719766b05cc5c4d54b5989f7589ddf29bef7d32c188c0bacfb3f02d435bd9349[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

719766b05cc5c4d54b5989f7589ddf29bef7d32c188c0bacfb3f02d435bd9349.exe
Size

13.7MB
MD5

45cf33c7e30fa0e3a2e743380c7d45ec
SHA1

42e6ca3020b3e3f170ce7d7f84f2fc50ab6d38f9
SHA256

719766b05cc5c4d54b5989f7589ddf29bef7d32c188c0bacfb3f02d435bd9349
SHA512

1c627cc0282cf2597dd68038b1babc6d079ccf22780f44463331dc5a8b576e2eab6a1b5657d184c8c2022b0a22641ea51f331743a3ca444fa11f70cc36e156b6
SSDEEP

393216:/pSMwsEc+jXpFyU8QBor01HDvS/dax/HmZntJG8B:QPc+DpFyiBm01HLSVax/YntJGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/charset_converter_plugin.dll
unpack001/flutter_windows.dll
unpack001/permission_handler_windows_plugin.dll
unpack001/url_launcher_windows_plugin.dll
unpack001/webview_universal_plugin.dll
unpack001/win/MySql.Data.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

719766b05cc5c4d54b5989f7589ddf29bef7d32c188c0bacfb3f02d435bd9349.exe
.exe windows:4 windows x86 arch:x86

ced282d9b261d1462772017fe2f6972b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

04/10/2022, 00:00

Not After

03/10/2025, 23:59

Subject

CN=EvoluTEQC Solutions Inc,O=EvoluTEQC Solutions Inc,ST=Québec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a3:85:ce:98:bb:9c:f6:4f:e9:16:fa:60:c7:f6:71:6d:0d:22:fb:6d
Signer

Actual PE Digest

a3:85:ce:98:bb:9c:f6:4f:e9:16:fa:60:c7:f6:71:6d:0d:22:fb:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
RegOpenKeyExA
RegEnumValueA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

IIDFromString
OleInitialize
OleUninitialize
CoCreateInstance
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

SetClipboardData
CharPrevA
CallWindowProcA
PeekMessageA
DispatchMessageA
MessageBoxIndirectA
GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
TrackPopupMenu
FillRect
EmptyClipboard
LoadCursorA
GetMessagePos
CheckDlgButton
GetSysColor
SetCursor
GetWindowLongA
SetClassLongA
SetWindowPos
IsWindowEnabled
GetWindowRect
GetSystemMenu
EnableMenuItem
RegisterClassA
ScreenToClient
EndDialog
GetClassInfoA
SystemParametersInfoA
CreateWindowExA
ExitWindowsEx
DialogBoxParamA
CharNextA
SetTimer
DestroyWindow
CreateDialogParamA
SetForegroundWindow
SetWindowTextA
PostQuitMessage
SendMessageTimeoutA
ShowWindow
wsprintfA
GetDlgItem
FindWindowExA
IsWindow
GetDC
SetWindowLongA
LoadImageA
InvalidateRect
ReleaseDC
EnableWindow
BeginPaint
SendMessageA
DefWindowProcA
DrawTextA
GetClientRect
EndPaint
IsWindowVisible
CloseClipboard
OpenClipboard

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetProcAddress
GetSystemDirectoryA
WideCharToMultiByte
MoveFileExA
ReadFile
GetTempFileNameA
WriteFile
RemoveDirectoryA
CreateProcessA
CreateFileA
GetLastError
CreateThread
CreateDirectoryA
GlobalUnlock
GetDiskFreeSpaceA
GlobalLock
SetErrorMode
GetVersion
lstrcpynA
GetCommandLineA
GetTempPathA
lstrlenA
SetEnvironmentVariableA
ExitProcess
GetWindowsDirectoryA
GetCurrentProcess
GetModuleFileNameA
CopyFileA
GetTickCount
Sleep
GetFileSize
GetFileAttributesA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetShortPathNameA
MoveFileA
CompareFileTime
SetFileTime
SearchPathA
lstrcmpiA
lstrcmpA
CloseHandle
GlobalFree
GlobalAlloc
ExpandEnvironmentStringsA
LoadLibraryExA
FreeLibrary
lstrcpyA
lstrcatA
FindClose
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
GetModuleHandleA
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
lstrcmpA
GetModuleHandleA
lstrlenA
MulDiv
lstrcpynA
GetACP
lstrcpyA

user32

SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
LoadIconA
GetDC
ShowWindow
SendMessageA

gdi32

DeleteObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Webview2Loader.dll
.dll windows:5 windows x64 arch:x64

