Game_Setup v5[.]11[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Game_Setup v5.11.zip
Size

42.3MB
MD5

3996177191708b4c311e0d6f5577a2e1
SHA1

36983c32342d7e92c5d681a7316c3555f1e82ec2
SHA256

0069062fe6230e10aaf3c810c471725e963b4b47ea094328681de072a8ffa6f3
SHA512

b2d654587059b359bf2d833858f8234071d093b4ed09e628559cff57a60cad211e3c5a54ac6304566a04cdda3627fb2296a9db962e525ac9ecf81edc18ef0883
SSDEEP

786432:c52QoF4U20MZ1JY35ZKYBvUHzWdENtXDUkE+HJQkBoLFCWIL6o9/IgyJzMxu:y2K0p5pBcptTlHekiC7me/IJ6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/Update/7-zip.dll
unpack001/Update/7-zip32.dll
unpack001/Update/7z.dll

Files

Game_Setup v5.11.zip
.zip
Config/audit/packs.dll
Config/audit/source.dll
Config/audit/updater.exe
.exe windows:6 windows x64 arch:x64

a48c772826ef5fbef5f9d4ddcfb60aea

Code Sign

06:e9:03:cc:ee:6d:b3:0d:2a:4f:91:74:3e:b1:6e:b0
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

05-06-2020 00:00

Not After

14-06-2023 12:00

Subject

SERIALNUMBER=HRB72838,CN=Ableton AG,OU=IT OPS,O=Ableton AG,L=Berlin,C=DE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13064265726c696e,1.3.6.1.4.1.311.60.2.1.2=#13064265726c696e,1.3.6.1.4.1.311.60.2.1.3=#13024445

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:9d:37:96:c1:c3:08:c1:da:8a:55:64:22:1d:55:7e:46:44:10:f6:bd:9a:98:e0:37:72:e5:c8:b3:b8:34:d3
Signer

Actual PE Digest

e0:9d:37:96:c1:c3:08:c1:da:8a:55:64:22:1d:55:7e:46:44:10:f6:bd:9a:98:e0:37:72:e5:c8:b3:b8:34:d3

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\Jenkins\live\output\Live\win_64_static\Release\Live.pdb

Imports

kernel32

SetThreadStackGuarantee
TryAcquireSRWLockExclusive
SetFileCompletionNotificationModes
ReleaseSRWLockShared
SleepConditionVariableSRW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CloseHandle
OpenFileMappingW
OpenEventA
ReadConsoleA
SetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
GetFileInformationByHandleEx
GetModuleHandleExW
AcquireSRWLockShared
CreateProcessW
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
InitializeSListHead
InitOnceComplete
InitOnceBeginInitialize
SignalObjectAndWait
MulDiv
TryEnterCriticalSection
OpenFile
ExitProcess
GetEnvironmentVariableA
MoveFileExA
InitializeCriticalSectionEx
GetSystemDirectoryA
GetModuleHandleA
VirtualQuery
GetFileSize
LockFileEx
UnlockFile
HeapDestroy
HeapCompact
HeapReAlloc
DeleteFileA
LoadLibraryA
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
GetDiskFreeSpaceW
HeapCreate
MapViewOfFileEx
CreateFileMappingA
ConnectNamedPipe
CancelIoEx
DisconnectNamedPipe
CreateNamedPipeA
SetNamedPipeHandleState
GetQueuedCompletionStatusEx
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
InitOnceExecuteOnce
GetTempFileNameA
GetTempPathA
ResumeThread
GetThreadPriority
OpenThread
CreateProcessA
GetCommandLineA
GetModuleFileNameA
SetConsoleTextAttribute
AreFileApisANSI
CopyFileW
CreateDirectoryExW
GetEnvironmentVariableW
GetDynamicTimeZoneInformation
GetVolumeNameForVolumeMountPointW
GetLogicalDrives
SwitchToThread
OpenMutexW
GlobalHandle
CreateMutexA
DuplicateHandle
SetThreadAffinityMask
CreateWaitableTimerW
GetQueuedCompletionStatus
SetWaitableTimer
CreateIoCompletionPort
SleepEx
InitializeCriticalSectionAndSpinCount
CreateEventW
DebugBreak
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
SetThreadExecutionState
CreateThread
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingW
CreateMutexW
PostQueuedCompletionStatus
QueueUserAPC
TerminateThread
WaitForMultipleObjects
WaitForSingleObject
FormatMessageA
GetCommandLineW
SetDllDirectoryW
GetVolumeInformationW
GetSystemDirectoryW
lstrlenW
GetLongPathNameW
GetTempPathW
ReplaceFileW
SetUnhandledExceptionFilter
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemTime
SetPriorityClass
GetProcessId
GetExitCodeProcess
GetDriveTypeW
GetFileTime
SetEndOfFile
SetFilePointerEx
GetFileSizeEx
FlushFileBuffers
SetThreadPriority
OutputDebugStringA
RtlCaptureContext
GetProcessAffinityMask
K32GetProcessMemoryInfo
GlobalMemoryStatusEx
FlushInstructionCache
IsDebuggerPresent
GetUserPreferredUILanguages
Process32NextW
Process32FirstW
GetACP
GetLocaleInfoA
GetThreadTimes
GetCurrentThread
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
GetComputerNameExW
VerifyVersionInfoA
ExpandEnvironmentStringsW
GetStringTypeW
GetNumberOfConsoleInputEvents
WriteConsoleW
ResetEvent
ReadConsoleW
GetConsoleMode
AddVectoredExceptionHandler
RaiseException
RemoveVectoredExceptionHandler
LoadLibraryExW
FreeLibrary
SetErrorMode
GetTickCount
TlsFree
TlsGetValue
GetProcessHeap
HeapAlloc
TlsAlloc
GetCurrentThreadId
HeapFree
TlsSetValue
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
GetSystemTimeAdjustment
CreateEventA
SetEvent
GetFileType
GetConsoleCP
GetConsoleOutputCP
GenerateConsoleCtrlEvent
GetProcessTimes
GetSystemTimeAsFileTime
GetModuleHandleW
MoveFileExW
GetProcAddress
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
GetSystemInfo
Process32Next
DeleteFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetFileAttributesW
GetVolumePathNameW
FindClose
CreateHardLinkW
CreatePipe
SetEnvironmentVariableW
SetFileTime
GetFinalPathNameByHandleW
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetStdHandle
GetCurrentProcess
FindNextFileW
GetFullPathNameW
GetHandleInformation
SetLastError
GetConsoleScreenBufferInfo
SetHandleInformation
Process32First
FindFirstFileW
CreateDirectoryW
OutputDebugStringW
CreateSemaphoreA
DeleteCriticalSection
WaitForSingleObjectEx
InitializeCriticalSection
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
VirtualAlloc
VirtualFree
LocalFree
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
GetLastError
CreateFileW
SetFilePointer
WriteFile
ReadFile
Sleep
GetModuleFileNameW

