dialog
initDialog
make_unicode
show
Static task
static1
2 signatures
General
-
Target
sunshine-windows-installer.exe
-
Size
11.3MB
-
MD5
ccda3c8a03329b3544955cfa47db561b
-
SHA1
04e3eb1899713c162dd35dd4b253fec06d9d6cf7
-
SHA256
d5aa11fc6447b6e59ac4d1c3125f5c6660dcacdba5ab572ad2633f9f0d6805ac
-
SHA512
5dfa3cf6f7ae513e5edbf33beff84731578c58314d4b06be7702873227ae974a3c99c37c26a3986a53313e75f49160c6b0d2a27a48587863557741eb6c00617c
-
SSDEEP
196608:1jkNGP0ZnjHxyhH8xF3w9A7x9lwJ0gTyNgD4hs+uon3+9fiNUjUhXHVR:yNeInjHx5rw9Ql+0gWKD6s+b+9G+MXT
Score
3/10
Malware Config
Signatures
-
Embeds OpenSSL 1 IoCs
Embeds OpenSSL, may be used to circumvent TLS interception.
resource yara_rule static1/unpack001/sunshine.exe embeds_openssl -
Unsigned PE 12 IoCs
Checks for missing Authenticode signature.
resource sunshine-windows-installer.exe unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/StartMenu.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/UserInfo.dll unpack001/$PLUGINSDIR/nsExec.dll unpack001/sunshine.exe unpack001/tools/audio-info.exe unpack001/tools/ddprobe.exe unpack001/tools/dxgi-info.exe unpack001/tools/sunshinesvc.exe unpack001/zlib1.dll
Files
-
sunshine-windows-installer.exe.exe windows:4 windows x64 arch:x64
c0f430a142bcdc701f4a3bdc3d2c6a84
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyExW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
comctl32
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls
gdi32
CreateBrushIndirect
CreateFontIndirectW
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor
kernel32
CloseHandle
CompareFileTime
CopyFileW
CreateDirectoryW
CreateFileW
CreateProcessW
CreateThread
DeleteFileW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetDiskFreeSpaceExW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetShortPathNameW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTickCount
GetUserDefaultUILanguage
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryExW
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpynW
lstrlenA
lstrlenW
ole32
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
shell32
SHBrowseForFolderW
SHCLSIDFromString
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW
user32
AppendMenuW
BeginPaint
CallWindowProcW
CharNextA
CharNextW
CharPrevW
CheckDlgButton
CloseClipboard
CreateDialogParamW
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExW
GetAsyncKeyState
GetClassInfoW
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextW
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongPtrW
GetWindowRect
InvalidateRect
IsDlgButtonChecked
IsWindow
IsWindowEnabled
IsWindowVisible
LoadCursorW
LoadImageW
MessageBoxIndirectW
OpenClipboard
PeekMessageW
PostQuitMessage
RegisterClassW
ReleaseDC
ScreenToClient
SendMessageTimeoutW
SendMessageW
SetClassLongPtrW
SetClipboardData
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowLongPtrW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
wsprintfW
wvsprintfW
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 392KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: 512B - Virtual size: 1024KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x64 arch:x64
5b8b126e882b293b41dddd3dd0aa445c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
comdlg32
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
gdi32
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteObject
GetDIBits
GetObjectW
SelectObject
SetTextColor
kernel32
CloseHandle
CreateFileW
DeleteCriticalSection
EnterCriticalSection
GetCurrentDirectoryW
GetFileSize
GetLastError
GetModuleHandleW
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
SetCurrentDirectoryW
SetEndOfFile
SetFilePointer
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite
api-ms-win-crt-string-l1-1-0
strlen
strncmp
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
ole32
CoTaskMemFree
shell32
SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
user32
CallWindowProcW
CharNextW
CloseClipboard
CreateDialogParamW