3fd78a8f50b85b627af2d0fc485b5e97

Code Sign

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:07:aa:ec:6b:6f:5a:97:1a:76:d8:f6:8a:66:f9:77:34:a3:28:9d:37:04:ca:27:7b:58:69:3c:fa:4f:00:91
Signer

Actual PE Digest

c3:07:aa:ec:6b:6f:5a:97:1a:76:d8:f6:8a:66:f9:77:34:a3:28:9d:37:04:ca:27:7b:58:69:3c:fa:4f:00:91

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WebView2Loader.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 62B

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
charset_converter_plugin.dll
.dll windows:6 windows x64 arch:x64

0b5e37a67e83c0ee0190957608af12b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetCPInfoExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
CloseHandle

msvcp140

?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

vcruntime140

__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
__current_exception_context
__std_type_info_compare
memset
memmove
memcpy
memcmp
_CxxThrowException
__std_terminate
__current_exception

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_initterm_e
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm
terminate
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_errno
_invoke_watson

api-ms-win-crt-string-l1-1-0

tolower

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

CharsetConverterPluginRegisterWithRegistrar

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/app.so
.elf linux x64
data/flutter_assets/AssetManifest.json
data/flutter_assets/FontManifest.json
data/flutter_assets/NOTICES.Z
.gz
NOTICES.Z
data/flutter_assets/assets/images/backgroundPlanimo.png
.png
data/flutter_assets/assets/images/divamo-512x512.png
.png
data/flutter_assets/assets/images/icon.png
.png
data/flutter_assets/assets/images/loading.gif
.gif
data/flutter_assets/assets/images/splash.png
.png
data/flutter_assets/assets/images/splash_1024.png
.png
data/flutter_assets/fonts/MaterialIcons-Regular.otf
data/flutter_assets/fonts/MyFlutterApp.ttf
data/flutter_assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
data/flutter_assets/packages/flutter_google_places/assets/google_black.png
.png
data/flutter_assets/packages/flutter_google_places/assets/google_white.png
.png
data/flutter_assets/packages/flutter_login/assets/images/ecorp.png
.png
data/flutter_assets/packages/fluttertoast/assets/toastify.css
data/flutter_assets/packages/fluttertoast/assets/toastify.js
.js
data/flutter_assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
data/flutter_assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
data/flutter_assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
data/flutter_assets/packages/rflutter_alert/assets/images/2.0x/close.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/2.0x/icon_error.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/2.0x/icon_info.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/2.0x/icon_success.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/2.0x/icon_warning.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/3.0x/close.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/3.0x/icon_error.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/3.0x/icon_info.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/3.0x/icon_success.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/3.0x/icon_warning.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/close.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/icon_error.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/icon_info.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/icon_success.png
.png
data/flutter_assets/packages/rflutter_alert/assets/images/icon_warning.png
.png
data/flutter_assets/packages/timezone/data/latest_all.tzf
data/flutter_assets/shaders/ink_sparkle.frag
data/icudtl.dat
divamo.exe
.exe windows:6 windows x64 arch:x64

e6b9ac91630e92d23146c8354d928015

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

04/10/2022, 00:00

Not After

03/10/2025, 23:59

Subject

CN=EvoluTEQC Solutions Inc,O=EvoluTEQC Solutions Inc,ST=Québec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