user32

AdjustWindowRectEx
DestroyMenu
CreateMenu
DrawMenuBar
SetWindowLongW
CreateWindowExW
RegisterClassExW
AppendMenuW
RemoveMenu
LoadCursorW
SetMenuItemInfoW
MessageBoxExW
DeleteMenu
BroadcastSystemMessageW
RegisterWindowMessageW
GetTopWindow
InSendMessage
ReplyMessage
OpenClipboard
EmptyClipboard
GetWindowLongW
SetClipboardData
SetCapture
CloseClipboard
GetClipboardSequenceNumber
SetCursor
SetCursorPos
ShowCursor
InvalidateRect
LoadCursorFromFileW
DestroyCursor
GetDC
ReleaseDC
MessageBoxA
RegisterDeviceNotificationW
UnregisterDeviceNotification
MapVirtualKeyW
RegisterClassW
MoveWindow
ToUnicode
SetRect
SendMessageW
CallWindowProcW
MessageBoxW
SetTimer
KillTimer
CharLowerBuffA
FillRect
DrawTextA
DrawTextExA
SetRectEmpty
MsgWaitForMultipleObjects
PeekMessageA
EnumDisplayDevicesW
DispatchMessageA
GetQueueStatus
FlashWindowEx
LoadIconW
PostThreadMessageA
GetProcessWindowStation
DestroyWindow
GetUserObjectInformationW
PeekMessageW
MonitorFromPoint
GetMonitorInfoW
PostQuitMessage
ShutdownBlockReasonCreate
ShutdownBlockReasonDestroy
GetKeyState
ShowWindow
SetForegroundWindow
EnableWindow
GetMenu
GetWindowLongPtrW
SetWindowLongPtrW
WaitForInputIdle
GetWindow
MonitorFromWindow
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetClientRect
GetUpdateRect
ValidateRect
SetWindowPlacement
GetWindowPlacement
GetWindowRect
GetGestureInfo
PostMessageW
EnumChildWindows
EnumWindows
DefWindowProcW
ToAscii
GetWindowThreadProcessId
IsWindowVisible
GetCursorPos
SystemParametersInfoW
GetDoubleClickTime
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetActiveWindow
WindowFromPoint
ScreenToClient
SetFocus
IsWindowEnabled
SetMenu
RegisterWindowMessageA
GetKeyboardLayoutNameW
EnumDisplayMonitors
BringWindowToTop
UpdateWindow
GetParent
SetWindowPos
ClientToScreen
GetClassNameW
GetKeyboardState
CloseGestureInfoHandle
GetWindowInfo
GetSystemMetrics
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMenu
EnableMenuItem
GetActiveWindow
ReleaseCapture

msvcp140

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??_7_Facet_base@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Xout_of_range@std@@YAXPEBD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??_7facet@locale@std@@6B@
??_7codecvt_base@std@@6B@
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Incref@facet@locale@std@@UEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Xbad_alloc@std@@YAXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0facet@locale@std@@IEAA@_K@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
_Strxfrm
_Strcoll
?id@?$collate@D@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
_Cnd_wait
?id@?$messages@D@std@@2V0locale@2@A
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Cnd_broadcast
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?widen@?$ctype@D@std@@QEBADD@Z
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?_Xruntime_error@std@@YAXPEBD@Z
?narrow@?$ctype@D@std@@QEBADDD@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pubsetbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAPEAV12@PEAD_J@Z
?in_avail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Random_device@std@@YAIXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@PEAV32@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
_Thrd_detach
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_join
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
?classic@locale@std@@SAAEBV12@XZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
_Xtime_get_ticks
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z
?toupper@?$ctype@D@std@@QEBADD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_signal
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
_Mtx_trylock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_timedwait
_Mtx_current_owns
?_Xoverflow_error@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
_Query_perf_counter
_Query_perf_frequency
?exceptions@ios_base@std@@QEAAXH@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
_Thrd_yield
?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
?do_in@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?do_always_noconv@?$codecvt@_WDU_Mbstatet@@@std@@MEBA_NXZ
?do_max_length@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHXZ
?do_encoding@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHXZ
?do_out@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?do_unshift@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?do_length@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__CxxFrameHandler3
__std_terminate
__RTDynamicCast
__std_type_info_hash
_CxxThrowException
memcmp
__current_exception_context
__current_exception
longjmp
memcpy
wcsstr
__C_specific_handler
memmove
_set_se_translator
memset
strstr
wcsrchr
wcschr
strrchr
strchr
__RTtypeid
__std_type_info_compare
__std_type_info_name
_purecall
__std_exception_destroy
__std_exception_copy
_set_purecall_handler
__RTCastToVoid
__intrinsic_setjmp
memchr