CreateWindowExW
DestroyIcon
DestroyWindow
DispatchMessageW
DrawFocusRect
DrawTextW
EnableMenuItem
EnableWindow
GetClientRect
GetClipboardData
GetDlgCtrlID
GetDlgItem
GetMessageW
GetSysColor
GetSystemMenu
GetWindowLongPtrW
GetWindowRect
GetWindowTextW
IsDialogMessageW
LoadCursorW
LoadIconW
LoadImageW
MapDialogRect
MapWindowPoints
MessageBoxW
OpenClipboard
PostMessageW
PtInRect
SendMessageW
SetCursor
SetWindowLongPtrW
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
TranslateMessage
wsprintfW
Exports
Exports
Sections
.text Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1008B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 1024B - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 17KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 135B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/NSIS.InstallOptions.ini
-
$PLUGINSDIR/StartMenu.dll.dll windows:4 windows x64 arch:x64
511c5f608df90f14ce6f4dd457c4ff2a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
gdi32
GetTextMetricsW
SelectObject
kernel32
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleW
GlobalAlloc
GlobalFree
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
ole32
CoTaskMemFree
shell32
SHGetPathFromIDListW
SHGetSpecialFolderLocation
user32
CallWindowProcW
CheckDlgButton
CreateDialogParamW
DestroyWindow
DispatchMessageW
EnableWindow
GetClientRect
GetDC
GetDlgItem
GetMessageW
GetWindowLongPtrW
GetWindowRect
GetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
LoadIconW
MoveWindow
PostMessageW
ReleaseDC
ScreenToClient
SendMessageW
SetWindowLongPtrW
SetWindowTextW
ShowWindow
TranslateMessage
wsprintfW
Exports
Exports
Init
Select
Show
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 640B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 512B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 10KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 101B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x64 arch:x64
4ac2553f9383a27d105aa18359e87ff3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleW
GetProcAddress
GlobalAlloc
GlobalFree
GlobalSize
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
Sleep
TlsGetValue
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
lstrcpyW
lstrcpynW
lstrlenW
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite
api-ms-win-crt-string-l1-1-0
strlen
strncmp
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
ole32
CLSIDFromString
StringFromGUID2
user32
wsprintfW
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 224B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 1024B - Virtual size: 944B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 400B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 179B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UserInfo.dll.dll windows:4 windows x64 arch:x64
6999456a03b632cf650f212358b1c70e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
advapi32
AllocateAndInitializeSid
CheckTokenMembership
EqualSid
FreeSid
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenThreadToken
kernel32
CloseHandle
GetCurrentProcess
GetCurrentThread
GetLastError
GlobalAlloc
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
lstrcpynW
user32
wsprintfW
Exports
Exports
GetAccountType
GetName
GetOriginalAccountType
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 512B - Virtual size: 200B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 48B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 129B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 1024B - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsExec.dll.dll windows:4 windows x64 arch:x64
74ba91b9fcb5a967b84ea9b49217f8d2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
advapi32
InitializeSecurityDescriptor
IsTextUnicode
SetSecurityDescriptorDacl
kernel32
CloseHandle
CopyFileW
CreateFileMappingW
CreateFileW
CreatePipe
CreateProcessW
DeleteFileW
ExitProcess
GetCommandLineW
GetExitCodeProcess