76:84:90:6b:6f:5c:6f:5d:38:9a:f1:d6:a5:85:d1:fe:db:b9:32:42
Signer

Actual PE Digest

76:84:90:6b:6f:5c:6f:5d:38:9a:f1:d6:a5:85:d1:fe:db:b9:32:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dwmapi

DwmSetWindowAttribute

charset_converter_plugin

CharsetConverterPluginRegisterWithRegistrar

permission_handler_windows_plugin

PermissionHandlerWindowsPluginRegisterWithRegistrar

url_launcher_windows_plugin

UrlLauncherWindowsRegisterWithRegistrar

webview_universal_plugin

WebviewUniversalPluginRegisterWithRegistrar

flutter_windows

FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineSetNextFrameCallback
FlutterDesktopViewControllerCreate
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSetCallback
FlutterDesktopEngineDestroy
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerRelease
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerLock
FlutterDesktopMessengerUnlock
FlutterDesktopEngineCreate
FlutterDesktopGetDpiForMonitor
FlutterDesktopResyncOutputStreams
FlutterDesktopViewGetHWND

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
InitializeSListHead
RtlCaptureContext
IsDebuggerPresent
GetCommandLineW
LocalFree
WideCharToMultiByte
AllocConsole
FreeLibrary
AttachConsole
GetModuleHandleW
GetProcAddress
LoadLibraryA
RtlLookupFunctionEntry
GetStartupInfoW

user32

MonitorFromPoint
LoadIconW
LoadCursorW
SetParent
SetWindowLongPtrW
GetWindowLongPtrW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
PostQuitMessage
RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
SetFocus
GetClientRect

shell32

CommandLineToArgvW

ole32

CoInitializeEx
CoUninitialize

advapi32

RegGetValueW

msvcp140

?sync_with_stdio@ios_base@std@@SA_N_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xbad_function_call@std@@YAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__current_exception_context
memcpy
memmove
_CxxThrowException
memset
__std_terminate
__std_exception_copy
__C_specific_handler
memcmp
__std_type_info_compare
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_exit
_get_wide_winmain_command_line
_initterm
_register_onexit_function
_crt_atexit
_initialize_wide_environment
terminate
_configure_wide_argv
_initterm_e
_cexit
exit
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
_invoke_watson
_c_exit
_set_app_type
_seh_filter_exe

api-ms-win-crt-stdio-l1-1-0

__p__commode
_fileno
freopen_s
__acrt_iob_func
_set_fmode
_dup2

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
flutter_windows.dll
.dll windows:5 windows x64 arch:x64

92c275589d09390b8f384096c514d281

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\b\s\w\ir\cache\builder\src\out\host_release\flutter_windows.dll.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegGetValueW
RegNotifyChangeKeyValue
SystemFunction036

iphlpapi

GetAdaptersAddresses

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
VarUI4FromStr
VariantInit
VariantClear
LoadTypeLi
VariantCopy
SysAllocString
LoadRegTypeLi
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData

psapi

EnumProcessModules
GetProcessMemoryInfo

shlwapi

PathIsRelativeW

rpcrt4

UuidCreateSequential
UuidToStringW
RpcStringFreeW

winmm

timeBeginPeriod
timeEndPeriod

ws2_32

connect
setsockopt
recv
send
shutdown
closesocket
getaddrinfo
socket
WSAIoctl
WSARecv
WSASend
ioctlsocket
WSARecvFrom
gethostname
htons
freeaddrinfo
ntohs
WSAAddressToStringW
WSAStartup
getsockname
getpeername
getnameinfo
InetPtonW
InetNtopW
bind
listen
WSASocketW
getsockopt
WSAGetLastError
WSASendTo
WSASetLastError

imm32

ImmSetCompositionStringW
ImmReleaseContext
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmSetCandidateWindow
ImmGetContext