api-ms-win-crt-runtime-l1-1-0

raise
_set_abort_behavior
terminate
set_terminate
fesetenv
fegetenv
strerror_s
_getpid
_beginthreadex
_endthreadex
strerror
_exit
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
_cexit
_set_thread_local_invalid_parameter_handler
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
abort
_register_onexit_function
_crt_atexit
_wsystem
signal
_control87
exit
__fpe_flt_rounds
__sys_nerr
_errno
__sys_errlist
_c_exit

api-ms-win-crt-stdio-l1-1-0

_wfopen
fputs
_chsize_s
_lseeki64
_wopen
_commit
_open_osfhandle
_get_osfhandle
getc
rewind
_setmode
fgets
feof
__stdio_common_vsprintf_s
__stdio_common_vswprintf
ftell
ferror
fopen
fseek
_ftelli64
__acrt_iob_func
__stdio_common_vfprintf
clearerr
fgetc
ungetc
fread
_fseeki64
__stdio_common_vsscanf
__stdio_common_vswscanf
fgetpos
fsetpos
setvbuf
_fileno
_locking
_dup
fflush
_wfopen_s
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
_creat
_wfsopen
_lseek
_write
_read
_open
_dup2
_close
fputc
fwrite
fclose
_get_stream_buffer_pointers
_isatty
_getcwd
_set_fmode
__p__commode

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_umask
_wstat64
_fstat64
_lock_file
_wstat64i32
_access
_fstat64i32
_stat64i32
remove
_mkdir
_unlink
_stat64

api-ms-win-crt-math-l1-1-0

truncf
fminf
fmaxf
_fdsign
floorf
cosf
sinf
ceilf
nextafter
powf
sqrtf
__setusermatherr
sinh
tanh
trunc
atanf
roundf
atan2f
erfc
sqrt
asin
erf
lrintf
sin
atan
acos
pow
nextafterf
log2
lround
floor
fabs
tan
fmin
hypot
tanf
cos
copysign
modf
frexp
ldexp
_finite
_isnan
copysignf
_dsign
ceil
cosh
lroundf
_fdopen
log2f
cbrt
exp
llround
round
expf
logf
fmodf
modff
exp2f
tanhf
_dclass
_fdclass
_ldclass
llrint
acosf
atan2
fmod
log
log10
log10f
sinhf
exp2

api-ms-win-crt-heap-l1-1-0

_msize
realloc
calloc
malloc
_callnewh
_aligned_realloc
_aligned_free
_aligned_malloc
free
_set_new_mode

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcsncpy
strncpy
isxdigit
strlen
isalnum
wcsxfrm
wcscoll
wcsnlen
wcstok
_stricmp_l
strncat
strnlen
strcpy_s
strncmp
tolower
strspn
isspace
isdigit
strcspn
_strnicmp
iswprint
iswspace
isupper
strcmp
iscntrl
iswdigit
_wcsicmp
_strdup
wcsncmp
towlower
_stricmp
wcscpy_s
isprint
toupper
wcscat_s
isalpha

api-ms-win-crt-utility-l1-1-0

rand
qsort
bsearch
rand_s
srand

api-ms-win-crt-time-l1-1-0

_localtime64
_tzset
_time64
_localtime64_s
_gmtime64_s
clock
__timezone
_gmtime64
_ctime64
_mktime64
strftime
_difftime64
__tzname
__daylight

api-ms-win-crt-multibyte-l1-1-0

_mbsncmp
_mbspbrk
_mbschr
_mbsnbcpy

api-ms-win-crt-convert-l1-1-0

strtoull
_wcstoi64
atoi
strtod
strtoll
_wtoi
atof
atoll
strtoul
strtol
wcstol
wcstombs
mbstowcs
strtof
_wcstod_l

api-ms-win-crt-environment-l1-1-0

__p__wenviron
getenv
_wgetenv
_wgetcwd
_wputenv

api-ms-win-crt-locale-l1-1-0

setlocale
_free_locale
_create_locale
localeconv
_configthreadlocale

api-ms-win-crt-process-l1-1-0

_wspawnv
_wexecve
_cwait
_wspawnve
_wexecv

mswsock

AcceptEx

bcrypt

BCryptGenRandom
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider

avrt

AvSetMmThreadCharacteristicsW

dbghelp

MiniDumpWriteDump

iphlpapi

GetAdaptersAddresses

shlwapi

PathCanonicalizeW
StrCmpLogicalW
PathCombineW

crypt32

CertEnumCRLsInStore
CertGetEnhancedKeyUsage
CertFreeCRLContext
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
PFXImportCertStore
CryptStringToBinaryA
CryptProtectData
CryptUnprotectData
CertDuplicateStore
CertDuplicateCertificateChain
CertVerifyCertificateChainPolicy
CertFindCertificateInStore
CryptDecodeObjectEx
CertGetCertificateChain
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CryptQueryObject
CertFreeCertificateChain
CertGetNameStringA
CertFindExtension
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertGetCertificateContextProperty

ws2_32

WSAPoll
WSARecv
WSAStringToAddressW
WSAAddressToStringW
WSASendTo
WSAGetLastError
getsockopt
send
WSARecvFrom
shutdown
select
__WSAFDIsSet
setsockopt
getnameinfo
ioctlsocket
sendto
freeaddrinfo
htons
inet_ntop
htonl
recv
WSASend
recvfrom
getservbyname
inet_ntoa
connect
ntohs
socket
getservbyport
getprotobyname
gethostbyaddr
getsockname
inet_addr
getpeername
WSAStartup
WSACleanup
getaddrinfo
inet_pton
accept
WSASocketW
WSASetLastError
bind
listen
WSAIoctl
closesocket
gethostbyname
ntohl
WSADuplicateSocketW

d3d11

D3D11CreateDevice

dwmapi

DwmFlush
DwmGetCompositionTimingInfo
DwmIsCompositionEnabled

imm32

ImmGetContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow

opengl32

glGenTextures
glDeleteTextures
glDisable
glBlendFunc
glEnable
glEnd
glVertex2f
glTexCoord2f
glBegin
glTexSubImage2D
glPixelStorei
glLoadIdentity
glColor3f
glBindTexture
glGetError
glGetTexLevelParameteriv
glTexImage2D
glGetIntegerv
wglCreateContext
glViewport
glMatrixMode
wglDeleteContext
wglGetCurrentDC
wglGetCurrentContext
wglMakeCurrent
wglGetProcAddress
glGetString
glTexParameteri
glTexParameterfv

shell32

DragAcceptFiles
SHCreateItemFromParsingName
DragQueryFileW
SHGetSpecialFolderPathA
SetCurrentProcessExplicitAppUserModelID
SHGetKnownFolderPath
ShellExecuteExW
FindExecutableW
ShellExecuteW
CommandLineToArgvW
SHAddToRecentDocs