GetModuleFileNameW
GetStartupInfoW
GetTempFileNameW
GetTickCount
GlobalAlloc
GlobalFree
GlobalReAlloc
IsDBCSLeadByteEx
MapViewOfFile
MultiByteToWideChar
PeekNamedPipe
ReadFile
Sleep
TerminateProcess
UnmapViewOfFile
WaitForSingleObject
WideCharToMultiByte
lstrcatW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
user32
CharNextW
CharPrevW
FindWindowExW
SendMessageW
wsprintfW
Exports
Exports
Exec
ExecToLog
ExecToStack
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 320B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 512B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 1KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 108B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
assets/apps.json
-
assets/box.png.png
-
assets/desktop-alt.png.png
-
assets/desktop.png.png
-
assets/shaders/directx/convert_yuv420_packed_uv_type0_ps.hlsl
-
assets/shaders/directx/convert_yuv420_packed_uv_type0_ps_linear.hlsl
-
assets/shaders/directx/convert_yuv420_packed_uv_type0_ps_perceptual_quantizer.hlsl
-
assets/shaders/directx/convert_yuv420_packed_uv_type0_vs.hlsl
-
assets/shaders/directx/convert_yuv420_planar_y_ps.hlsl
-
assets/shaders/directx/convert_yuv420_planar_y_ps_linear.hlsl
-
assets/shaders/directx/convert_yuv420_planar_y_ps_perceptual_quantizer.hlsl
-
assets/shaders/directx/convert_yuv420_planar_y_vs.hlsl
-
assets/shaders/directx/cursor_ps.hlsl
-
assets/shaders/directx/cursor_ps_normalize_white.hlsl
-
assets/shaders/directx/cursor_vs.hlsl
-
assets/shaders/directx/include/base_vs.hlsl
-
assets/shaders/directx/include/base_vs_types.hlsl
-
assets/shaders/directx/include/common.hlsl
-
assets/shaders/directx/include/convert_base.hlsl
-
assets/shaders/directx/include/convert_linear_base.hlsl
-
assets/shaders/directx/include/convert_perceptual_quantizer_base.hlsl
-
assets/shaders/directx/include/convert_yuv420_packed_uv_ps_base.hlsl
-
assets/shaders/directx/include/convert_yuv420_planar_y_ps_base.hlsl
-
assets/steam.png.png
-
assets/web/apps.html.html
-
assets/web/assets/Navbar-0bb5235e.js.js
-
assets/web/assets/Navbar-13079613.css
-
assets/web/assets/ResourceCard-13ae4075.js
-
assets/web/assets/_plugin-vue_export-helper-8f5add99.css
-
assets/web/assets/_plugin-vue_export-helper-e51de2e9.js.js
-
assets/web/assets/apps-c7121738.js.js
-
assets/web/assets/config-86ef730b.css
-
assets/web/assets/config-9474dbfe.js.js
-
assets/web/assets/css/sunshine.css
-
assets/web/assets/fa-brands-400-bc844b5b.ttf
-
assets/web/assets/fa-brands-400-c411f119.woff2
-
assets/web/assets/fa-regular-400-64f9fb62.ttf
-
assets/web/assets/fa-regular-400-c732f106.woff2
-
assets/web/assets/fa-solid-900-1f0189e0.woff2
-
assets/web/assets/fa-solid-900-31f099c1.ttf
-
assets/web/assets/fa-v4compatibility-2aca24b3.woff2
-
assets/web/assets/fa-v4compatibility-a6274a12.ttf
-
assets/web/assets/index-be76101d.js.js
-
assets/web/assets/locale/de.json
-
assets/web/assets/locale/en.json
-
assets/web/assets/locale/en_GB.json
-
assets/web/assets/locale/en_US.json
-
assets/web/assets/locale/es.json
-
assets/web/assets/locale/fr.json
-
assets/web/assets/locale/it.json
-
assets/web/assets/locale/ja.json
-
assets/web/assets/locale/pt.json
-
assets/web/assets/locale/ru.json
-
assets/web/assets/locale/sv.json
-
assets/web/assets/locale/tr.json
-
assets/web/assets/locale/zh.json
-
assets/web/assets/password-ceb52562.js.js
-
assets/web/assets/pin-fa1de5b0.js.js
-
assets/web/assets/troubleshooting-8a7fca0e.js.js
-
assets/web/assets/welcome-1c2a01af.js.js
-
assets/web/config.html.html
-
assets/web/images/logo-sunshine-16.png.png
-
assets/web/images/logo-sunshine-45.png.png
-
assets/web/images/sunshine-locked-16.png.png
-
assets/web/images/sunshine-locked-45.png.png
-
assets/web/images/sunshine-locked.ico
-
assets/web/images/sunshine-locked.png.png
-
assets/web/images/sunshine-locked.svg.xml
-
assets/web/images/sunshine-pausing-16.png.png
-
assets/web/images/sunshine-pausing-45.png.png
-
assets/web/images/sunshine-pausing.ico