user32

SetUserObjectInformationA
SystemParametersInfoW
GetFocus
DestroyCaret
CreateCaret
DefWindowProcW
GetWindowLongPtrW
SetTimer
KillTimer
PostMessageW
DestroyWindow
RegisterClassW
SetWindowLongPtrW
CreateWindowExW
SetClipboardData
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
CloseClipboard
MessageBeep
MapVirtualKeyW
RegisterTouchWindow
ScreenToClient
GetCursorPos
SetCursor
IsWindowVisible
LoadCursorW
NotifyWinEvent
ClientToScreen
MonitorFromPoint
ReleaseDC
GetDC
MonitorFromWindow
CharNextW
UnregisterClassW
WindowFromDC
GetWindowThreadProcessId
GetClientRect
IsIconic
IsWindow
InvalidateRect
CreateWindowExA
UnregisterClassA
GetClassInfoW
GetMessageExtraInfo
SetCapture
ReleaseCapture
TrackMouseEvent
GetTouchInputInfo
CloseTouchInputHandle
PeekMessageW
SendMessageW
GetKeyState
SetCaretPos

gdi32

DescribePixelFormat
SetPixelFormat
ChoosePixelFormat
SetDIBitsToDevice
GetDeviceCaps
GetPixelFormat
SwapBuffers

opengl32

wglGetProcAddress
wglGetCurrentContext

bcrypt

BCryptGenRandom

oleacc

LresultFromObject

uiautomationcore

UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d9

Direct3DCreate9
D3DPERF_GetStatus
D3DPERF_SetMarker
D3DPERF_BeginEvent
D3DPERF_EndEvent

kernel32

CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
RtlPcToFileHeader
GetStringTypeW
InitOnceComplete
InitOnceBeginInitialize
GetExitCodeThread
TryEnterCriticalSection
InitializeCriticalSectionEx
GetFileInformationByHandleEx
FindFirstFileExW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CloseThreadpoolWork
EncodePointer
LCMapStringEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeSListHead
SetEvent
GetTempFileNameA
GetModuleHandleExW
GetEnvironmentVariableW
SetEnvironmentVariableW
LoadLibraryExA
GetModuleHandleExA
GetModuleHandleA
LocaleNameToLCID
SleepConditionVariableSRW
VirtualQuery
TlsFree
WaitForSingleObjectEx
SystemTimeToFileTime
GetTempPathA
GetFileAttributesExW
AreFileApisANSI
QueryPerformanceCounter
QueryPerformanceFrequency
WakeAllConditionVariable
WakeConditionVariable
SleepConditionVariableCS
InitializeConditionVariable
TryAcquireSRWLockExclusive
SetFileTime
DeviceIoControl
MoveFileW
CopyFileExW
CreateSymbolicLinkW
GetFullPathNameW
UnlockFileEx
LockFileEx
VirtualProtect
SetFilePointerEx
SetFileAttributesW
MoveFileExW
GetConsoleScreenBufferInfo
GetExitCodeProcess
CreateNamedPipeW
GetCurrentProcessId
TerminateProcess
OpenProcess
WaitForMultipleObjects
CreateProcessW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLocaleName
CompareStringEx
GetCPInfo
RtlUnwindEx
InterlockedFlushSList
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetDriveTypeW
PeekNamedPipe
ReadConsoleW
CreatePipe
TzSpecificLocalTimeToSystemTime
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
SubmitThreadpoolWork
SetCurrentDirectoryW
GetCurrentDirectoryW
GetQueuedCompletionStatus
ReadDirectoryChangesW
WriteFile
PostQueuedCompletionStatus
GetFileType
OpenThread
CancelIoEx
CreateIoCompletionPort
SetStdHandle
SetConsoleMode
GetConsoleMode
GetStdHandle
SetConsoleCP
SetConsoleOutputCP
GetConsoleOutputCP
SetConsoleCtrlHandler
InitializeCriticalSection
GetFinalPathNameByHandleA
TlsSetValue
SetLastError
TlsAlloc
TlsGetValue
ReleaseSRWLockExclusive
ReleaseSRWLockShared
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
RaiseException
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetProcAddress
FormatMessageW
LoadLibraryA
CreateEventW
RegisterWaitForSingleObject
ResetEvent
UnregisterWait
CloseHandle
GetCurrentThread
SetThreadPriority
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetThreadPreferredUILanguages
GetLocaleInfoEx
GetCurrentThreadId
OutputDebugStringW
LocalFree
GetCurrentProcess
GetProcessHeap
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
IsDebuggerPresent
GetCommandLineW
WideCharToMultiByte
GetTempPathW
CreateDirectoryW
CreateFileW
DuplicateHandle
GetFileInformationByHandle
GetFileAttributesW
RemoveDirectoryW
DeleteFileW
SetFilePointer
SetEndOfFile
FlushViewOfFile
FlushFileBuffers
FindFirstFileW
FindNextFileW
FindClose
GetFinalPathNameByHandleW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateWaitableTimerW
VerSetConditionMask
VerifyVersionInfoW
SetWaitableTimer
LoadLibraryW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateFileA
Sleep
GetSystemInfo
VirtualFree
VirtualAlloc
GetNativeSystemInfo
FormatMessageA
OutputDebugStringA
GetFileSizeEx
ReadFile
ExitProcess
InitOnceExecuteOnce
InitializeSRWLock
AcquireSRWLockShared
AcquireSRWLockExclusive
WriteConsoleW