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

dsound

ord1
ord8
ord6
ord3

rex shared library

REXDelete
REXCreate
REXInitializeDLL
REXGetSliceInfo
REXGetInfo
REXRenderSlice

gdi32

BitBlt
GetPixel
SelectObject
ChoosePixelFormat
CreateCompatibleDC
DeleteObject
SetBkColor
SwapBuffers
DescribePixelFormat
SetPixelFormat
GetStockObject
CreateDIBSection
SetTextColor
DeleteDC

ole32

OleInitialize
CoUninitialize
CoLockObjectExternal
OleUninitialize
RevokeDragDrop
StringFromGUID2
CLSIDFromString
CoInitialize
CoTaskMemFree
CoCreateInstance
OleGetClipboard
GetRunningObjectTable
CoTaskMemAlloc
CreateItemMoniker
ReleaseStgMedium
RegisterDragDrop
DoDragDrop
CoFreeUnusedLibraries

oleaut32

SysAllocString
SysFreeString

winmm

midiOutUnprepareHeader
midiOutLongMsg
timeEndPeriod
midiOutShortMsg
midiOutClose
midiOutReset
midiOutPrepareHeader
timeBeginPeriod
midiInStop
midiInReset
timeGetTime
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutOpen
waveOutClose
waveOutPause
waveOutRestart
waveOutReset
waveOutGetPosition
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInGetPosition
waveInStart
waveInReset
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
timeSetEvent
timeKillEvent
waveInGetErrorTextA
midiInGetDevCapsW
midiInMessage
midiInGetNumDevs
midiOutGetDevCapsW
midiOutMessage
midiOutGetNumDevs
midiInPrepareHeader
midiInAddBuffer
midiInUnprepareHeader
midiInOpen
midiInClose
midiInStart
midiOutOpen

usflib

XUsfProgGetTuno
XUsfProgGetVelFade
XUsfBankDelete
XUsfStreamDelete
XUsfVoiceGetTuno
XUsfSampSamplePitch
XUsfSampNumberOfChannels
XUsfSampIsLooped
XUsfSampGetFormat
XUsfVoiceChannelName
XUsfVoiceIsInterleaved
XUsfVoiceIsExternal
XUsfVoiceIsLooped
XUsfModGetDepthExt
XUsfModGetControl
XUsfEnvSegmentRate
XUsfEnvSegmentCount
XUsfProgLfoCount
XUsfProgGetDim
XUsfProgHasCrossFade
XUsfProgDimCount
XUsfProgGetVcfKeyFollow
XUsfProgGetLevelRange
XUsfProgGetCrossfade
XUsfImportUsfProgramName
XUsfImportUsfFileName
XUsfImportUsfCurrentFolder
XUsfLibNew
XUsfLibNewFileImport
XUsfLibNewImageImport
XUsfImportUsfVolumeName
XUsfImportUsfVolumeCount
XUsfImportUsfCloseSubFolder
XUsfImportUsfFolderName
XUsfImportUsfFolderCount
XUsfImportUsfFileCount
XUsfImportUsfOpenSubFolder
XUsfImportUsfOpenFolder
XUsfImportUsfProgramCount
XUsfImportUsfOpenFileByName
XUsfImportUsfOpenFile
XUsfBankGetProgram
XUsfBankProgramCount
XUsfImportUsfLoadProgram
XUsfBankNew
XUsfProgHasReleaseTrigger
XUsfProgSplitByGroup
XUsfProgGetReleaseTrigger
XUsfProgIsSet
XUsfProgSplitBadStereo
XUsfProgFlatten
XUsfNodeGetName
XUsfNodeGetChildByIndex
XUsfNodeChildCount
XUsfEnvGetSustainIndex
XUsfEnvSegmentLevel
XUsfEnvSegmentRateByType
XUsfEnvSegmentLevelByType
XUsfModGetSource
XUsfModGetDepthInt
XUsfLfoGetDelay
XUsfLfoGetRate
XUsfLfoGetSync
XUsfLfoGetTrig
XUsfLfoGetWave
XUsfProgGetLfo
XUsfModGetDestin
XUsfProgGetMod
XUsfProgModCount
XUsfProgGetEnvAux
XUsfProgGetEnvMod
XUsfProgVcaByEnv
XUsfEnvSetDestination
XUsfProgGetEnvAmp
XUsfProgVcfByEnv
XUsfProgVcfByVel
XUsfProgGetFilter
XUsfProgVcaByVel
XUsfProgGetTranspose
XUsfImportDelete
XUsfVoiceRootKey
XUsfProgPitchTracking
XUsfProgVcaLevel
XUsfProgGetPano
XUsfVoiceChannelCount
XUsfVoiceChannelStart
XUsfVoiceChannelEnd
XUsfVoiceChannelLoopStart
XUsfVoiceChannelLoopEnd
XUsfVoicePlayMode
XUsfImportUsfGetFormat
XUsfVoiceLoopCrossfade
XUsfVoiceIsDummy
XUsfVoiceSampleCount
XUsfSampIsExternal
XUsfVoiceIsStereo
XUsfVoiceCanInterleave
XUsfVoiceVoiceName
XUsfVoiceChannelSize
XUsfVoiceSampleRate
XUsfVoiceBitDepth
XUsfLibDelete
XUsfProgPitchByEnv
XUsfProgGetPitchBend
XUsfProgGetGlide
XUsfProgGetPolyphony
XUsfProgGetNextZone
XUsfStreamGetAudioByFloats
XUsfStreamGetAudioByShorts
XUsfImportUsfCreateStream
XUsfProgGetKeyFade
XUsfStreamSetOffset
XUsfProgGetKeyRange
XUsfProgGetVoice
XUsfSampGetFolderPathByArgs
XUsfSampGetFileName
XUsfVoiceGetSample
XUsfSampGetFullPath
XUsfProgGetVelRange