-
assets/web/images/sunshine-pausing.png.png
-
assets/web/images/sunshine-pausing.svg.xml
-
assets/web/images/sunshine-playing-16.png.png
-
assets/web/images/sunshine-playing-45.png.png
-
assets/web/images/sunshine-playing.ico
-
assets/web/images/sunshine-playing.png.png
-
assets/web/images/sunshine-playing.svg.xml
-
assets/web/images/sunshine.ico
-
assets/web/index.html.html
-
assets/web/password.html.html
-
assets/web/pin.html.html
-
assets/web/troubleshooting.html.html
-
assets/web/welcome.html.html
-
scripts/add-firewall-rule.bat.bat .vbs
-
scripts/autostart-service.bat
-
scripts/delete-firewall-rule.bat
-
scripts/install-gamepad.bat.bat .vbs
-
scripts/install-service.bat.bat .vbs
-
scripts/migrate-config.bat
-
scripts/uninstall-gamepad.bat
-
scripts/uninstall-service.bat
-
sunshine.exe.exe windows:4 windows x64 arch:x64
b0d7ffe6d778c64622404c3246944f4e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
CreateProcessAsUserW
CreateWellKnownSid
CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptReleaseContext
DeregisterEventSource
FreeSid
GetSecurityInfo
GetTokenInformation
ImpersonateLoggedOnUser
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegGetValueW
RegOpenCurrentUser
RegOpenKeyExW
RegOpenUserClassesRoot
RegOverridePredefKey
RegQueryInfoKeyW
RegQueryValueExW
RegSetKeyValueW
RegisterEventSourceW
ReportEventW
RevertToSelf
SetEntriesInAclA
SetSecurityInfo
StartServiceA
avrt
AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsA
bcrypt
BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider
crypt32
CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertGetNameStringA
CertOpenStore
CertOpenSystemStoreA
CertOpenSystemStoreW
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryA
PFXImportCertStore
d3d11
CreateDirect3D11DeviceFromDXGIDevice
D3D11CreateDevice
d3dcompiler_47
D3DCompileFromFile
dwmapi
DwmEnableMMCSS
dxgi
CreateDXGIFactory1
iphlpapi
GetAdaptersAddresses
GetBestInterface
GetTcpTable
kernel32
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetActiveProcessorGroupCount
GetFileAttributesA
GetLogicalProcessorInformation
GetNumaNodeProcessorMaskEx
GetTimeZoneInformation
GetVolumeInformationW
IsProcessorFeaturePresent
OpenEventA
QueryInformationJobObject
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
SetFilePointer
TerminateJobObject
VirtualQuery
WTSGetActiveConsoleSessionId
WaitForMultipleObjectsEx
__C_specific_handler
api-ms-win-crt-convert-l1-1-0
atoi
mbrtowc
strtod
strtol
strtoll
strtoul
strtoull
wcrtomb
wcstombs
wcstombs_s
wcstoul
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
_wgetcwd
getenv
api-ms-win-crt-filesystem-l1-1-0
_findclose
_findfirst64
_findnext64
_fstat64
_fullpath
_lock_file
_stat64
_wfindnext64
_unlock_file
_unlink
_wchdir
_wchmod
_wfindfirst64
_wfullpath
_wmkdir
_wrename
_wstat64
_wunlink
api-ms-win-crt-heap-l1-1-0
_aligned_free
_aligned_malloc
_aligned_realloc
_set_new_mode
calloc
free
malloc
realloc
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
___mb_cur_max_func
localeconv
setlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
_fdopen
acos
asin
atan
atan2
ceil
cos
cosh
exp
exp2
exp2f
fabs
floor
floorf
fminf
frexp
hypot
log
log10
log1p
log2
log2f
lround
lroundf
pow
powf
round
sin
sinh
sqrt
sqrtf
tan
tanh
api-ms-win-crt-private-l1-1-0
__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
strrchr
strstr
wcsrchr
wcsstr
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
__sys_errlist
__sys_nerr
_assert
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_get_errno
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_errno
_set_invalid_parameter_handler
abort
exit
perror
raise
signal
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_s
_close
_close
_fileno
_fileno
_fseeki64
_ftelli64
_get_osfhandle
_isatty
_lseeki64
_open
_read
_setmode
_sopen
_telli64
_wfopen
_wfsopen
_wopen
_write
_wsopen
fclose
feof
ferror
fflush
fgets
fopen
fopen_s
fputc
fputs
fputwc
fread
fseek
ftell
fwrite
getc
getwc
putc
puts
putwc
rewind
setvbuf
ungetc
ungetwc
api-ms-win-crt-string-l1-1-0
_memicmp
_strdup
_strdup
_stricmp
_strnicmp
isspace
isupper
iswctype
iswspace
isxdigit
mbrlen
memcpy_s
memset
strcat
strcmp
strcoll
strcpy
strcspn
strlen
strncmp
strncpy
strncpy_s
strpbrk
strspn
strtok
strtok_s
strxfrm
tolower
towlower
towupper
wcscat
wcscmp
wcscoll
wcscpy
wcscpy_s
wcslen
wcsncpy
wcsxfrm
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_difftime64
_ftime64
_ftime64_s
_gmtime64
_gmtime64_s
_localtime64
_localtime64_s
_mktime64
_time64
_tzset
_wutime64
clock
strftime
wcsftime
api-ms-win-crt-utility-l1-1-0
bsearch
qsort
rand
rand_s
ntdll
NtQueryTimerResolution
NtSetTimerResolution
RtlVirtualUnwind
VerSetConditionMask
ole32
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
GetErrorInfo
PropVariantClear
SetErrorInfo
setupapi
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
shell32
ExtractIconExA
SHGetFileInfoW
SHQueryUserNotificationState
ShellExecuteExW
Shell_NotifyIconA
shlwapi
AssocQueryStringW
PathFindExtensionW
PathFindOnPathW
PathIsURLW
UrlGetPartW
api-ms-win-core-synch-l1-2-0
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
WaitOnAddress
WakeAllConditionVariable
WakeByAddressSingle
WakeConditionVariable
user32
CloseDesktop
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
EnumWindows
FindWindowA
GetCursorPos
GetMenuItemInfoA
GetMessageA
GetProcessWindowStation
GetShellWindow
GetUserObjectInformationW
GetWindowThreadProcessId
InsertMenuA
InsertMenuItemA
LoadImageA
MessageBoxW
OpenInputDesktop
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassExA
RegisterWindowMessageA
SendInput
SendMessageA
SendNotifyMessageW
SetForegroundWindow
SetThreadDesktop
ShowWindow
TrackPopupMenu
TranslateMessage
UnregisterClassA
UpdateWindow
userenv
CreateEnvironmentBlock
DestroyEnvironmentBlock
api-ms-win-core-com-l1-1-0
StringFromGUID2
api-ms-win-core-console-l1-1-0
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
WriteConsoleW
api-ms-win-core-console-l2-1-0
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
api-ms-win-core-console-l3-2-0
GetConsoleWindow
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringA
api-ms-win-core-errorhandling-l1-1-0
GetLastError
RaiseException
SetLastError
SetUnhandledExceptionFilter
api-ms-win-core-errorhandling-l1-1-3
SetThreadErrorMode
api-ms-win-core-fibers-l2-1-0
ConvertFiberToThread
DeleteFiber
SwitchToFiber
api-ms-win-core-fibers-l2-1-1
ConvertThreadToFiberEx
CreateFiberEx
api-ms-win-core-file-l1-1-0
CompareFileTime
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
WriteFile
api-ms-win-core-file-l1-2-0
GetTempPathW
api-ms-win-core-file-l1-2-2
AreFileApisANSI
api-ms-win-core-file-l2-1-0
CopyFileExW
CreateDirectoryExW
CreateHardLinkW
MoveFileExW
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
GetHandleInformation
SetHandleInformation
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-core-interlocked-l1-1-0
InterlockedPushEntrySList
api-ms-win-core-io-l1-1-0
CancelIoEx
CreateIoCompletionPort
DeviceIoControl
GetOverlappedResult
GetQueuedCompletionStatus
PostQueuedCompletionStatus
api-ms-win-core-io-l1-1-1
CancelIo
api-ms-win-core-job-l2-1-0
CreateJobObjectW
api-ms-win-core-kernel32-legacy-l1-1-0
CreateFileMappingA
MoveFileExA
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
api-ms-win-core-kernel32-legacy-l1-1-5
SetThreadExecutionState
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
LoadLibraryExA
LoadLibraryExW
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryA
LoadLibraryW
api-ms-win-core-localization-l1-2-0
FormatMessageA
FormatMessageW
GetACP
api-ms-win-core-memory-l1-1-0
MapViewOfFile
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
api-ms-win-core-memory-l1-1-1
VirtualLock
api-ms-win-core-namedpipe-ansi-l1-1-0
WaitNamedPipeA
api-ms-win-core-namedpipe-l1-1-0
PeekNamedPipe
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineW
GetCurrentDirectoryW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStdHandle
SetCurrentDirectoryW
SetEnvironmentVariableA
SetEnvironmentVariableW
api-ms-win-core-processthreads-l1-1-0
CreateProcessA
CreateProcessW
CreateThread
DeleteProcThreadAttributeList
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetProcessTimes
GetThreadPriority
InitializeProcThreadAttributeList
QueueUserAPC
ResumeThread
SetPriorityClass
SetProcessShutdownParameters
SetThreadPriority
SuspendThread
SwitchToThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UpdateProcThreadAttribute
api-ms-win-core-processthreads-l1-1-1
GetThreadContext
GetThreadTimes
OpenProcess
SetThreadContext
api-ms-win-core-processtopology-l1-1-0
GetThreadGroupAffinity
SetThreadGroupAffinity
api-ms-win-core-processtopology-obsolete-l1-1-0
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-synch-ansi-l1-1-0
CreateSemaphoreA
CreateWaitableTimerA
CreateWaitableTimerExA
api-ms-win-core-synch-l1-1-0
AcquireSRWLockExclusive
AcquireSRWLockShared
CreateEventA
CreateEventW
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
LeaveCriticalSection
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
SetEvent
SetWaitableTimer
SleepEx
TryEnterCriticalSection
WaitForSingleObject
WaitForSingleObjectEx
api-ms-win-core-synch-l1-2-1
CreateSemaphoreW
WaitForMultipleObjects
api-ms-win-core-sysinfo-l1-1-0
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTickCount
GetTickCount64
GetVersion
GetWindowsDirectoryW
api-ms-win-core-sysinfo-l1-2-0
SetSystemTime
api-ms-win-core-systemtopology-l1-1-0
GetNumaHighestNodeNumber
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
SystemTimeToFileTime
api-ms-win-core-winrt-error-l1-1-1
RoOriginateLanguageException
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
api-ms-win-mm-time-l1-1-0
timeBeginPeriod
timeEndPeriod
api-ms-win-ntuser-sysparams-l1-1-0
GetSystemMetrics
SystemParametersInfoW
oleaut32
SysAllocString
SysFreeString
SysStringLen
wldap32
ber_free
ldap_bind_s
ldap_err2string
ldap_first_attribute
ldap_first_entry
ldap_get_dn
ldap_get_values_len
ldap_init
ldap_memfree
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_search_s
ldap_set_option
ldap_simple_bind_s
ldap_sslinit
ldap_unbind_s
ldap_value_free_len
ws2_32
WSAAddressToStringA
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAIoctl
WSARecv
WSARecvFrom
WSAResetEvent
WSASend
WSASendMsg
WSASetEvent
WSASocketW
WSAStringToAddressA
WSAStringToAddressW
WSAWaitForMultipleEvents
freeaddrinfo
getaddrinfo
gethostbyaddr
getnameinfo
getservbyname
getservbyport
inet_ntoa
inet_ntop
inet_pton
wsock32
AcceptEx
GetAcceptExSockaddrs
WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
wtsapi32
WTSQueryUserToken
Exports
Exports
opus_custom_decode
opus_custom_decode_float
opus_custom_decoder_create
opus_custom_decoder_ctl
opus_custom_decoder_destroy
opus_custom_decoder_get_size
opus_custom_decoder_init
opus_custom_encode
opus_custom_encode_float
opus_custom_encoder_create
opus_custom_encoder_ctl
opus_custom_encoder_destroy
opus_custom_encoder_get_size
opus_custom_encoder_init
opus_custom_mode_create
opus_custom_mode_destroy
opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_dred_decode
opus_decoder_dred_decode_float
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_dred_alloc
opus_dred_decoder_create
opus_dred_decoder_ctl
opus_dred_decoder_destroy
opus_dred_decoder_get_size
opus_dred_decoder_init
opus_dred_free
opus_dred_get_size
opus_dred_parse
opus_dred_process
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_encoder_get_size
opus_encoder_init
opus_get_version_string
opus_multistream_encode
opus_multistream_encode_float
opus_multistream_encoder_create
opus_multistream_encoder_ctl
opus_multistream_encoder_destroy
opus_multistream_encoder_get_size
opus_multistream_encoder_init
opus_multistream_packet_pad
opus_multistream_packet_unpad
opus_multistream_surround_encoder_create
opus_multistream_surround_encoder_get_size
opus_multistream_surround_encoder_init
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_has_lbrr
opus_packet_pad
opus_packet_parse
opus_packet_unpad
opus_pcm_soft_clip
opus_repacketizer_cat
opus_repacketizer_create
opus_repacketizer_destroy
opus_repacketizer_get_nb_frames
opus_repacketizer_get_size
opus_repacketizer_init
opus_repacketizer_out
opus_repacketizer_out_range
opus_strerror
Sections
.text Size: 24.5MB - Virtual size: 24.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 1024B - Virtual size: 672B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 106KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 370KB - Virtual size: 369KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 540KB - Virtual size: 539KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tools/audio-info.exe.exe windows:4 windows x64 arch:x64
5aaa535c703a97e7c132d455f63220dd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler
api-ms-win-crt-convert-l1-1-0
mbrtowc
strtoul
wcrtomb
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
getenv
api-ms-win-crt-filesystem-l1-1-0
_fstat64
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
realloc
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
___mb_cur_max_func
localeconv
setlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
_fdopen
api-ms-win-crt-private-l1-1-0
__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
_fileno
_fseeki64
_ftelli64
_get_osfhandle
_lseeki64
_read
_wfopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fwrite
getc
getwc
putc
putwc
setvbuf
ungetc
ungetwc
api-ms-win-crt-string-l1-1-0
_strdup
iswctype
memset
strcmp
strcoll
strlen
strncmp
strxfrm
tolower
towlower
towupper
wcscoll
wcslen
wcsxfrm
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
strftime
wcsftime
api-ms-win-crt-utility-l1-1-0
rand_s
ole32
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
PropVariantClear
Sections
.text Size: 829KB - Virtual size: 829KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 79KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 3KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tools/ddprobe.exe.exe windows:4 windows x64 arch:x64
66e1ee238edfa0294d08e5b564be6ac5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
RegDeleteKeyValueW
RegSetKeyValueW
d3d11
D3D11CreateDevice
dxgi
CreateDXGIFactory1
kernel32
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler
api-ms-win-crt-convert-l1-1-0
atoi
mbrtowc
strtoul
wcrtomb
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
getenv
api-ms-win-crt-filesystem-l1-1-0
_fstat64
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
realloc
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
___mb_cur_max_func
localeconv
setlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
_fdopen
api-ms-win-crt-private-l1-1-0
__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vswprintf_s
_fileno
_fseeki64
_ftelli64
_get_osfhandle
_lseeki64
_read
_wfopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fwrite
getc
getwc
putc
putwc
setvbuf
ungetc
ungetwc
api-ms-win-crt-string-l1-1-0
_strdup
iswctype
memset
strcmp
strcoll
strlen
strncmp
strxfrm
towlower
towupper
wcscoll
wcslen
wcsxfrm
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
strftime
wcsftime
api-ms-win-crt-utility-l1-1-0
rand_s
user32
CloseDesktop
OpenInputDesktop
SetThreadDesktop
Sections
.text Size: 827KB - Virtual size: 827KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 119KB - Virtual size: 119KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 3KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tools/dxgi-info.exe.exe windows:4 windows x64 arch:x64
4330c28d96a69ac1366d90175063968e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
dxgi
CreateDXGIFactory1
kernel32
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler
api-ms-win-crt-convert-l1-1-0
mbrtowc
strtoul
wcrtomb
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
getenv
api-ms-win-crt-filesystem-l1-1-0
_fstat64
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
realloc
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
___mb_cur_max_func
localeconv
setlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
_fdopen
api-ms-win-crt-private-l1-1-0
__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
_fileno
_fseeki64
_ftelli64
_get_osfhandle
_lseeki64
_read
_wfopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fwrite
getc
getwc
putc
putwc
setvbuf
ungetc
ungetwc
api-ms-win-crt-string-l1-1-0
_strdup
iswctype
memset
strcmp
strcoll
strlen
strncmp
strxfrm
towlower
towupper
wcscoll
wcslen
wcsxfrm
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
strftime
wcsftime
api-ms-win-crt-utility-l1-1-0
rand_s
user32
SetProcessDpiAwarenessContext
Sections
.text Size: 825KB - Virtual size: 824KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 3KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tools/sunshinesvc.exe.exe windows:4 windows x64 arch:x64
dd26f2ca3edfc38909731870f416b60d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
CreateProcessAsUserW
DuplicateTokenEx
OpenProcessToken
RegisterServiceCtrlHandlerExA
SetServiceStatus
SetTokenInformation
StartServiceCtrlDispatcherA
kernel32
AttachConsole
CloseHandle
CreateEventA
CreateFileW
CreateJobObjectW
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FormatMessageA
GenerateConsoleCtrlEvent
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetTickCount
HeapAlloc
HeapFree
InitializeCriticalSection
InitializeProcThreadAttributeList
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LocalFree
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEvent
SetInformationJobObject
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UpdateProcThreadAttribute
VirtualProtect
VirtualQuery
WTSGetActiveConsoleSessionId
WaitForMultipleObjects
WaitForSingleObject
__C_specific_handler
api-ms-win-crt-convert-l1-1-0
atol
strtoul
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
getenv
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
realloc
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-private-l1-1-0
__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
wcsrchr
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_app_type
_set_invalid_parameter_handler
abort
exit
signal
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
_read
_write
fputc
fputs
fwrite
api-ms-win-crt-string-l1-1-0
_strdup
memset
strcmp
strlen
strncmp
wcscat_s
wcslen
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
api-ms-win-crt-utility-l1-1-0
rand_s
Sections
.text Size: 165KB - Virtual size: 164KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 640B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 672B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
zlib1.dll.dll windows:4 windows x64 arch:x64
149f020ab6fdb4bb3d6cbf7e79214de9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
api-ms-win-crt-convert-l1-1-0
wcstombs
api-ms-win-crt-environment-l1-1-0
__p__environ
__p__wenviron
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
free
malloc
api-ms-win-crt-private-l1-1-0
memchr
memcpy
memmove
api-ms-win-crt-runtime-l1-1-0
__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort
strerror
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
_close
_lseeki64
_open
_read
_wopen
_write
fwrite
api-ms-win-crt-string-l1-1-0
memset
strlen
strncmp
api-ms-win-crt-time-l1-1-0
__daylight
__timezone
__tzname
_tzset
api-ms-win-crt-utility-l1-1-0
rand_s
Exports
Exports
_dist_code
_length_code
_tr_align
_tr_flush_bits
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_combine_gen
crc32_combine_gen64
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gz_error
gz_intmax
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
inflate_copyright
inflate_fast
inflate_table
uncompress
uncompress2
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion
Sections
.text Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 288B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