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CertCloseStore

Exports

Exports

??0PlatformMethods@angle@@QEAA@XZ
??4PlatformMethods@angle@@QEAAAEAU01@$$QEAU01@@Z
??4PlatformMethods@angle@@QEAAAEAU01@AEBU01@@Z
ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
FlutterDesktopEngineCreate
FlutterDesktopEngineDestroy
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineGetTextureRegistrar
FlutterDesktopEngineProcessMessages
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineRun
FlutterDesktopEngineSetNextFrameCallback
FlutterDesktopGetDpiForHWND
FlutterDesktopGetDpiForMonitor
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerLock
FlutterDesktopMessengerRelease
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerUnlock
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarSetDestructionHandler
FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopResyncOutputStreams
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopViewControllerCreate
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerForceRedraw
FlutterDesktopViewControllerGetEngine
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopViewGetGraphicsAdapter
FlutterDesktopViewGetHWND

Sections

.text
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
permission_handler_windows_plugin.dll
.dll windows:6 windows x64 arch:x64

f3332d88cd042c6e92ecd1498633560f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSetCallback
FlutterDesktopPluginRegistrarSetDestructionHandler

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
_Thrd_yield
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

__std_terminate
_CxxThrowException
memcmp
memcpy
memmove
memset
__std_type_info_compare
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
abort
_initterm
_initterm_e
_errno
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invoke_watson
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

iswspace

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

kernel32

DisableThreadLibraryCalls
InitializeSListHead
CloseHandle
EnterCriticalSection
LeaveCriticalSection
TrySubmitThreadpoolCallback
InterlockedPushEntrySList
GetLastError
FormatMessageW
GetProcessHeap
HeapFree
HeapAlloc
MultiByteToWideChar
FreeLibrary
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

ole32

CoCreateFreeThreadedMarshaler
CoGetObjectContext
CoGetApartmentType

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
SysStringLen
SetErrorInfo

Exports

Exports

PermissionHandlerWindowsPluginRegisterWithRegistrar

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe.nsis
url_launcher_windows_plugin.dll
.dll windows:6 windows x64 arch:x64

aab303bd66e37f6f761020d4ae9a0a30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
CloseHandle

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xbad_function_call@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

vcruntime140

memset
__std_type_info_compare
__current_exception
__current_exception_context
__C_specific_handler
memchr
memmove
memcpy
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcmp
__std_type_info_destroy_list
_purecall
__std_terminate

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_configure_narrow_argv
_execute_onexit_table
_initterm_e
_initterm
terminate
_register_onexit_function
_initialize_onexit_table
_invoke_watson
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

UrlLauncherWindowsRegisterWithRegistrar

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webview_universal_plugin.dll
.dll windows:6 windows x64 arch:x64

4c0e23949c5e147dce1c5faeec2be598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

webview2loader

GetAvailableCoreWebView2BrowserVersionString
CreateCoreWebView2EnvironmentWithOptions

flutter_windows

FlutterDesktopEngineCreate
FlutterDesktopEngineDestroy
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineGetMessenger
FlutterDesktopViewControllerCreate
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerGetView
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopGetDpiForMonitor
FlutterDesktopViewGetHWND
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
WaitForSingleObject
IsDebuggerPresent
DebugBreak
OutputDebugStringW
CloseHandle
GetLastError
SetLastError
HeapAlloc
HeapFree
GetProcessHeap
ReleaseSemaphore
ReleaseMutex

user32

DestroyWindow
CreateWindowExW
DefWindowProcW
MoveWindow
SetWindowPos
UpdateWindow
GetClientRect
GetWindowLongPtrW
SetWindowLongPtrW
SetParent
MonitorFromPoint
MonitorFromRect
RegisterClassW
LoadCursorW
LoadIconW
GetMonitorInfoW
ShowWindow

ole32

CoTaskMemFree

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xbad_function_call@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA

vcruntime140

memcmp
_CxxThrowException
__std_terminate
memcpy
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__C_specific_handler
__current_exception_context
__current_exception
__std_type_info_compare
_purecall
memmove
memset

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
_initterm
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_initialize_narrow_environment
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_errno
_initterm_e
terminate
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsnprintf_s

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

WebviewUniversalPluginRegisterWithRegistrar

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win/DivamoCFP.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

04/10/2022, 00:00

Not After

03/10/2025, 23:59

Subject

CN=EvoluTEQC Solutions Inc,O=EvoluTEQC Solutions Inc,ST=Québec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ba:c6:66:cf:7c:6a:27:ea:62:e9:84:25:9d:3d:76:79:28:6c:ae:c2
Signer

Actual PE Digest

ba:c6:66:cf:7c:6a:27:ea:62:e9:84:25:9d:3d:76:79:28:6c:ae:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\douang-asus\Desktop\projet vs\DivamoCFP\DivamoCFP\obj\Release\DivamoCFP.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win/MySql.Data.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\ade\build-cnet\sb_1-28382869-1524778969.07\connector-net\Source\MySql.Data\obj\v4.5\MySql.Data.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
windows1252_encoder.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

04/10/2022, 00:00

Not After

03/10/2025, 23:59

Subject

CN=EvoluTEQC Solutions Inc,O=EvoluTEQC Solutions Inc,ST=Québec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:78:7d:0f:b4:f7:6d:15:24:4a:a1:fb:9a:38:87:07:44:3f:1b:15
Signer

Actual PE Digest

7b:78:7d:0f:b4:f7:6d:15:24:4a:a1:fb:9a:38:87:07:44:3f:1b:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\douang-asus\Desktop\projet vs\windows1252_encoder\windows1252_encoder\obj\Debug\windows1252_encoder.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced282d9b261d1462772017fe2f6972b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6aCertificate

Extended Key Usages

Key Usages

a3:85:ce:98:bb:9c:f6:4f:e9:16:fa:60:c7:f6:71:6d:0d:22:fb:6dSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 149KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 17KB

610235b90207a63ccf481f0d4375d329

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

274b99a815ba574d8c9e1712916d8b30

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 362B

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

a3:85:ce:98:bb:9c:f6:4f:e9:16:fa:60:c7:f6:71:6d:0d:22:fb:6d
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 149KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 362B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 636B

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

c3:07:aa:ec:6b:6f:5a:97:1a:76:d8:f6:8a:66:f9:77:34:a3:28:9d:37:04:ca:27:7b:58:69:3c:fa:4f:00:91
Signer

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 4KB

.00cfg
Size: 512B - Virtual size: 40B

.tls
Size: 512B - Virtual size: 9B

.voltbl
Size: 512B - Virtual size: 62B

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 356B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

8d:fa:18:f3:16:cb:2c:f4:15:c0:08:1e:c4:55:2f:6a
Certificate

76:84:90:6b:6f:5c:6f:5d:38:9a:f1:d6:a5:85:d1:fe:db:b9:32:42
Signer