advapi32

RegCreateKeyW
GetUserNameW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegSetValueW
RegQueryValueExW
RegEnumValueW
SystemFunction036
RegDeleteValueW
RegConnectRegistryW
RegSetKeyValueW
RegOpenKeyExW
RegLoadKeyW
RegQueryInfoKeyA
RegSetValueExW
RegEnumKeyExW
RegSaveKeyW
RegCreateKeyExW
RegFlushKey
RegQueryValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegDeleteTreeW
CryptEnumProvidersW
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyA
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegGetValueW

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

wininet

InternetGetConnectedState

ntdll

NtDeviceIoControlFile
RtlNtStatusToDosError
NtCancelIoFileEx
NtCreateFile

secur32

ApplyControlToken
QueryContextAttributesW
AcceptSecurityContext
InitializeSecurityContextW
FreeContextBuffer
DecryptMessage
DeleteSecurityContext
FreeCredentialsHandle
EncryptMessage
AcquireCredentialsHandleA

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
PyInit_Application
PyInit_Base
PyInit_Browser
PyInit_Chain
PyInit_ChainMixerDevice
PyInit_Clip
PyInit_ClipSlot
PyInit_CompressorDevice
PyInit_Conversions
PyInit_Device
PyInit_DeviceIO
PyInit_DeviceParameter
PyInit_DrumChain
PyInit_DrumPad
PyInit_Eq8Device
PyInit_Groove
PyInit_GroovePool
PyInit_HybridReverbDevice
PyInit_ListWrapper
PyInit_Listener
PyInit_Live
PyInit_LomObject
PyInit_MaxDevice
PyInit_MidiMap
PyInit_MidiRemoteScript
PyInit_MixerDevice
PyInit_MxDManager
PyInit_PluginDevice
PyInit_RackDevice
PyInit_Sample
PyInit_Scene
PyInit_ShifterDevice
PyInit_SimplerDevice
PyInit_Song
PyInit_SpectralResonatorDevice
PyInit_Track
PyInit_WavetableDevice
PyInit_live_io

Sections

.text
Size: 67.2MB - Virtual size: 67.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21.3MB - Virtual size: 21.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.6MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IPPDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:6 windows x64 arch:x64

d309dd91e2ebd5238728f8f2ffd958fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
AddVectoredContinueHandler
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateMutexA
CreateSemaphoreA
CreateThread
CreateWaitableTimerExW
DeleteAtom
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
FormatMessageA
FreeEnvironmentStringsW
GetAtomNameA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
RaiseFailFastException
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetLastError
SetProcessAffinityMask
SetProcessPriorityBoost
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthread
_beginthreadex
_cexit
_commode
_endthreadex
_errno
_fmode
_initterm
_lock
_memccpy
_onexit
_setjmp
_strdup
_ultoa
_unlock
abort
calloc
exit
fprintf
fputc
free
fwrite
localeconv
longjmp
malloc
memcpy
memmove
memset
printf
realloc
signal
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

_cgo_dummy_export

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 330KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/7-zip.dll
.dll regsvr32 windows:4 windows x64 arch:x64

dc4a85fe6dbf15d17ea0dc27522a7db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gdi32

DeleteObject

ole32

CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

user32

LoadStringW
RegisterClipboardFormatW
InsertMenuItemW
CharUpperW
LoadBitmapW
DestroyMenu
CreatePopupMenu
MessageBoxW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

SHGetDesktopFolder
SHGetPathFromIDListW

msvcrt

memcpy
_CxxThrowException
__CxxFrameHandler
memmove
wcscmp
wcsstr
malloc
free
srand
rand
memset
memcmp
wcslen
__C_specific_handler
??1type_info@@UEAA@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm

kernel32

GetSystemDefaultLangID
GetUserDefaultLangID
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
MapViewOfFile
CreateFileMappingW
GlobalSize
GlobalUnlock
GlobalLock
lstrlenW
CreateProcessW
GetCurrentProcess
ReadFile
GetFileSize
InitializeCriticalSection
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
UnmapViewOfFile
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
FindClose
GetFileInformationByHandle
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetCurrentDirectoryW
GetModuleHandleW
GetProcAddress
CreateFileW
SetFileTime
CloseHandle
RtlCaptureContext
FormatMessageW
LocalFree
GetModuleFileNameW
GetTickCount
GetLastError
MultiByteToWideChar
WideCharToMultiByte

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/7-zip32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9e9d8f6c8da448fa3e27f7fe8fa7b419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

DeleteObject

ole32

ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc

user32

CreatePopupMenu
DestroyMenu
MessageBoxW
LoadBitmapW
RegisterClipboardFormatW
LoadStringW
InsertMenuItemW
CharUpperW

advapi32

RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetDesktopFolder
SHGetPathFromIDListW

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
_except_handler3
wcslen
_purecall
memcmp
memset
rand
srand
free
malloc
wcscmp
wcsstr
memmove
memcpy
_CxxThrowException
__CxxFrameHandler
??1type_info@@UAE@XZ

kernel32

GetVersionExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
WaitForMultipleObjects
GlobalSize
GlobalLock
InterlockedDecrement
lstrlenW
CreateProcessW
ReadFile
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
InterlockedIncrement
GetUserDefaultLangID
GetSystemDefaultLangID
InitializeCriticalSection
GlobalUnlock
GetModuleHandleA
FindFirstFileW
FindClose
GetCurrentDirectoryW
SetLastError
GetModuleHandleW
GetProcAddress
CreateFileW
SetFileTime
CloseHandle
FormatMessageW
LocalFree
GetModuleFileNameW
GetTickCount
GetLastError
MultiByteToWideChar
WideCharToMultiByte

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/7z.dll
.dll windows:4 windows x64 arch:x64

928b316f3126865cdd91c5fd11b09dbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strchr
_purecall
memset
free
malloc
strlen
__CxxFrameHandler
realloc
strstr
wcscmp
strcmp
memmove
_CxxThrowException
memcpy
memcmp
exit
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
SetThreadAffinityMask
ResumeThread
WaitForSingleObject
SetEvent
DeleteFileW
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetOEMCP
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
WriteFile
ReadFile
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
FindClose
FindFirstFileW
GetModuleHandleA
GetFileAttributesW

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetModuleProp
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/RarExt.dll
.dll windows:6 windows x64 arch:x64

8f6f025c725ec2aa8498b3040d0a763c

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:44

Not After

08-05-2033 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20-02-2019 00:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e1:3d:06:30:28:20:73:5d:16:28:0b:8b:6c:28:64:e7:c2:13:6b:97:02:6b:c1:6b:62:d0:4a:e0:d4:2a:da:b1
Signer

Actual PE Digest

e1:3d:06:30:28:20:73:5d:16:28:0b:8b:6c:28:64:e7:c2:13:6b:97:02:6b:c1:6b:62:d0:4a:e0:d4:2a:da:b1

Digest Algorithm

sha256

PE Digest Matches

true

67:eb:6e:1e:80:b5:76:a9:78:27:62:6d:47:af:e9:18:6e:c4:28:ec
Signer

Actual PE Digest

67:eb:6e:1e:80:b5:76:a9:78:27:62:6d:47:af:e9:18:6e:c4:28:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\WinRAR\rarext\build\64\Release\rarext.pdb

Imports

kernel32

CompareStringA
Sleep
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetSystemDirectoryW
SetThreadExecutionState
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
GetModuleHandleExW
GetLocaleInfoW
GetNumberFormatW
GetLogicalDrives
GetTempPathW
SetCurrentDirectoryW
LockResource
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GetDateFormatW
GetTimeFormatW
WaitForSingleObject
RtlUnwind
WriteConsoleW
HeapSize
GetStringTypeW
SetStdHandle
GetProcessHeap
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FindResourceW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileSizeEx
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
QueryPerformanceFrequency
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
GetModuleHandleW
CreateEventW
SizeofResource
LoadResource
FoldStringW
GetModuleFileNameW
GetFullPathNameW
GetCurrentDirectoryW
GetVersionExW
FindNextFileW
CreateFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
MoveFileW
GetCurrentProcessId
DeviceIoControl
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceExW
LoadLibraryExW
DeleteFileW
CreateDirectoryW
GetFileTime
GetFileType
FlushFileBuffers
GetStdHandle
SetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
CloseHandle
WriteFile
SetFileTime
SetFilePointer
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetEndOfFile
ReadFile
GetFileSize
FreeEnvironmentStringsW

user32

InvalidateRect
SetWindowTextW
GetParent
ReleaseDC
OemToCharA
EnableWindow
GetDlgItem
ShowWindow
SendMessageW
wsprintfW
GetDC
SetWindowPos
GetMonitorInfoW
MonitorFromPoint
LoadImageW
SetWindowLongPtrW
EqualRect
GetSysColor
GetCursorPos
EndPaint
BeginPaint
InsertMenuItemW
AppendMenuW
CreatePopupMenu
SendDlgItemMessageW
DestroyWindow
EnumDisplayMonitors
CopyImage
MapWindowPoints
MessageBoxW
FlashWindowEx
CreateWindowExW
CreateIcon
LoadCursorW
SetCursor
GetWindowTextLengthW
GetWindowTextW
CharLowerW
CharUpperW
OemToCharBuffA
LoadStringW
GetWindow
GetClassNameW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
GetWindowRect
GetClientRect
SetMenuItemInfoW
GetMenuItemInfoW
GetSystemMetrics
SetDlgItemTextW

gdi32

SetPixel
GetPixel
GetObjectW
CreateDIBSection
StretchBlt
GetDeviceCaps
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W
TextOutW
SetTextColor
LineTo
DeleteObject
CreatePen
GetTextFaceW
GetTextMetricsW
SelectObject
CreateFontW
MoveToEx

advapi32

RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
IsTextUnicode
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyExW
RegDeleteKeyW
RegCreateKeyExW
FreeSid

shell32

SHGetPathFromIDListW
ShellExecuteExW
SHGetMalloc
DragQueryFileW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
ReleaseStgMedium
CreateStreamOnHGlobal
CoCreateInstance
CoSetProxyBlanket
CoCreateFreeThreadedMarshaler

oleaut32

SysFreeString
VariantChangeType
VariantCopy
VariantClear
SysAllocString

shlwapi

SHStrDupW

comctl32

ord8
DestroyPropertySheetPage
CreatePropertySheetPageW

gdiplus

GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap

msimg32

GradientFill

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/RarLng.dll
.dll windows:5 windows x86 arch:x86

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:1d:40:ae:3f:3a:1f:b2:bc:3d:83:95
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

25-08-2020 13:42

Not After

26-08-2023 13:42

Subject

CN=win.rar GmbH,O=win.rar GmbH,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06-04-2022 07:44

Not After

08-05-2033 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20-02-2019 00:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:c5:94:4e:2d:b4:78:81:3c:d7:96:31:09:e4:be:c4:05:11:2b:26:5a:5e:d5:88:55:7e:fd:62:85:2d:44:fa
Signer

Actual PE Digest

24:c5:94:4e:2d:b4:78:81:3c:d7:96:31:09:e4:be:c4:05:11:2b:26:5a:5e:d5:88:55:7e:fd:62:85:2d:44:fa

Digest Algorithm

sha256

PE Digest Matches

true

c2:ed:e9:9a:cf:f6:5d:39:76:de:8e:71:8e:e5:6a:66:d3:09:ed:da
Signer

Actual PE Digest

c2:ed:e9:9a:cf:f6:5d:39:76:de:8e:71:8e:e5:6a:66:d3:09:ed:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 950KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Update/System.EnterpriseServices.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:5b:2f:ef:63:1a:86:9c:b5:99:97:32:fa:03:c4:29
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04-04-2023 00:00

Not After

22-06-2024 23:59

Subject

SERIALNUMBER=2019191556,CN=Smartly Dressed Games Ltd.,O=Smartly Dressed Games Ltd.,L=Calgary,ST=Alberta,C=CA,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#1307416c6265727461,1.3.6.1.4.1.311.60.2.1.3=#13024341

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:17:6f:83:1e:b3:d6:5f:d5:6b:b9:dc:67:53:96:dc:86:5a:40:82:60:62:bf:24:3a:e2:67:49:71:bc:5f:f3
Signer

Actual PE Digest

20:17:6f:83:1e:b3:d6:5f:d5:6b:b9:dc:67:53:96:dc:86:5a:40:82:60:62:bf:24:3a:e2:67:49:71:bc:5f:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/System.Security.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:5b:2f:ef:63:1a:86:9c:b5:99:97:32:fa:03:c4:29
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04-04-2023 00:00

Not After

22-06-2024 23:59

Subject

SERIALNUMBER=2019191556,CN=Smartly Dressed Games Ltd.,O=Smartly Dressed Games Ltd.,L=Calgary,ST=Alberta,C=CA,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#1307416c6265727461,1.3.6.1.4.1.311.60.2.1.3=#13024341

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:57:d9:40:92:a4:16:81:46:f2:5f:c3:94:f9:85:8e:0e:22:9d:fa:37:7e:19:25:a1:6d:cd:20:e9:c7:58:52
Signer

Actual PE Digest

49:57:d9:40:92:a4:16:81:46:f2:5f:c3:94:f9:85:8e:0e:22:9d:fa:37:7e:19:25:a1:6d:cd:20:e9:c7:58:52

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/System.Transactions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:5b:2f:ef:63:1a:86:9c:b5:99:97:32:fa:03:c4:29
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04-04-2023 00:00

Not After

22-06-2024 23:59

Subject

SERIALNUMBER=2019191556,CN=Smartly Dressed Games Ltd.,O=Smartly Dressed Games Ltd.,L=Calgary,ST=Alberta,C=CA,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#1307416c6265727461,1.3.6.1.4.1.311.60.2.1.3=#13024341

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b9:7e:d8:f9:2a:5f:7b:9d:59:76:51:a9:3d:29:ac:74:21:0c:0b:27:41:89:77:dc:7a:2e:2c:47:90:4d:21:0a
Signer

Actual PE Digest

b9:7e:d8:f9:2a:5f:7b:9d:59:76:51:a9:3d:29:ac:74:21:0c:0b:27:41:89:77:dc:7a:2e:2c:47:90:4d:21:0a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/System.Xml.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:5b:2f:ef:63:1a:86:9c:b5:99:97:32:fa:03:c4:29
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

04-04-2023 00:00

Not After

22-06-2024 23:59

Subject

SERIALNUMBER=2019191556,CN=Smartly Dressed Games Ltd.,O=Smartly Dressed Games Ltd.,L=Calgary,ST=Alberta,C=CA,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#1307416c6265727461,1.3.6.1.4.1.311.60.2.1.3=#13024341

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:c5:3e:50:67:4c:92:b5:23:ef:e9:ea:0b:de:96:96:86:18:c0:76:33:52:5d:bb:ae:f5:72:d3:cc:9d:bb:53
Signer

Actual PE Digest

57:c5:3e:50:67:4c:92:b5:23:ef:e9:ea:0b:de:96:96:86:18:c0:76:33:52:5d:bb:ae:f5:72:d3:cc:9d:bb:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/UnityEngine.AssetBundleModule.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14-07-2021 00:00

Not After

18-07-2024 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:ec:96:99:51:f8:d1:59:66:d8:5c:a8:ec:d2:62:47:9c:5f:91:6d
Signer

Actual PE Digest

05:ec:96:99:51:f8:d1:59:66:d8:5c:a8:ec:d2:62:47:9c:5f:91:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

UnityEngine.AssetBundleModule.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/UnityEngine.SubstanceModule.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14-07-2021 00:00

Not After

18-07-2024 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fa:b0:3d:27:d1:ed:db:3c:99:34:1d:10:85:11:06:a6:b4:57:5f:31
Signer

Actual PE Digest

fa:b0:3d:27:d1:ed:db:3c:99:34:1d:10:85:11:06:a6:b4:57:5f:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

UnityEngine.SubstanceModule.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/UnturnedExampleModule.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

48:ab:ad:3e:17:87:35:a4:4a:4a:93:5f:7f:15:b3:8a
Certificate

Issuer

CN=Smartly Dressed Games Ltd.

Not Before

11-11-2016 02:40

Not After

31-12-2039 23:59

Subject

CN=Smartly Dressed Games Ltd.

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:ce:dd:2a:f4:2f:07:2d:c5:2e:1f:7a:53:2a:0b:87:2e:8a:1a:2c
Signer

Actual PE Digest

5c:ce:dd:2a:f4:2f:07:2d:c5:2e:1f:7a:53:2a:0b:87:2e:8a:1a:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Admin\Desktop\Modding\Mods\UnturnedExampleModule\UnturnedExampleModule\obj\Release\UnturnedExampleModule.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Update/vcruntime140.dll
.dll windows:6 windows x86 arch:x86

b06d4116da69a513992d529f84731e6f

Code Sign

33:00:00:01:e2:f1:7d:92:02:0e:49:f8:7f:00:00:00:00:01:e2
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-12-2020 21:31

Not After

02-12-2021 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:b6:66:34:72:e4:e8:cb:d6:2e:04:88:3c:37:90:13:d2:d2:e5:91:62:e4:69:37:c7:65:9e:28:1a:da:2f:9c
Signer

Actual PE Digest

47:b6:66:34:72:e4:e8:cb:d6:2e:04:88:3c:37:90:13:d2:d2:e5:91:62:e4:69:37:c7:65:9e:28:1a:da:2f:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\a01\_work\2\s\\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

DeleteCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ledextensions64.dll
.dll windows:6 windows x64 arch:x64

4650c36b000031495b33d355f640c7fd

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:50:ed:15:0b:20:20:af:72:ac:c1:68:f2:37:cc:7a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30-10-2023 00:00

Not After

29-10-2026 23:59

Subject

SERIALNUMBER=HRB 110119,CN=Skutta Software GmbH,O=Skutta Software GmbH,L=Leverkusen,ST=Nordrhein-Westfalen,C=DE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c054bc3b66c6e,1.3.6.1.4.1.311.60.2.1.2=#13134e6f7264726865696e2d5765737466616c656e,1.3.6.1.4.1.311.60.2.1.3=#13024445

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ce:dd:e3:23:e5:79:9c:3b:fc:16:53:f7:9d:e0:3a:b6:e5:fb:b2:29:cf:4b:af:f4:14:30:b5:91:de:76:94:9c
Signer

Actual PE Digest

ce:dd:e3:23:e5:79:9c:3b:fc:16:53:f7:9d:e0:3a:b6:e5:fb:b2:29:cf:4b:af:f4:14:30:b5:91:de:76:94:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ledextensions64.pdb

Imports

kernel32

GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SleepConditionVariableSRW
WakeAllConditionVariable
IsProcessorFeaturePresent
CloseHandle
ReadConsoleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceFrequency
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapSize
SetStdHandle
Sleep
GetProcAddress
FreeLibrary
LoadLibraryA
SetThreadErrorMode
GetCurrentProcess
GetLastError
LocalFree
LocalAlloc
GetEnvironmentVariableW
CreateFileW
QueryPerformanceCounter
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoEx
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LCMapStringEx
SetFileInformationByHandle
GetTempPathW
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetStringTypeW
CompareStringEx
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
TerminateProcess
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetCurrentThread
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
SetConsoleCtrlHandler
WriteFile
OutputDebugStringW
GetFileSizeEx
SetFilePointerEx
HeapReAlloc
GetTimeZoneInformation
RtlUnwind

wintrust

WinVerifyTrust

psapi

GetModuleFileNameExW

crypt32

CryptQueryObject
CertFindCertificateInStore
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptMsgGetParam

shlwapi

PathStripPathW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

cuesdk.x64_2017

CorsairSubscribeForEvents
CorsairGetDeviceCount
CorsairGetLedPositionsByDeviceIndex
CorsairPerformProtocolHandshake
CorsairUnsubscribeFromEvents
CorsairRequestControl
CorsairReleaseControl
CorsairSetLedsColorsBufferByDeviceIndex
CorsairSetLedsColorsFlushBuffer
CorsairGetDeviceInfo
CorsairSetLedsColorsAsync

Exports

Exports

CreateWPExtPlugin
GetWPExtPluginVersion

Sections

.text
Size: 868KB - Virtual size: 868KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a48c772826ef5fbef5f9d4ddcfb60aea

Code Sign

06:e9:03:cc:ee:6d:b3:0d:2a:4f:91:74:3e:b1:6e:b0Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

e0:9d:37:96:c1:c3:08:c1:da:8a:55:64:22:1d:55:7e:46:44:10:f6:bd:9a:98:e0:37:72:e5:c8:b3:b8:34:d3Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-process-l1-1-0

mswsock

bcrypt

avrt

dbghelp

iphlpapi

shlwapi

crypt32

ws2_32

d3d11

dwmapi

imm32

opengl32

shell32

version

dsound

rex shared library

gdi32

ole32

oleaut32

winmm

usflib

advapi32

rpcrt4

wininet

ntdll

secur32

Exports

Exports

Sections

.text Size: 67.2MB - Virtual size: 67.2MB

IPPCODE Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 21.3MB - Virtual size: 21.3MB

.data Size: 3.6MB - Virtual size: 5.7MB

.pdata Size: 3.2MB - Virtual size: 3.2MB

IPPDATA Size: 3KB - Virtual size: 3KB

_RDATA Size: 160KB - Virtual size: 160KB

.rsrc Size: 119KB - Virtual size: 118KB

06:e9:03:cc:ee:6d:b3:0d:2a:4f:91:74:3e:b1:6e:b0
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

e0:9d:37:96:c1:c3:08:c1:da:8a:55:64:22:1d:55:7e:46:44:10:f6:bd:9a:98:e0:37:72:e5:c8:b3:b8:34:d3
Signer

.text
Size: 67.2MB - Virtual size: 67.2MB

IPPCODE
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 21.3MB - Virtual size: 21.3MB

.data
Size: 3.6MB - Virtual size: 5.7MB

.pdata
Size: 3.2MB - Virtual size: 3.2MB

IPPDATA
Size: 3KB - Virtual size: 3KB

_RDATA
Size: 160KB - Virtual size: 160KB

.rsrc
Size: 119KB - Virtual size: 118KB

.text
Size: 6.3MB - Virtual size: 6.3MB

.data
Size: 390KB - Virtual size: 390KB

.rdata
Size: 9.7MB - Virtual size: 9.7MB

.pdata
Size: 191KB - Virtual size: 191KB

.xdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 330KB

.edata
Size: 512B - Virtual size: 78B

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 384KB - Virtual size: 383KB

.reloc
Size: 123KB - Virtual size: 122KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 626B

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 316B

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB