RtlPcToFileHeader
HeapReAlloc
ExitThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
RtlVirtualUnwind
FatalAppExitA
SetConsoleCtrlHandler
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
lstrcmpW
GetModuleHandleW
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
lstrcpyW
SetFileAttributesW
GetSystemDefaultLangID
GetUserDefaultLangID
DeleteFileW
MoveFileExW
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetCommandLineW
CreateProcessW
GetExitCodeProcess
GlobalAlloc
GlobalFree
GetTickCount
Sleep
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
GetWindowsDirectoryW
lstrcatW
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
LocalAlloc
FormatMessageW
LocalFree
CreateFileW
DeviceIoControl
CloseHandle
CreateEventW
ResetEvent
CreateThread
WaitForSingleObject
SetEvent
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetStartupInfoW

user32

TranslateAcceleratorW
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
GetSystemMenu
SetParent
UnionRect
PostThreadMessageW
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
CharNextW
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetDialogBaseUnits
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
GetWindowTextLengthW
CopyAcceleratorTableW
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
EnableWindow
LoadIconW
GetClientRect
IsIconic
SendMessageW
DrawIcon
ExitWindowsEx
GetSystemMetrics
CharUpperW
wsprintfW
LoadCursorW
SetCursor
MessageBoxW
PostMessageW
SetScrollInfo
UnregisterClassA

gdi32

MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
LineTo
CreateFontIndirectW
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetStockObject
GetTextMetricsW
CreateCompatibleBitmap
GetCharWidthW
CreateFontW
StretchDIBits
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateDCW
CopyMetaFileW
GetRgnBox
GetDeviceCaps
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SelectPalette

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegSetValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
DeleteService
OpenSCManagerW
StartServiceW
QueryServiceStatusEx
EnumDependentServicesW
OpenServiceW
ControlService
CloseServiceHandle
RegCreateKeyExW

shell32

ExtractIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
SHDeleteKeyW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTreatAsClass
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
StringFromCLSID
CoRegisterClassObject

oleaut32

SysFreeString
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:5 windows x86 arch:x86

Password: asd

3bbc438a22f0da20c261c43ee78bc464

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:b8:37:a6:79:1b:d2:66:45:61:d9:35:4a:03:47:4e:37:85:62:ff:63:b4:e2:ef:06:48:4c:65:fb:97:a3:b9
Signer

Actual PE Digest

8a:b8:37:a6:79:1b:d2:66:45:61:d9:35:4a:03:47:4e:37:85:62:ff:63:b4:e2:ef:06:48:4c:65:fb:97:a3:b9

Digest Algorithm

sha256

PE Digest Matches

true

96:20:40:6f:92:38:1a:1f:e2:35:f9:33:6f:54:47:fe:eb:79:9e:7a
Signer

Actual PE Digest

96:20:40:6f:92:38:1a:1f:e2:35:f9:33:6f:54:47:fe:eb:79:9e:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CodeBases\isdev\redist\Language Independent\i386\ISP\setup.pdb

Imports

comctl32

ord17

kernel32

IsBadReadPtr
CompareStringW
CompareStringA
GetSystemDefaultLangID
GetUserDefaultLangID
ExpandEnvironmentStringsW
GetCurrentDirectoryW
FileTimeToLocalFileTime
GetFileTime
SetFileAttributesW
HeapAlloc
HeapFree
GetProcessHeap
CopyFileW
GetSystemDefaultUILanguage
CloseHandle
Sleep
CreateProcessW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
lstrcpyW
lstrlenW
SetCurrentDirectoryW
DeleteFileW
RemoveDirectoryW
GetPrivateProfileIntW
GetLastError
SetLastError
WaitForSingleObject
GetCurrentProcess
ExitProcess
TerminateProcess
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetSystemDirectoryW
VirtualProtectEx
WriteProcessMemory
LoadLibraryW
lstrcatW
lstrcpynW
lstrcmpiW
LoadLibraryExW
FreeLibrary
FindResourceExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
VirtualQuery
GetSystemInfo
GetSystemTimeAsFileTime
CreateEventW
CreateMutexW
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
SetErrorMode
RaiseException
FreeResource
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcatA
lstrcmpiA
MulDiv
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
WriteFile
SetFilePointer
GetFileSize
GetFileAttributesW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
FindFirstFileW
FindClose
CreateDirectoryW
VerLanguageNameW
IsValidLocale
GetLocaleInfoW
WideCharToMultiByte
lstrcpyA
GetTickCount
ExitThread
CreateThread
GetExitCodeProcess
ReadFile
GetCommandLineW
FormatMessageW
LocalFree
DuplicateHandle
GetVersionExW
GetWindowsDirectoryW
InterlockedDecrement
InterlockedIncrement
GetTempPathW
CreateFileW
LoadLibraryA
GetSystemDirectoryA
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
MultiByteToWideChar
MoveFileExW
OutputDebugStringW
EnumSystemLocalesW
GetUserDefaultLCID
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
GetCPInfo
GetOEMCP
IsValidCodePage
HeapSize
AreFileApisANSI
GetModuleHandleExW
GetStdHandle
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
ReadConsoleW
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FatalAppExitA
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
lstrcpynA
LocalAlloc
FindNextFileW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
lstrcmpW
GetShortPathNameW
GetCurrentThread
QueryPerformanceCounter
lstrcmpA
SystemTimeToFileTime
ResetEvent
SetEvent
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetDateFormatW
GetTimeFormatW
GetTempFileNameW
InterlockedExchange
LoadLibraryExA
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
LCMapStringW
GetVersion
GetCurrentProcessId
GetLocalTime
lstrlenA
GetProcessTimes
OpenProcess
SetFileTime
CompareFileTime
GetEnvironmentVariableW

user32

wsprintfW
WaitForInputIdle
CharUpperBuffW
DialogBoxIndirectParamW
SendMessageW
GetDlgItem
SetDlgItemTextW
SetActiveWindow
SetForegroundWindow
SetWindowTextW
GetWindowRect
MessageBoxW
GetWindowLongW
SetWindowLongW
LoadIconW
TranslateMessage
MoveWindow
EndDialog
SystemParametersInfoW
GetWindow
FillRect
GetSysColor
MapWindowPoints
RemovePropW
GetPropW
SetPropW
EndPaint
BeginPaint
EnableMenuItem
GetSystemMetrics
SetFocus
ExitWindowsEx
CharUpperW
wsprintfA
CallWindowProcW
CreateWindowExW
DrawIcon
DrawTextW
UpdateWindow
GetWindowDC
InvalidateRect
DrawFocusRect
CopyRect
InflateRect
EnumChildWindows
GetClassNameW
MapDialogRect
RegisterClassExW
GetDlgItemTextW
IntersectRect
MonitorFromPoint
DefWindowProcW
GetMessageW
LoadStringW
LoadImageW
ReleaseDC
GetDC
CreateDialogParamW
GetParent
GetWindowTextW
CharNextW
GetDesktopWindow
GetClientRect
IsWindowEnabled
CreateDialogIndirectParamW
IsWindowVisible
IsDialogMessageW
FindWindowExW
ScreenToClient
EnableWindow
MsgWaitForMultipleObjects
SendDlgItemMessageW
SetWindowPos
ShowWindow
DestroyWindow
IsWindow
PostMessageW
PeekMessageW
DispatchMessageW

gdi32

SetTextColor
SetBkMode
SetBkColor
SaveDC
RestoreDC
CreateSolidBrush
UnrealizeObject
CreateHalftonePalette
GetDIBColorTable
SelectPalette
SelectObject
RealizePalette
GetSystemPaletteEntries
GetDeviceCaps
DeleteDC
CreatePalette
CreateCompatibleDC
BitBlt
GetObjectW
TranslateCharsetInfo
DeleteObject
CreateFontIndirectW
CreateCompatibleBitmap
CreateDCW
CreatePatternBrush
GetStockObject
GetTextExtentPoint32W
DeleteMetaFile
CreateDIBitmap
CreateBitmap
CreateRectRgn
PatBlt
PlayMetaFile
SelectClipRgn
SetMapMode
SetMetaFileBitsEx
SetPixel
StretchBlt
SetStretchBltMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
TextOutW

advapi32

RegCreateKeyExW
CryptVerifySignatureW
CryptSignHashW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptImportKey
CryptExportKey
CryptGetHashParam
CryptSetHashParam
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
EqualSid
GetTokenInformation
OpenThreadToken
RegEnumKeyW
RegCreateKeyW
RegOverridePredefKey
LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
SetEntriesInAclW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CreateWellKnownSid
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitializeSecurity
ProgIDFromCLSID
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
GetRunningObjectTable
CreateItemMoniker
CoLoadLibrary
CoCreateGuid
StringFromGUID2

oleaut32

SysStringByteLen
VarBstrCmp
CreateErrorInfo
SetErrorInfo
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
SysReAllocStringLen
GetErrorInfo
SysAllocStringByteLen
VariantInit
VariantClear
VariantChangeType
VarUI4FromStr
VarBstrCat

rpcrt4

UuidCreate
UuidToStringW
UuidFromStringW
RpcStringFreeW

gdiplus

GdipAlloc
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromResource
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipGetImageWidth
GdipGetImageHeight

Sections

.text
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
USetup.iss
Win64/HDXINTEL.inf
Win64/HDXSSTINTEL.inf
Win64/HDXWHITE.inf
Win64/RTAIODAT.DAT
Win64/RTKVHD64.sys
.sys windows:6 windows x64 arch:x64

2a1203ca2c3962da84ab938ecc6d8a53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\builddriver\tempcode\objfre_wlh_amd64\amd64\RTKVHD64.pdb

Imports

ntoskrnl.exe

IoAllocateErrorLogEntry
wcsstr
ObReferenceObjectByHandle
IoAllocateWorkItem
PsCreateSystemThread
MmMapLockedPagesSpecifyCache
KeResetEvent
IoGetDeviceObjectPointer
IoBuildSynchronousFsdRequest
ExReleaseFastMutex
DbgBreakPoint
ExSystemTimeToLocalTime
IoFreeWorkItem
KeReleaseSemaphore
ZwQueryValueKey
IoFreeIrp
IofCallDriver
ExCreateCallback
ZwClose
IoWriteErrorLogEntry
KeInitializeEvent
RtlTimeToTimeFields
EtwWrite
RtlQueryRegistryValues
IoAllocateIrp
IoGetDeviceInterfaces
IoQueueWorkItem
MmGetSystemRoutineAddress
ExRegisterCallback
IoGetAttachedDeviceReference
RtlCompareMemory
ZwOpenKey
EtwUnregister
IoUnregisterPlugPlayNotification
RtlGUIDFromString
RtlCompareUnicodeString
ZwDeleteValueKey
IoRegisterDeviceInterface
ZwSetValueKey
KeBugCheckEx
IoOpenDeviceInterfaceRegistryKey
ZwCreateKey
RtlFreeUnicodeString
_purecall
RtlWriteRegistryValue
RtlStringFromGUID
ExAllocatePool
IoFreeMdl
MmUnmapLockedPages
KeReadStateEvent
IoAllocateMdl
MmBuildMdlForNonPagedPool
KeSetTimerEx
KeInitializeTimerEx
KeCancelTimer
IoWMIWriteEvent
IoSetDeviceInterfaceState
IofCompleteRequest
IoWMIRegistrationControl
KeAcquireSpinLockRaiseToDpc
ObfDereferenceObject
ExEventObjectType
KeRemoveQueueDpc
RtlTimeFieldsToTime
ZwQueryInformationFile
ZwReadFile
PoRegisterPowerSettingCallback
strstr
RtlDeleteRegistryValue
RtlCreateRegistryKey
ZwWriteFile
ZwCreateFile
PoUnregisterPowerSettingCallback
KeClearEvent
DbgPrint
wcschr
ExFreePoolWithTag
MmUnmapIoSpace
MmMapIoSpace
IoWMIOpenBlock
IoWMIQueryAllData
ZwEnumerateKey
ZwCreateEvent
RtlSetDaclSecurityDescriptor
IoRegisterPlugPlayNotification
ZwOpenEvent
ObReferenceObjectByPointer
RtlCheckRegistryKey
IoCreateSynchronizationEvent
RtlCreateSecurityDescriptor
MmProbeAndLockPages
atoi
MmUnlockPages
RtlEqualUnicodeString
ZwSetInformationFile
mbstowcs
_vsnwprintf
RtlIntegerToUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlUnicodeStringToInteger
KeReleaseGuardedMutex
KeInitializeGuardedMutex
KeAcquireGuardedMutex
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlInitString
isspace
KeQueryTimeIncrement
IoInvalidateDeviceRelations
KeWaitForMultipleObjects
PoRequestPowerIrp
IoBuildDeviceIoControlRequest
EtwRegister
ObfReferenceObject
KeInitializeSemaphore
PsTerminateSystemThread
KeSetEvent
KeSetPriorityThread
ExUnregisterCallback
KeDelayExecutionThread
RtlInitUnicodeString
ExAcquireFastMutex
IoCancelIrp
KeInitializeMutex
KeWaitForSingleObject
ExAllocatePoolWithTag
ExFreePool
KeReleaseSpinLock
KeReleaseMutex
RtlRaiseException
__chkstk
RtlUnwindEx

hal

KeQueryPerformanceCounter
KeStallExecutionProcessor

ksecdd.sys

BCryptGenRandom
BCryptEncrypt
BCryptFinalizeKeyPair
BCryptDecrypt
BCryptCloseAlgorithmProvider
BCryptVerifySignature
BCryptSetProperty
BCryptGetProperty
BCryptCreateHash
BCryptExportKey
BCryptFinishHash
BCryptGenerateKeyPair
BCryptHashData
BCryptDestroyKey
BCryptImportKeyPair
BCryptGenerateSymmetricKey
BCryptOpenAlgorithmProvider

portcls.sys

PcRegisterPhysicalConnection
PcRegisterSubdevice
PcAddAdapterDevice
PcInitializeAdapterDriver
PcDispatchIrp
PcRegisterAdapterPowerManagement
PcNewPort
PcNewRegistryKey
PcForwardIrpSynchronous

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 402KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/AlexaConfigExtension_9360/AlexaIntelConfig.inf
Win64/Realtek/AlexaConfigExtension_9360/alexaconfig.cat
Win64/Realtek/ExtRtk_9360.1/HDX_IntelExt_RTKGen3p1_KD.inf
Win64/Realtek/ExtRtk_9360.1/HDX_IntelExt_RTK_FORTE.inf
Win64/Realtek/ExtRtk_9360.1/HDX_IntelExt_RTK_KD.inf
Win64/Realtek/ExtRtk_9360.1/HDX_WhiteExt_RTK.inf
Win64/Realtek/ExtRtk_9360.1/hdxrtext.cat
Win64/Realtek/RealtekAPO_1046/RealtekAPO.inf
Win64/Realtek/RealtekAPO_1046/RltkAPOU64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

Password: asd

1f49cc44a833c52d074b1cd22c187d24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_sysfx\APO\x64\Release\RltkAPOU64.pdb

Imports

kernel32

GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiW
SetEndOfFile
MultiByteToWideChar
SetThreadPriority
CreateThread
GetCurrentProcess
WaitForMultipleObjects
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
SetEvent
SetStdHandle
GetStringTypeW
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
DeleteCriticalSection
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
GetLocalTime
FindResourceExW
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
EncodePointer
LocalFree
GetThreadLocale
SetThreadLocale
InitializeCriticalSectionEx
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
FindFirstFileExW
EnterCriticalSection
DeviceIoControl
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
DuplicateHandle
QueryPerformanceCounter
GetModuleHandleW
InitializeCriticalSection
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapAlloc
HeapDestroy
FindClose
GetFileSizeEx
GetLastError
RaiseException
CloseHandle
ResetEvent
OpenMutexW
DecodePointer
GetSystemTime
OpenFileMappingW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetConsoleCP
SetFilePointerEx
ReadConsoleW
VerSetConditionMask
VerifyVersionInfoW
GetConsoleMode
CreateEventExW
ReadFile
RtlUnwind
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
SetConsoleCtrlHandler
WriteFile
GetCurrentThread
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
FreeLibrary
GetPriorityClass
QueryPerformanceFrequency
GetThreadPriority
FlsFree
FlsSetValue
FlsGetValue
FindNextFileW
CreateFileW
Sleep
GetSystemInfo
LoadLibraryA
FlsAlloc
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError

user32

CharNextW
UnregisterClassA

advapi32

RegGetValueW
RegEnumValueW
EventWrite
EventUnregister
EventRegister
RegQueryValueExW
RegNotifyChangeKeyValue
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyExW
RegSetKeySecurity
TraceMessage
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

PropVariantClear
CLSIDFromString
StringFromCLSID
PropVariantCopy
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysFreeString
SysStringLen
SysAllocString

winmm

timeBeginPeriod
timeEndPeriod

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW

propsys

InitPropVariantFromCLSID

shlwapi

StrCmpW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoInitialize

audioeng

AERT_Free
AERT_Allocate

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
AvSetMmThreadPriority

rtworkq

RtwqCreateAsyncResult
RtwqPutWorkItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_BSS
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 340KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_CONST
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekAPO_1046/realtekapo.cat
Win64/Realtek/RealtekASIO_8/RTHDASIO.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: asd

1198e825ac432672cb5c773cdca87076

Code Sign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/01/2019, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:98:8c:76:2c:fa:d4:14:53:68:53:26:0d:dd:e0:13:3c:46:9d:de:47:80:7d:c1:31:57:df:51:2b:80:39:5b
Signer

Actual PE Digest

18:98:8c:76:2c:fa:d4:14:53:68:53:26:0d:dd:e0:13:3c:46:9d:de:47:80:7d:c1:31:57:df:51:2b:80:39:5b

Digest Algorithm

sha256

PE Digest Matches

true

18:98:8c:76:2c:fa:d4:14:53:68:53:26:0d:dd:e0:13:3c:46:9d:de:47:80:7d:c1:31:57:df:51:2b:80:39:5b
Signer

Actual PE Digest

18:98:8c:76:2c:fa:d4:14:53:68:53:26:0d:dd:e0:13:3c:46:9d:de:47:80:7d:c1:31:57:df:51:2b:80:39:5b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\HD_Audio\RTHDAsio3.118_USB\Driver\Release\Win32\ASIO2.pdb

Imports

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
GetProcessHeap
HeapSize

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
InitializeCriticalSectionEx
WaitForSingleObjectEx
CreateEventW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateEventA
DeleteCriticalSection
CreateMutexA
ReleaseMutex

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
ExitProcess
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
CreateThread

api-ms-win-core-sysinfo-l1-1-0

GetVersionExA
GetVersion
GetLocalTime
GetWindowsDirectoryA
GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
FindResourceExW
GetModuleHandleW
GetProcAddress
LockResource
GetModuleFileNameA
LoadLibraryExW
GetModuleHandleExW
LoadResource
SizeofResource
DisableThreadLibraryCalls
GetModuleHandleA

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte

api-ms-win-core-localization-l1-2-0

GetOEMCP
GetACP
GetSystemDefaultLangID
IsValidCodePage
GetUserDefaultLangID
LCMapStringW
GetCPInfo

api-ms-win-core-registry-l1-1-0

RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegGetValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

api-ms-win-core-com-l1-1-0

PropVariantClear
StringFromCLSID
CoUninitialize
CoCreateInstance

api-ms-win-mm-time-l1-1-0

timeGetTime

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
OutputDebugStringA
IsDebuggerPresent

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetSpecialFolderPathA

api-ms-win-core-file-l1-1-0

FlushFileBuffers
GetFileType
ReadFile
FindNextFileA
FindFirstFileExA
SetFilePointerEx
CreateFileW
CreateFileA
FindClose
SetEndOfFile
WriteFile
GetFileSize

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-stringansi-l1-1-0

CharUpperA
CharLowerA

api-ms-win-core-registry-l2-1-0

RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA

api-ms-win-core-processenvironment-l1-1-0

SetStdHandle
GetStdHandle
GetCurrentDirectoryA
GetCommandLineA
GetCommandLineW
FreeEnvironmentStringsW
GetEnvironmentStringsW

api-ms-win-core-kernel32-legacy-l1-1-0

FindResourceA

api-ms-win-service-management-l1-1-0

CloseServiceHandle
DeleteService

api-ms-win-service-winsvc-l1-1-0

OpenSCManagerA
CreateServiceA
ControlService
OpenServiceA
StartServiceA

api-ms-win-core-synch-ansi-l1-1-0

OpenMutexA

api-ms-win-core-string-l2-1-0

CharUpperW

api-ms-win-devices-config-l1-1-2

CM_Get_Device_IDA

api-ms-win-devices-config-l1-1-1

CM_Get_Parent
CM_Get_Device_IDW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW

avrt

AvSetMmThreadCharacteristicsA

user32

SendMessageA
DialogBoxParamA
EndDialog
GetDlgItem
SetDlgItemTextA
wsprintfA

ole32

CoInitialize

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-core-console-l1-1-0

WriteConsoleW
ReadConsoleW
GetConsoleCP
GetConsoleMode

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekASIO_8/RTHDASIO64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

Password: asd

38aa1adc3e4be3c056303e7c210af7a1

Code Sign

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:45

Not After

15/04/2021, 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/01/2019, 00:00

Not After

06/01/2022, 12:00

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:1a:be:2c:7c:17:78:8e:3a:04:bb:9f:ad:14:e1:d0:9a:7a:a7:fb:a7:fb:72:e1:a6:b6:83:e8:31:65:e3:b2
Signer

Actual PE Digest

bc:1a:be:2c:7c:17:78:8e:3a:04:bb:9f:ad:14:e1:d0:9a:7a:a7:fb:a7:fb:72:e1:a6:b6:83:e8:31:65:e3:b2

Digest Algorithm

sha256

PE Digest Matches

true

bc:1a:be:2c:7c:17:78:8e:3a:04:bb:9f:ad:14:e1:d0:9a:7a:a7:fb:a7:fb:72:e1:a6:b6:83:e8:31:65:e3:b2
Signer

Actual PE Digest

bc:1a:be:2c:7c:17:78:8e:3a:04:bb:9f:ad:14:e1:d0:9a:7a:a7:fb:a7:fb:72:e1:a6:b6:83:e8:31:65:e3:b2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\HD_Audio\RTHDAsio3.118_USB\Driver\Release\x64\ASIO264.pdb

Imports

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetLastError
RaiseException
SetUnhandledExceptionFilter

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapDestroy
HeapAlloc

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionEx
InitializeCriticalSectionAndSpinCount
CreateEventW
WaitForSingleObject
CreateEventA
CreateMutexA
ReleaseMutex
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-processthreads-l1-1-0

ExitProcess
TlsSetValue
GetCurrentProcessId
TlsFree
GetCurrentThreadId
TlsAlloc
TerminateProcess
CreateThread
GetStartupInfoW
TlsGetValue
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetLocalTime
GetWindowsDirectoryA
GetVersion
GetVersionExA
GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
SizeofResource
LockResource
LoadResource
FindResourceExW
GetProcAddress
GetModuleHandleExW

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

api-ms-win-core-localization-l1-2-0

GetSystemDefaultLangID
IsValidCodePage
GetOEMCP
GetCPInfo
GetACP
GetUserDefaultLangID
LCMapStringW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegGetValueA
RegCreateKeyExA

api-ms-win-core-com-l1-1-0

PropVariantClear
CoCreateInstance
StringFromCLSID
CoUninitialize

api-ms-win-mm-time-l1-1-0

timeGetTime

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
OutputDebugStringA

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetSpecialFolderPathA

api-ms-win-core-file-l1-1-0

FindNextFileA
GetFileType
FlushFileBuffers
SetEndOfFile
WriteFile
SetFilePointerEx
CreateFileA
ReadFile
CreateFileW
GetFileSize
FindClose
FindFirstFileExA

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-stringansi-l1-1-0

CharLowerA
CharUpperA

api-ms-win-core-registry-l2-1-0

RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA

api-ms-win-core-processenvironment-l1-1-0

FreeEnvironmentStringsW
GetStdHandle
GetCurrentDirectoryA
GetCommandLineW
GetCommandLineA
SetStdHandle
GetEnvironmentStringsW

api-ms-win-core-kernel32-legacy-l1-1-0

FindResourceA

api-ms-win-service-management-l1-1-0

CloseServiceHandle
DeleteService

api-ms-win-service-winsvc-l1-1-0

ControlService
OpenServiceA
OpenSCManagerA
StartServiceA
CreateServiceA

api-ms-win-core-synch-ansi-l1-1-0

OpenMutexA

api-ms-win-core-string-l2-1-0

CharUpperW

api-ms-win-devices-config-l1-1-2

CM_Get_Device_IDA

api-ms-win-devices-config-l1-1-1

CM_Get_Device_IDW
CM_Get_Parent

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA

avrt

AvSetMmThreadCharacteristicsA

user32

EndDialog
GetDlgItem
SetDlgItemTextA
wsprintfA
DialogBoxParamA
SendMessageA

ole32

CoInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlPcToFileHeader
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnwindEx
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-console-l1-1-0

WriteConsoleW
GetConsoleMode
GetConsoleCP
ReadConsoleW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekASIO_8/RealtekASIO.inf
Win64/Realtek/RealtekASIO_8/realtekasio.cat
Win64/Realtek/RealtekHSA_273/RealtekHSA.inf
Win64/Realtek/RealtekHSA_273/realtekhsa.cat
Win64/Realtek/RealtekService_531/RealtekService.inf
Win64/Realtek/RealtekService_531/RtCOM64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

8e946d8efa5ce7a7c40f694379f6b4f0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e
Signer

Actual PE Digest

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e

Digest Algorithm

sha256

PE Digest Matches

true

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e
Signer

Actual PE Digest

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\HDAudio\CAPX\RTCOMDLL_3007\ReleaseMinDependency\x64\RTCOMDLL64.pdb

Imports

api-ms-win-core-synch-l1-1-0

CreateEventA
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
SetEvent
CreateEventW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx

oleaut32

SysFreeString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysAllocString
UnRegisterTypeLi
VarUI4FromStr

propsys

PropVariantToUInt32
InitPropVariantFromCLSID
PropVariantToString

api-ms-win-core-com-l1-1-0

CoUninitialize
CoFreeUnusedLibrariesEx
CoInitializeEx
CoTaskMemRealloc
CoCreateInstance
StringFromGUID2
CLSIDFromString
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapAlloc
GetProcessHeap
HeapDestroy
HeapSize
HeapFree

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte

api-ms-win-core-libraryloader-l1-2-0

LoadResource
SizeofResource
LoadLibraryExW
GetModuleHandleW
GetProcAddress
GetModuleHandleExW
FreeLibrary
FindResourceExW
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
LockResource

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryA

api-ms-win-core-file-l1-1-0

FlushFileBuffers
FindFirstFileExA
CreateFileW
FindClose
SetFilePointerEx
WriteFile
FindNextFileA
CreateFileA
GetFileType

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-errorhandling-l1-1-0

SetLastError
RaiseException
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegQueryInfoKeyW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TerminateProcess
ExitProcess
TlsAlloc
TlsGetValue
GetCurrentThreadId
TlsFree
GetStartupInfoW
TlsSetValue
CreateThread

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
OutputDebugStringA
IsDebuggerPresent

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-stringansi-l1-1-0

CharUpperA
CharNextA

api-ms-win-mm-mme-l1-1-0

mixerGetLineInfoA
mixerSetControlDetails
mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mixerGetID
mixerGetControlDetailsA
mixerGetLineControlsA

api-ms-win-core-registry-l2-1-0

RegDeleteKeyA
RegOpenKeyA

api-ms-win-core-localization-l1-2-0

GetOEMCP
GetCPInfo
LCMapStringW
IsDBCSLeadByte
GetACP
IsValidCodePage
GetThreadLocale
SetThreadLocale

api-ms-win-core-kernel32-legacy-l1-1-0

FindResourceA

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-psapi-l1-1-0

K32EnumProcessModules

api-ms-win-core-psapi-ansi-l1-1-0

K32GetModuleBaseNameA

bcrypt

BCryptEncrypt
BCryptDestroyKey
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptImportKeyPair

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA

kernel32

WinExec

user32

FindWindowExA
FindWindowA
RegisterWindowMessageA
PostMessageA

ole32

CoInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlPcToFileHeader
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
RtlUnwindEx

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualQuery
VirtualProtect

api-ms-win-core-processenvironment-l1-1-0

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle
SetStdHandle
GetCommandLineW
GetCommandLineA

api-ms-win-core-console-l1-1-0

GetConsoleCP
GetConsoleMode
WriteConsoleW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtDataProc64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

790e1c385c540748970ff5224af4b217

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ea:b8:7b:37:17:35:53:ad:a0:99:07:25:3c:88:4b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/08/2021, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a
Signer

Actual PE Digest

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a

Digest Algorithm

sha256

PE Digest Matches

true

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a
Signer

Actual PE Digest

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\HDAudio\GetAnotherRecData_2006\GetAnotherRecData\x64\Release\RtMicDataEx.pdb

Imports

api-ms-win-core-synch-l1-1-0

ResetEvent
WaitForSingleObject
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionEx
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetEvent

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

HeapReAlloc
GetProcessHeap
HeapDestroy
HeapAlloc
HeapFree
HeapSize

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
TlsAlloc
GetCurrentThreadId
TlsGetValue
GetCurrentProcessId
CreateThread
GetCurrentProcess
TlsSetValue
SetThreadPriority
TlsFree

api-ms-win-core-libraryloader-l1-2-0

LoadResource
FindResourceExW
LoadLibraryExW
GetProcAddress
SizeofResource
FreeLibrary
GetModuleHandleW
LockResource
GetModuleFileNameW

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

api-ms-win-core-com-l1-1-0

StringFromCLSID
CoTaskMemFree
CoInitializeEx
CoCreateInstance
StringFromGUID2
PropVariantClear
CoTaskMemAlloc

api-ms-win-mm-time-l1-1-0

timeGetTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-string-l2-1-0

CharUpperW

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
RaiseException
GetLastError

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
abort
terminate
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

wcsnlen
memset
strnlen
wcsncmp
strcpy_s
_wcslwr_s
wmemcpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
free
malloc

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlCaptureContext
RtlPcToFileHeader
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-crt-math-l1-1-0

powf
sin
sqrt
sqrtf
expf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtkApi64U.dll
.dll regsvr32 windows:6 windows x64 arch:x64

ad41f11ee3ea28e81ce4e23891847f3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_rtkapoapi\RtkApoApi\x64\ReleaseU\RtkApi64U.pdb

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
lstrcmpiW
WriteConsoleW
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
SetEndOfFile
FlushFileBuffers
GetStringTypeW
SetStdHandle
LCMapStringW
HeapAlloc
HeapDestroy
FindResourceExW
LockResource
CreateFileW
CloseHandle
DeviceIoControl
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
GetThreadLocale
SetThreadLocale
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
LocalFree
GetUserDefaultLCID
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetLastError
SetEvent
WaitForMultipleObjects
FreeLibrary
GetACP
LoadLibraryW
IsValidCodePage
FindNextFileW
RaiseException
FindFirstFileExW
FindClose
SetFilePointerEx
IsDebuggerPresent
OutputDebugStringW
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP

user32

CharNextW

advapi32

RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

PropVariantCopy
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
StringFromCLSID
CLSIDFromString

oleaut32

RegisterTypeLi
SafeArrayUnaccessData
GetRecordInfoFromTypeInfo
VarUI4FromStr
LoadTypeLi
UnRegisterTypeLi
SafeArrayAccessData
SysStringLen
SafeArrayCreateEx
SysAllocString
LoadRegTypeLi
SysFreeString

api-ms-win-devices-config-l1-1-1

CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_ID_ListW

propsys

InitPropVariantFromCLSID

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ParseAddWriteDS1PCDAT
ParseAddWritePCEE4DAT

Sections

.text
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtkAudUService64.exe
.exe windows:6 windows x64 arch:x64

cc0a4eaf9b76af9b60127f76128c38c3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:be:0c:93:a6:4f:ee:a4:bc:94:ff:fe:30:d8:79:5b:2b:ad:18:74:4f:4f:02:0e:14:0e:1d:d6:9e:cf:fe:85
Signer

Actual PE Digest

68:be:0c:93:a6:4f:ee:a4:bc:94:ff:fe:30:d8:79:5b:2b:ad:18:74:4f:4f:02:0e:14:0e:1d:d6:9e:cf:fe:85

Digest Algorithm

sha256

PE Digest Matches

true

4b:46:1d:a3:21:5d:84:02:09:b4:24:c1:6f:11:d4:ce:32:3c:6a:10
Signer

Actual PE Digest

4b:46:1d:a3:21:5d:84:02:09:b4:24:c1:6f:11:d4:ce:32:3c:6a:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\proj\proj_20220531_RtkAudUService_Dynabook\20220531\Release\x64\RtkAudUService64.pdb

Imports

oleaut32

SafeArrayCreateVector
SafeArrayPutElement
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayCreate
VariantInit
SysAllocString
VariantCopy
BSTR_UserMarshal64
LPSAFEARRAY_UserSize64
BSTR_UserSize64
BSTR_UserFree64
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
BSTR_UserMarshal
BSTR_UserUnmarshal
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
BSTR_UserUnmarshal64
LoadTypeLibEx
LPSAFEARRAY_UserSize
SysFreeString
BSTR_UserFree
BSTR_UserSize

rpcrt4

RpcServerUseProtseqEpW
RpcEpUnregister
RpcServerInqBindings
RpcServerRegisterIf3
NdrClientCall3
RpcServerListen
NdrServerCallAll
RpcBindingVectorFree
NdrServerCall2
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrStubCall3
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
RpcEpRegisterW
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer2_Release
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
RpcServerUnregisterIf

api-ms-win-core-com-l1-1-0

CoRevokeClassObject
CoInitializeEx
CLSIDFromString
CoSetProxyBlanket
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
CoInitializeSecurity
StringFromCLSID
CoCreateInstance
CoUninitialize
PropVariantClear
CoTaskMemAlloc
CoFreeUnusedLibrariesEx

propsys

InitPropVariantFromCLSID
PropVariantToString

api-ms-win-core-heap-l1-1-0

HeapDestroy
HeapReAlloc
HeapSize
GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA
FindResourceExW
LockResource
FreeResource
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
SizeofResource
GetProcAddress
LoadLibraryExW
LoadResource
LoadStringW

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW
lstrcpyW
lstrcmpA
lstrlenW

api-ms-win-core-file-l1-1-0

QueryDosDeviceW
GetFileAttributesW
CreateFileW
WriteFile
ReadFile
FileTimeToLocalFileTime
DeleteFileW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FileTimeToSystemTime

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-synch-l1-1-0

SetEvent
WaitForSingleObjectEx
CreateEventW
CreateEventExW
InitializeCriticalSectionEx
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ResetEvent
ReleaseSRWLockExclusive
CancelWaitableTimer
SetWaitableTimer
CreateMutexW
AcquireSRWLockExclusive
WaitForSingleObject

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemDirectoryW
GetSystemTime
GetLocalTime
GetTickCount

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-handle-l1-1-0

CloseHandle
SetHandleInformation

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
CreateProcessAsUserW
GetCurrentProcess
CreateThread
TerminateProcess
GetStartupInfoW
GetCurrentThreadId
GetCurrentProcessId
CreateProcessW
ProcessIdToSessionId
GetExitCodeProcess
SetProcessShutdownParameters

api-ms-win-core-string-l1-1-0

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-winrt-l1-1-0

RoUninitialize
RoGetActivationFactory
RoInitialize

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW
WaitForMultipleObjects

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsDeleteString
WindowsCreateStringReference

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
Sleep
WakeAllConditionVariable

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegDeleteValueW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegFlushKey
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegGetKeySecurity
RegSetKeySecurity
RegEnumValueW
RegGetValueW
RegOpenKeyExW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW
RegCreateKeyW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
OutputDebugStringA

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetSpecialFolderPathW
SHGetFolderPathW

api-ms-win-core-privateprofile-l1-1-0

GetProfileIntW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-namedpipe-l1-1-0

CreatePipe
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe

api-ms-win-core-localization-l1-2-0

FormatMessageW
LCMapStringEx

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

LocalSize

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus
WTSGetActiveConsoleSessionId

api-ms-win-security-base-l1-1-0

AddAce
SetSecurityDescriptorDacl
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetTokenInformation
AddAccessAllowedAceEx
InitializeAcl
GetLengthSid
GetSecurityDescriptorDacl
AdjustTokenPrivileges
GetAce
DuplicateTokenEx
CreateWellKnownSid
DeleteAce
FreeSid
GetAclInformation

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-security-base-l1-2-2

DeriveCapabilitySidsFromName

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

bcrypt

BCryptOpenAlgorithmProvider
BCryptEncrypt
BCryptImportKeyPair
BCryptCloseAlgorithmProvider
BCryptDestroyKey

mfplat

MFCreateAttributes

mf

MFEnumDeviceSources

api-ms-win-service-core-l1-1-0

StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-service-management-l1-1-0

OpenSCManagerW
CreateServiceW
CloseServiceHandle
DeleteService
OpenServiceW

api-ms-win-service-winsvc-l1-1-0

ControlService
QueryServiceStatus

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-appmodel-runtime-l1-1-1

FindPackagesByPackageFamily

api-ms-win-mm-misc-l1-1-0

mmioAdvance
mmioSetInfo
mmioGetInfo
mmioWrite
mmioCreateChunk
mmioRead
mmioSeek
mmioAscend
mmioClose
mmioDescend
mmioOpenW

api-ms-win-core-toolhelp-l1-1-0

CreateToolhelp32Snapshot
Process32NextW
Process32FirstW

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

userenv

CreateEnvironmentBlock

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-memory-l1-1-0

ReadProcessMemory

crypt32

CryptQueryObject
CertFreeCertificateContext
CertCloseStore
CryptMsgGetParam
CertGetNameStringW
CertFindCertificateInStore
CryptDecodeObject
CryptMsgClose

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDevicePropertyW
SetupDiGetDeviceRegistryPropertyW

wtsapi32

WTSQueryUserToken
WTSRegisterSessionNotification

kernel32

WriteProfileStringW
WinExec

user32

RegisterPowerSettingNotification
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
DefWindowProcW
FindWindowExW
SendInput
SendMessageW
TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetTimer
GetMessageW
KillTimer
GetClassNameA
SetWinEventHook
UnhookWinEvent
ShowWindow

advapi32

ReportEventW
GetUserNameW
DeregisterEventSource
RegisterEventSourceW

ole32

CoInitialize

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

ntdll

NtQueryInformationProcess

wininet

InternetOpenUrlW
InternetReadFile
InternetOpenW
InternetCloseHandle

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_errno
_register_thread_local_exe_atexit_callback
_cexit
abort
_seh_filter_exe
_exit
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_initialize_onexit_table
terminate
_resetstkoflw
_get_wide_winmain_command_line
_invalid_parameter_noinfo_noreturn
_initterm
_initterm_e
exit
_register_onexit_function
_crt_atexit
_c_exit

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp
towupper
strcspn
wcscat_s
iswspace
wcstok_s
wcscpy_s
_wcsupr_s
_wcsicmp
wmemcpy_s
wcsnlen
__strncnt
isupper
islower
_wcsdup

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s
fgetc
fputs
fflush
fputws
ftell
_flushall
fwrite
_wfopen_s
_get_stream_buffer_pointers
fgetpos
fputc
__acrt_iob_func
__stdio_common_vfwprintf
__stdio_common_vfprintf_s
fclose
_set_fmode
fsetpos
__stdio_common_vfprintf
fgets
fseek
fread
_wfsopen
__stdio_common_vswprintf_s
__stdio_common_vswprintf
__p__commode
fgetwc
ungetwc
fputwc
_fseeki64
setvbuf
ungetc

api-ms-win-crt-convert-l1-1-0

wcstoul
wcstol
_wtoi

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
free
_recalloc
realloc
_callnewh
calloc

api-ms-win-crt-math-l1-1-0

pow
log10
__setusermatherr
atan2
asin
frexp

api-ms-win-crt-locale-l1-1-0

_lock_locales
localeconv
___mb_cur_max_func
setlocale
__pctype_func
___lc_locale_name_func
___lc_codepage_func
_configthreadlocale
_unlock_locales

api-ms-win-crt-multibyte-l1-1-0

_mbsstr
_mbschr

shlwapi

PathFileExistsW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlUnwindEx
RtlUnwind
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-fibers-l1-1-0

FlsGetValue
FlsAlloc
FlsFree
FlsSetValue

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

Sections

.text
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtkAudUServiceConf64.dll
.dll windows:6 windows x64 arch:x64

1f2241622097352600c71698fe84063a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-fibers-l1-1-0

FlsGetValue
FlsSetValue
FlsFree
FlsAlloc

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
DeleteCriticalSection

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_initterm_e
terminate
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

free
calloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtkAudUServiceRes64.dll
.dll windows:6 windows x64 arch:x64

1f2241622097352600c71698fe84063a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-fibers-l1-1-0

FlsGetValue
FlsSetValue
FlsFree
FlsAlloc

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
DeleteCriticalSection

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_initterm_e
terminate
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

free
calloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/RtkCfg64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

aedbf594d8a1e16419dd583000492c65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Chunyung\Desktop\RTPolicyConfigClient.17\RTPolicyConfigClient.17\x64\Release Universal\RtkCfg64.pdb

Imports

api-ms-win-core-errorhandling-l1-1-0

GetLastError
RaiseException
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
SizeofResource
GetProcAddress
GetModuleFileNameA
LoadResource

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-string-l1-1-0

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2

oleaut32

VarUI4FromStr
LoadTypeLi
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
SysStringLen

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-localization-l1-2-0

LCMapStringW
SetThreadLocale
IsValidCodePage
GetCPInfo
GetThreadLocale
GetOEMCP
GetACP

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnwindEx
RtlPcToFileHeader
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-0

TlsFree
ExitProcess
GetCurrentProcess
TerminateProcess
GetStartupInfoW
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-heap-l1-1-0

HeapSize
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

api-ms-win-core-file-l1-1-0

FindClose
FindNextFileA
GetFileType
FlushFileBuffers
FindFirstFileExA
SetFilePointerEx
CreateFileW
WriteFile

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
GetEnvironmentStringsW
SetStdHandle
GetStdHandle
GetCommandLineA
FreeEnvironmentStringsW

api-ms-win-core-console-l1-1-0

GetConsoleCP
GetConsoleMode
WriteConsoleW

api-ms-win-core-handle-l1-1-0

CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_531/realtekservice.cat
Win64/Realtek/RealtekSstPpDll_27/RTKSpeechPP.dll
.dll windows:6 windows x64 arch:x64

9d1364ab3b7ab881ee3bbcc180c45e49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_Work_Project\_speechppdll\RTKSpeechPP_1.0.26.815\x64\ReleaseV1\RTKSpeechPP.pdb

Imports

kernel32

HeapFree
HeapSize
GetProcessHeap
HeapReAlloc
DeleteCriticalSection
OutputDebugStringW
GetModuleHandleW
GetProcAddress
HeapAlloc
HeapDestroy
GetLastError
InitializeCriticalSectionEx
SetEndOfFile
FlushFileBuffers
CreateFileW
RaiseException
SetStdHandle
GetStringTypeW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
EncodePointer
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ReadFile
ExitProcess
FreeLibrary
CloseHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

ole32

PropVariantClear
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

IntelSstPreProcApiVersion
IntelSstPreProcGetConfig
IntelSstPreProcGetSize
IntelSstPreProcGetVersion
IntelSstPreProcInitialize
IntelSstPreProcProcess
IntelSstPreProcRelease
IntelSstPreProcSetConfig

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 709KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekSstPpDll_27/RTKSpeechPP2.dll
.dll windows:6 windows x64 arch:x64

9d1364ab3b7ab881ee3bbcc180c45e49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_Work_Project\_speechppdll\RTKSpeechPP_1.0.26.815\x64\Release\RTKSpeechPP2.pdb

Imports

kernel32

HeapFree
HeapSize
GetProcessHeap
HeapReAlloc
DeleteCriticalSection
OutputDebugStringW
GetModuleHandleW
GetProcAddress
HeapAlloc
HeapDestroy
GetLastError
InitializeCriticalSectionEx
SetEndOfFile
FlushFileBuffers
CreateFileW
RaiseException
SetStdHandle
GetStringTypeW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
EncodePointer
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ReadFile
ExitProcess
FreeLibrary
CloseHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

ole32

PropVariantClear
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

IntelSstPreProcApiVersion
IntelSstPreProcBurstProcess
IntelSstPreProcGetConfig
IntelSstPreProcGetInt32Value
IntelSstPreProcGetLatency
IntelSstPreProcGetSize
IntelSstPreProcGetVersion
IntelSstPreProcGetVersionString
IntelSstPreProcInitialize
IntelSstPreProcInitializeWithLog
IntelSstPreProcProcess
IntelSstPreProcRelease
IntelSstPreProcReset
IntelSstPreProcSetConfig

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekSstPpDll_27/RealtekSstPpDll.inf
Win64/Realtek/RealtekSstPpDll_27/realteksstppdll.cat
Win64/Realtek/RealtekUAPO2_19/RealtekUAPO2.inf
Win64/Realtek/RealtekUAPO2_19/RltkAPOU642.dll
.dll regsvr32 windows:6 windows x64 arch:x64

e2a2f6e1d55281506e9b287ea4d2d72c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_sysfx\APO\x64\Release2\RltkAPOU642.pdb

Imports

kernel32

LoadResource
SizeofResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiW
GetPriorityClass
MultiByteToWideChar
GetThreadPriority
SetThreadPriority
CreateThread
GetCurrentProcess
WaitForMultipleObjects
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
GetModuleHandleA
RtlUnwind
SetEndOfFile
SetStdHandle
GetStringTypeW
SetEvent
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
GetLocalTime
FindResourceExW
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
EncodePointer
LocalFree
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
GetProcessHeap
HeapSize
HeapFree
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryExW
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapReAlloc
HeapAlloc
IsValidCodePage
FindNextFileW
HeapDestroy
GetLastError
RaiseException
ResetEvent
OpenMutexW
CloseHandle
GetSystemTime
OpenFileMappingW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FindFirstFileExW
FindClose
GetFileSizeEx
VerSetConditionMask
VerifyVersionInfoW
GetConsoleCP
CreateEventExW
SetFilePointerEx
ReadConsoleW
CreateFileW
GetConsoleMode
ReadFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
GetProcAddress
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
WriteFile
GetCurrentThread
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
WriteConsoleW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
FreeLibrary
GetModuleHandleExW
GetFileType
GetStdHandle
DecodePointer
GetACP
Sleep
GetSystemInfo
LoadLibraryA
FlsFree
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue

user32

UnregisterClassA
CharNextW

advapi32

RegQueryValueExA
RegDeleteKeyExW
RegEnumValueW
EventWrite
EventUnregister
EventRegister
RegQueryValueExW
RegNotifyChangeKeyValue
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegGetValueW
RegSetKeySecurity
TraceMessage
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA

ole32

PropVariantCopy
StringFromCLSID
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr
LoadTypeLi
SysFreeString
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
SysStringLen

winmm

timeBeginPeriod
timeEndPeriod

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_ID_ListW

propsys

InitPropVariantFromCLSID

shlwapi

StrCmpW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoUninitialize

audioeng

AERT_Free
AERT_Allocate

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
AvSetMmThreadPriority

rtworkq

RtwqCreateAsyncResult
RtwqPutWorkItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_BSS
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_CONST
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekUAPO2_19/RtkIntU642.dll
.dll regsvr32 windows:6 windows x64 arch:x64

e2a2f6e1d55281506e9b287ea4d2d72c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_sysfx\APO\x64\Release_RTINT2\RtkIntU642.pdb

Imports

kernel32

LoadResource
SizeofResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiW
GetPriorityClass
MultiByteToWideChar
GetThreadPriority
SetThreadPriority
CreateThread
GetCurrentProcess
WaitForMultipleObjects
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
GetModuleHandleA
RtlUnwind
SetEndOfFile
SetStdHandle
GetStringTypeW
SetEvent
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
GetLocalTime
FindResourceExW
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
EncodePointer
LocalFree
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
GetProcessHeap
HeapSize
HeapFree
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryExW
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapReAlloc
HeapAlloc
IsValidCodePage
FindNextFileW
HeapDestroy
GetLastError
RaiseException
ResetEvent
OpenMutexW
CloseHandle
GetSystemTime
OpenFileMappingW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FindFirstFileExW
FindClose
GetFileSizeEx
VerSetConditionMask
VerifyVersionInfoW
GetConsoleCP
CreateEventExW
SetFilePointerEx
ReadConsoleW
CreateFileW
GetConsoleMode
ReadFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
GetProcAddress
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
WriteFile
GetCurrentThread
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
WriteConsoleW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
FreeLibrary
GetModuleHandleExW
GetFileType
GetStdHandle
DecodePointer
GetACP
Sleep
GetSystemInfo
LoadLibraryA
FlsFree
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue

user32

UnregisterClassA
CharNextW

advapi32

RegQueryValueExA
RegDeleteKeyExW
RegEnumValueW
EventWrite
EventUnregister
EventRegister
RegQueryValueExW
RegNotifyChangeKeyValue
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegGetValueW
RegSetKeySecurity
TraceMessage
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA

ole32

PropVariantCopy
StringFromCLSID
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr
LoadTypeLi
SysFreeString
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
SysStringLen

winmm

timeBeginPeriod
timeEndPeriod

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_ID_ListW

propsys

InitPropVariantFromCLSID

shlwapi

StrCmpW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoUninitialize

audioeng

AERT_Free
AERT_Allocate

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
AvSetMmThreadPriority

rtworkq

RtwqCreateAsyncResult
RtwqPutWorkItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_BSS
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_CONST
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekUAPO2_19/RtkMicUUn642.dll
.dll regsvr32 windows:6 windows x64 arch:x64

e2a2f6e1d55281506e9b287ea4d2d72c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_sysfx\APO\x64\Release_RTSDUSB2\RtkMicUUn642.pdb

Imports

kernel32

LoadResource
SizeofResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiW
GetPriorityClass
MultiByteToWideChar
GetThreadPriority
SetThreadPriority
CreateThread
GetCurrentProcess
WaitForMultipleObjects
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
GetModuleHandleA
RtlUnwind
SetEndOfFile
SetStdHandle
GetStringTypeW
SetEvent
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
GetLocalTime
FindResourceExW
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
EncodePointer
LocalFree
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
GetProcessHeap
HeapSize
HeapFree
DuplicateHandle
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryExW
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapReAlloc
HeapAlloc
IsValidCodePage
FindNextFileW
HeapDestroy
GetLastError
RaiseException
ResetEvent
OpenMutexW
CloseHandle
GetSystemTime
OpenFileMappingW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FindFirstFileExW
FindClose
GetFileSizeEx
VerSetConditionMask
VerifyVersionInfoW
GetConsoleCP
CreateEventExW
SetFilePointerEx
ReadConsoleW
CreateFileW
GetConsoleMode
ReadFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
GetProcAddress
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
WriteFile
GetCurrentThread
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
WriteConsoleW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
FreeLibrary
GetModuleHandleExW
GetFileType
GetStdHandle
DecodePointer
GetACP
Sleep
GetSystemInfo
LoadLibraryA
FlsFree
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue

user32

UnregisterClassA
CharNextW

advapi32

RegQueryValueExA
RegDeleteKeyExW
RegEnumValueW
EventWrite
EventUnregister
EventRegister
RegQueryValueExW
RegNotifyChangeKeyValue
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegGetValueW
RegSetKeySecurity
TraceMessage
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA

ole32

PropVariantCopy
StringFromCLSID
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr
LoadTypeLi
SysFreeString
SysAllocString
UnRegisterTypeLi
RegisterTypeLi
SysStringLen

winmm

timeBeginPeriod
timeEndPeriod

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_ID_ListW

propsys

InitPropVariantFromCLSID

shlwapi

StrCmpW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoUninitialize

audioeng

AERT_Free
AERT_Allocate

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
AvSetMmThreadPriority

rtworkq

RtwqCreateAsyncResult
RtwqPutWorkItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_BSS
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 923KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_CONST
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekUAPO2_19/RtkUApo2Api.dll
.dll regsvr32 windows:6 windows x64 arch:x64

fe701003035d5637bfb41559b944d409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_Binary\_APO\_rtkuapo2api\RtkUApo2Api\x64\Release\RtkUApo2Api.pdb

Imports

propsys

InitPropVariantFromCLSID

cfgmgr32

CM_Get_Device_ID_ListW
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW

kernel32

LockResource
SizeofResource
FindResourceW
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FreeLibrary
HeapReAlloc
GetModuleHandleW
GetProcAddress
LoadLibraryExW
FindResourceExW
MultiByteToWideChar
DecodePointer
EncodePointer
GetThreadLocale
SetThreadLocale
CreateFileW
GetConsoleMode
HeapAlloc
HeapDestroy
LoadResource
GetProcessHeap
HeapSize
lstrcmpiW
HeapFree
WriteConsoleW
GetModuleFileNameW
IsDebuggerPresent
GetConsoleCP
WriteFile
FlushFileBuffers
SetStdHandle
SetFilePointerEx
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW
OutputDebugStringW
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW

user32

CharNextW

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

PropVariantClear
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CLSIDFromString
PropVariantCopy
CoTaskMemRealloc

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SysAllocString
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekUAPO2_19/realtekapo2.cat
Win64/hdxrt.cat
data1.cab
data1.hdr
data2.cab
layout.bin
setup.ini
setup.inx
setup.isn
setup.iss

Sharing

General

Malware Config

Signatures

Files

Password: asd

Password: asd

c062542419a816c407b09c909072a761

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

2c:80:89:2e:01:15:b0:b7:7a:a3:59:4b:9a:73:39:53Certificate

Extended Key Usages

Key Usages

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1fSigner

Headers

File Characteristics

Imports

dsound

setupapi

kernel32

user32

advapi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

Password: asd

affd663658d87f17e7be2cfe73546714

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0bCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83Signer

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

gdiplus

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

2c:80:89:2e:01:15:b0:b7:7a:a3:59:4b:9a:73:39:53
Certificate

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f
Signer

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83
Signer

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10
Signer

.text
Size: 642KB - Virtual size: 2.2MB

.rsrc
Size: 131KB - Virtual size: 132KB

.reloc
Size: 512B - Virtual size: 512B

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

61:20:4d:b4:00:00:00:00:00:27
Certificate

0b:fc:fa:c0:8e:21:6a:1c:1f:da:a6:b7:7b:b2:d6:6e
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

61:20:4d:b4:00:00:00:00:00:27
Certificate

05:59:58:f8:a9:0b:14:fa:25:43:6b:89:fb:30:76:60
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

59:15:f7:a2:0c:c4:ec:79:eb:43:0b:53:c7:10:44:52:2f:6d:7b:5b:58:44:06:60:a4:f5:17:4f:cb:34:72:47
Signer

e2:38:55:61:3d:83:6e:8f:80:fd:40:af:85:ca:94:05:8c:64:1c:8d
Signer

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 28KB - Virtual size: 25KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate