clamav-1[.]3[.]1[.]win[.]x64[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

clamav-1.3.1.win.x64.zip
Size

47.2MB
MD5

f21ad9b5b4b76ec402535df40646e6e5
SHA1

ed8055b3aa69942ec46eeaf1c8ca1103a17645f6
SHA256

0e06df8b419a2761530961812d4daa10b0edac2d9ef6e24de957ee1eabb3e531
SHA512

81efcb78185d53ff3824dcab647e3ac38b7eb19da8f33f741851d11637fd5502c49b8855369049da63e3df2dc9ef6cdcbb17de963c9a9e3595cc6cd394f623c8
SSDEEP

786432:4Ak4ih5Hrl3j0rikNYlSkO0p0/bLAqX3sO6sS9Hne3D7eG6NUuYM97Y:s5fHr9xlStXAqX3sO6jBne3HIhK

Score

3^/10

Malware Config

Signatures

Embeds OpenSSL 1 IoCs

Embeds OpenSSL, may be used to circumvent TLS interception.

resource	yara_rule
static1/unpack001/clamav-1.3.1.win.x64/libcrypto-3-x64.dll	embeds_openssl

Unsigned PE 25 IoCs

Checks for missing Authenticode signature.

resource
unpack001/clamav-1.3.1.win.x64/clambc.exe
unpack001/clamav-1.3.1.win.x64/clamconf.exe
unpack001/clamav-1.3.1.win.x64/clamd.exe
unpack001/clamav-1.3.1.win.x64/clamdscan.exe
unpack001/clamav-1.3.1.win.x64/clamdtop.exe
unpack001/clamav-1.3.1.win.x64/clamscan.exe
unpack001/clamav-1.3.1.win.x64/clamsubmit.exe
unpack001/clamav-1.3.1.win.x64/freshclam.exe
unpack001/clamav-1.3.1.win.x64/json-c.dll
unpack001/clamav-1.3.1.win.x64/libbz2.dll
unpack001/clamav-1.3.1.win.x64/libclamav.dll
unpack001/clamav-1.3.1.win.x64/libclammspack.dll
unpack001/clamav-1.3.1.win.x64/libclamunrar.dll
unpack001/clamav-1.3.1.win.x64/libclamunrar_iface.dll
unpack001/clamav-1.3.1.win.x64/libcrypto-3-x64.dll
unpack001/clamav-1.3.1.win.x64/libcurl.dll
unpack001/clamav-1.3.1.win.x64/libfreshclam.dll
unpack001/clamav-1.3.1.win.x64/libssh2.dll
unpack001/clamav-1.3.1.win.x64/libssl-3-x64.dll
unpack001/clamav-1.3.1.win.x64/libxml2.dll
unpack001/clamav-1.3.1.win.x64/nghttp2.dll
unpack001/clamav-1.3.1.win.x64/pcre2-8.dll
unpack001/clamav-1.3.1.win.x64/pdcurses.dll
unpack001/clamav-1.3.1.win.x64/pthreadvc3.dll
unpack001/clamav-1.3.1.win.x64/sigtool.exe

Files

clamav-1.3.1.win.x64.zip
.zip
clamav-1.3.1.win.x64/COPYING.txt
clamav-1.3.1.win.x64/COPYING/COPYING.LGPL
clamav-1.3.1.win.x64/COPYING/COPYING.YARA
clamav-1.3.1.win.x64/COPYING/COPYING.bzip2
clamav-1.3.1.win.x64/COPYING/COPYING.curl
clamav-1.3.1.win.x64/COPYING/COPYING.file
clamav-1.3.1.win.x64/COPYING/COPYING.getopt
clamav-1.3.1.win.x64/COPYING/COPYING.llvm
clamav-1.3.1.win.x64/COPYING/COPYING.lzma
clamav-1.3.1.win.x64/COPYING/COPYING.pcre
clamav-1.3.1.win.x64/COPYING/COPYING.regex
clamav-1.3.1.win.x64/COPYING/COPYING.unrar
clamav-1.3.1.win.x64/COPYING/COPYING.zlib
clamav-1.3.1.win.x64/NEWS.md
clamav-1.3.1.win.x64/README.md
clamav-1.3.1.win.x64/UserManual/404.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/FontAwesome/css/font-awesome.css
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/FontAwesome.ttf
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/fontawesome-webfont.eot
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/fontawesome-webfont.svg
.xml
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/fontawesome-webfont.ttf
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/fontawesome-webfont.woff
clamav-1.3.1.win.x64/UserManual/FontAwesome/fonts/fontawesome-webfont.woff2
clamav-1.3.1.win.x64/UserManual/Introduction.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/ace.js
.js
clamav-1.3.1.win.x64/UserManual/appendix/Appendix.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/appendix/Authenticode.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/appendix/CvdPrivateMirror.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/appendix/FileTypes.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/appendix/FunctionalityLevels.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/appendix/Terminology.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/ayu-highlight.css
clamav-1.3.1.win.x64/UserManual/book.js
.js
clamav-1.3.1.win.x64/UserManual/clipboard.min.js
.js
clamav-1.3.1.win.x64/UserManual/community_resources/CommunityResources.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/community_resources/CompileClamAV_AmazonLinux2.txt
clamav-1.3.1.win.x64/UserManual/css/chrome.css
clamav-1.3.1.win.x64/UserManual/css/general.css
clamav-1.3.1.win.x64/UserManual/css/print.css
clamav-1.3.1.win.x64/UserManual/css/variables.css
clamav-1.3.1.win.x64/UserManual/editor.js
.js
clamav-1.3.1.win.x64/UserManual/elasticlunr.min.js
.js
clamav-1.3.1.win.x64/UserManual/faq/faq-cvd.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-eol.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-freshclam.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-ignore.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-malware-fp-reports.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-misc.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-ml.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-pua.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-rust.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-safebrowsing.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-scan-alerts.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-troubleshoot.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-uninstall.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-upgrade.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-whichversion.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq-win32.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/faq/faq.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/favicon.png
.png
clamav-1.3.1.win.x64/UserManual/fonts/OPEN-SANS-LICENSE.txt
clamav-1.3.1.win.x64/UserManual/fonts/SOURCE-CODE-PRO-LICENSE.txt
clamav-1.3.1.win.x64/UserManual/fonts/fonts.css
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-300.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-300italic.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-600.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-600italic.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-700.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-700italic.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-800.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-800italic.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-italic.woff2
clamav-1.3.1.win.x64/UserManual/fonts/open-sans-v17-all-charsets-regular.woff2
clamav-1.3.1.win.x64/UserManual/fonts/source-code-pro-v11-all-charsets-500.woff2
clamav-1.3.1.win.x64/UserManual/googled62299e9391332c4.html
clamav-1.3.1.win.x64/UserManual/highlight.css
clamav-1.3.1.win.x64/UserManual/highlight.js
.js
clamav-1.3.1.win.x64/UserManual/images/change-fork-name.png
.png
clamav-1.3.1.win.x64/UserManual/images/cisco.png
.png
clamav-1.3.1.win.x64/UserManual/images/clone-your-fork.png
.png
clamav-1.3.1.win.x64/UserManual/images/create-a-fork.png
.png
clamav-1.3.1.win.x64/UserManual/images/demon.png
.png
clamav-1.3.1.win.x64/UserManual/images/flamegraph.svg
.js .xml polyglot
clamav-1.3.1.win.x64/UserManual/images/fork-is-behind.png
.png
clamav-1.3.1.win.x64/UserManual/images/logo.png
.png
clamav-1.3.1.win.x64/UserManual/images/new-git-workflow.png
.png
clamav-1.3.1.win.x64/UserManual/images/old-git-workflow.png
.png
clamav-1.3.1.win.x64/UserManual/index.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/Contribute.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/build-installer-packages.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/clamav-git-work-flow.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/code-coverage.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/development-builds.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/fuzzing-sanitizers.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/github-pr-basics.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/libclamav.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/performance-profiling.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/personal-forks.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/testing-pull-requests.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Development/tips-and-tricks.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Add-clamav-user.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Community-projects.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Docker.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Installing-from-source-Unix-old.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Installing-from-source-Unix.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Installing-from-source-Windows.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Installing/Packages.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/OnAccess.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/AllowLists.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/AuthenticodeRules.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/BodySignatureFormat.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/BytecodeSignatures.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/ContainerMetadata.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/DatabaseInfo.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/DynamicConfig.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/EncryptedArchives.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/ExtendedSignatures.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/FileTypeMagic.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/HashSignatures.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/LogicalSignatures.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/PhishSigs.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/SignatureNames.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Signatures/YaraRules.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage/Configuration.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage/ReportABug.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage/Scanning.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage/Services.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/manual/Usage/SignatureManagement.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/mark.min.js
.js
clamav-1.3.1.win.x64/UserManual/mode-rust.js
.js
clamav-1.3.1.win.x64/UserManual/print.html
.html .js polyglot
clamav-1.3.1.win.x64/UserManual/searcher.js
.js
clamav-1.3.1.win.x64/UserManual/searchindex.js
clamav-1.3.1.win.x64/UserManual/searchindex.json
clamav-1.3.1.win.x64/UserManual/sitemap.xml
clamav-1.3.1.win.x64/UserManual/theme-dawn.js
.js
clamav-1.3.1.win.x64/UserManual/theme-tomorrow_night.js
.js
clamav-1.3.1.win.x64/UserManual/tomorrow-night.css
clamav-1.3.1.win.x64/clamav.lib
clamav-1.3.1.win.x64/clamav_rust.lib
clamav-1.3.1.win.x64/clambc.exe
.exe windows:6 windows x64 arch:x64

4f466c0171be25422dde2e6073e15c23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

cli_bytevalue_describe
cli_bytecode_printversion
cl_debug
cl_strerror
cli_bytecode_context_setfuncid
cl_retflevel
cli_bytecode_debug
cli_regfree
cli_regexec
cli_bytecode_context_alloc
cli_regcomp
cli_calloc
cli_bytecode_context_set_trace
cl_engine_free
cl_engine_compile
fmap
cli_bytefunc_describe
cl_engine_new
cli_bytecode_debug_printsrc
cl_init
cli_bytetype_describe
cli_bytecode_describe
cli_bytecode_done
cli_bytecode_destroy
cli_bytecode_run
cli_bytecode_prepare2
cli_bytecode_load
cli_bytecode_init
cli_bytecode_context_destroy
cli_bytecode_context_getresult_int
cli_bytecode_context_setfile
cli_bytecode_context_setparam_int

kernel32

GetFileAttributesExW
GetCommandLineA
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
WriteConsoleW
lstrcmpiA
GetModuleFileNameA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
ReleaseSRWLockExclusive
ReleaseMutex
FindClose
ReleaseSRWLockShared
AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCommandLineW
GetStdHandle
GetCurrentProcessId
WaitForSingleObject
TerminateProcess
QueryPerformanceCounter
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
FindNextFileW
FindFirstFileW
GetConsoleMode
GetModuleHandleW
FormatMessageW

advapi32

RegCloseKey
RegQueryValueExA
SystemFunction036
RegOpenKeyExA

bcrypt

BCryptGenRandom

ntdll

NtWriteFile
RtlNtStatusToDosError

vcruntime140

__current_exception_context
wcsstr
memset
strchr
strrchr
memcpy
__CxxFrameHandler3
memmove
memcmp
_CxxThrowException
__C_specific_handler
__current_exception
wcsrchr

api-ms-win-crt-runtime-l1-1-0

terminate
_crt_atexit
_register_onexit_function
_errno
exit
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
_fileno
fclose
_set_fmode
__p__commode
_open
_close
_setmode
__acrt_iob_func
fopen
fread
fseek
putc
__stdio_common_vfprintf
fgets

api-ms-win-crt-heap-l1-1-0

realloc
malloc
_set_new_mode
calloc
free

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-string-l1-1-0

_strdup
strncmp
_strnicmp
wcsncpy
wcsncat
wcsncmp
strpbrk
strncpy

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamconf.exe
.exe windows:6 windows x64 arch:x64

e760fa9c46ce7e6ab6f4ee4d5e84acc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

cl_cvdhead
cl_cvdfree
cl_retflevel
cl_retver
cl_retdbdir
cli_regfree
cli_regexec
cli_regcomp
have_rar
cli_printcxxver
have_clamjit
cli_detect_environment
cli_strtokenize
cli_strbcasestr
cl_init

kernel32

FindNextFileW
FindFirstFileW
GetModuleHandleW
GetCommandLineW
GetCommandLineA
CloseHandle
GetModuleFileNameA
lstrcmpiA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
IsDebuggerPresent
GetCurrentDirectoryW
CreateFileA
FindClose
GetFileAttributesExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

vcruntime140

wcsstr
wcsrchr
__current_exception_context
__current_exception
strchr
strrchr
memcpy
memset
__C_specific_handler
memmove

api-ms-win-crt-string-l1-1-0

wcsncat
_strnicmp
strpbrk
strncmp
_strdup
wcsncpy
wcsncmp
strncpy

api-ms-win-crt-stdio-l1-1-0

_setmode
__acrt_iob_func
fclose
fgets
_fileno
fopen
__stdio_common_vfprintf
__stdio_common_vsprintf
__p__commode
_set_fmode

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
_set_new_mode
calloc

api-ms-win-crt-time-l1-1-0

_ctime64

api-ms-win-crt-runtime-l1-1-0

_c_exit
_register_thread_local_exe_atexit_callback
_cexit
exit
_initterm
_initialize_onexit_table
__p___argv
_crt_atexit
terminate
_set_errno
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
_register_onexit_function
_exit
_set_app_type
_seh_filter_exe
_errno
_initterm_e

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamd.exe
.exe windows:6 windows x64 arch:x64

b9b0f3cc8c8d4a4b26ec6f10c8893143

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

cl_engine_addref
cli_strerror
cli_ctime
cl_strerror
cl_load
cl_engine_set_clcb_hash
cl_set_clcb_msg
cl_cvdhead
cl_engine_set_clcb_sigload
cl_retdbdir
cli_regfree
cl_cvdfree
cli_regexec
cli_regcomp
cl_engine_set_clcb_virus_found
cl_debug
cl_engine_free
mpool_getstats
cl_scanfile_callback
cli_gentempfd
cli_get_filepath_from_filedesc
cl_engine_compile
cl_scandesc_callback
cl_retflevel
cl_engine_set_str
cl_engine_set_num
cl_engine_new
cl_init
cl_cvdgetage
cli_ftw
cl_retver
cli_writen
cli_unlink
cli_chomp
cl_statfree
cl_statchkdir
cl_statinidir
cl_engine_settings_free
cl_engine_settings_apply
cl_engine_settings_copy
cl_engine_get_num
cli_realpath

kernel32

CreateFileA
GetCurrentDirectoryW
RegisterWaitForSingleObject
UnregisterWaitEx
WaitForMultipleObjects
Sleep
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileAttributesExW
GetSystemTimeAsFileTime
FindNextFileW
FindFirstFileW
FindClose
GetCommandLineW
GetCommandLineA
SetConsoleCtrlHandler
GetCurrentProcessId
CloseHandle
SetEvent
ResetEvent
CreateEventA
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
lstrcmpiA
WaitForSingleObject
CreateThread

advapi32

RegisterServiceCtrlHandlerA
OpenSCManagerA
DeleteService
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetServiceStatus
StartServiceCtrlDispatcherA
OpenServiceA

ws2_32

WSAEnumNetworkEvents
ntohs
ntohl
WSAEventSelect
getaddrinfo
freeaddrinfo

pthreadvc3

pthread_mutex_lock
pthread_mutex_unlock
pthread_attr_destroy
pthread_cond_broadcast
pthread_cond_timedwait
pthread_cond_init
pthread_mutex_init
pthread_getspecific
pthread_setspecific
pthread_key_create
pthread_once
pthread_cond_signal
pthread_cond_wait
pthread_cond_destroy
pthread_mutex_destroy
pthread_join
pthread_create
pthread_attr_setdetachstate
pthread_attr_init

wsock32

socket
setsockopt
send
select
recv
listen
inet_addr
getpeername
inet_ntoa
closesocket
bind
shutdown
accept
WSAGetLastError

vcruntime140

strrchr
memset
__current_exception
__current_exception_context
wcsrchr
wcsstr
strchr
memmove
__C_specific_handler
memcpy
memchr

api-ms-win-crt-runtime-l1-1-0

_c_exit
_cexit
__p___argv
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_errno
_set_app_type
_seh_filter_exe
_crt_atexit
terminate
_set_errno
_initialize_onexit_table
exit
_register_onexit_function
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

_setmode
__stdio_common_vsprintf
_chsize
fflush
__p__commode
_close
__acrt_iob_func
fgets
__stdio_common_vfprintf
fopen
_fileno
fclose
_set_fmode

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
_set_new_mode
realloc

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s
strftime
_ctime64
_ftime64_s

api-ms-win-crt-string-l1-1-0

wcsncpy
wcsncat
_strdup
wcsncmp
strncmp
_strnicmp
strpbrk
strcmp
strncpy

api-ms-win-crt-filesystem-l1-1-0

_umask
_unlink
_fstat64i32

api-ms-win-crt-convert-l1-1-0

strtoll
atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamdscan.exe
.exe windows:6 windows x64 arch:x64

e1946866f24ea1d4457ad4bfbdc809ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

cli_strdup
cli_strntoul
cli_realpath
cli_ftw
cli_gentemp
cli_malloc
cl_scandesc
cli_basename
cli_strtokenize
cli_regfree
cli_regexec
cli_regcomp
cli_ctime

kernel32

GetCurrentDirectoryW
GetCommandLineW
GetCommandLineA
GetModuleHandleW
IsDebuggerPresent
Sleep
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
lstrcmpiA
CopyFileA
SetFileInformationByHandle
CloseHandle
GetProcAddress
LoadLibraryA
GetFileInformationByHandleEx
ExpandEnvironmentStringsA
GetFileAttributesExW
DeleteFileA
FindClose
FindFirstFileW
WriteFile
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
CreateRemoteThread
OpenProcess
ReadProcessMemory
FreeLibrary
IsBadReadPtr
IsBadWritePtr
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
Module32Next
K32EnumProcesses
K32EnumProcessModules
K32GetModuleBaseNameA
QueryPerformanceCounter
K32GetModuleInformation
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
RtlVirtualUnwind
FindNextFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
CreateFileA
K32GetModuleFileNameExA
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
LookupPrivilegeValueA

ws2_32

getaddrinfo
htonl
freeaddrinfo
__WSAFDIsSet
htons

pthreadvc3

pthread_mutex_unlock
pthread_mutex_lock

wsock32

socket
send
select
recv
connect
closesocket
bind
WSAGetLastError

vcruntime140

memcpy
memset
memchr
strrchr
__current_exception
memmove
wcsrchr
wcsstr
__current_exception_context
strchr
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

_set_fmode
_open_osfhandle
fgets
__acrt_iob_func
_fileno
fopen
fflush
fclose
__stdio_common_vsprintf
_wopen
__stdio_common_vfprintf
__p__commode
_read
_open
_getcwd
_setmode
_close

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
exit
terminate
_errno
_set_app_type
_crt_atexit
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_initialize_onexit_table
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe

api-ms-win-crt-time-l1-1-0

_ftime64_s
_localtime64_s
_time64
strftime

api-ms-win-crt-string-l1-1-0

wcsncat
_strnicmp
wcsncpy
_strdup
wcsncmp
strncpy
strncmp
strpbrk
isprint
strncat
_stricmp
_wcsdup
strcmp

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
calloc
free
malloc

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_umask

api-ms-win-crt-convert-l1-1-0

strtoll
atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr
log

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamdtop.exe
.exe windows:6 windows x64 arch:x64

1b4f8e69849c98982b9f32ab224d61d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

pdcurses

curs_set
delscreen
delwin
derwin
stdscr
use_default_colors
getcury
getcurx
getmaxy
getmaxx
wrefresh
wprintw
wgetch
werase
wbkgd
wattrset
wattron
wattroff
waddch
touchwin
subwin
start_color
refresh
nonl
noecho
newterm
mvwprintw
mvwaddch
move
keypad
init_pair
halfdelay
endwin
box

libclamav

cli_regfree
cli_regcomp
cli_regexec

kernel32

FindNextFileW
FindFirstFileW
FindClose
GetFileAttributesExW
GetCurrentDirectoryW
GetCommandLineW
GetCommandLineA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
MultiByteToWideChar
GetLastError
lstrcmpiA
GetModuleFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

WSAStartup
getaddrinfo
WSAGetLastError
freeaddrinfo

wsock32

send
setsockopt
socket
connect
closesocket
recv

vcruntime140

memmove
memchr
wcsstr
memcpy
__current_exception_context
strchr
strrchr
strstr
wcsrchr
memset
__C_specific_handler
__current_exception

api-ms-win-crt-string-l1-1-0

strpbrk
strcmp
wcsncat
wcsncmp
wcsncpy
toupper
strncpy
strncmp
tolower
_strdup
isspace
_strnicmp
isdigit

api-ms-win-crt-runtime-l1-1-0

perror
_initterm
_errno
terminate
_get_initial_narrow_environment
_seh_filter_exe
_set_app_type
exit
_initterm_e
_register_thread_local_exe_atexit_callback
_c_exit
_wassert
__p___argv
__p___argc
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_cexit
_register_onexit_function
_crt_atexit
_exit

api-ms-win-crt-stdio-l1-1-0

fopen
fgets
fclose
__stdio_common_vsscanf
__stdio_common_vsprintf
__stdio_common_vfprintf
puts
fputc
_fileno
__acrt_iob_func
__p__commode
_set_fmode
_setmode

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
calloc
_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_ctime64
_time64
_localtime64_s
_ftime64_s

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clammspack.lib
clamav-1.3.1.win.x64/clamscan.exe
.exe windows:6 windows x64 arch:x64

76f6f37e593b8a61b77c1cb2f721f2e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

cl_scandesc
cli_strtokenize
cli_ctime
cli_basename
cli_malloc
cl_init
cl_debug
cl_cvdhead
cl_cvdfree
cl_initialize_crypto
cl_always_gen_section_hash
cl_cvdgetage
cl_retflevel
cl_retdbdir
cli_regfree
cli_regexec
cli_regcomp
cli_pcre_perf_events_destroy
cli_pcre_perf_print
cli_realpath
cli_gentemp
cli_gettmpdir
cli_sigperf_events_destroy
cli_sigperf_print
cl_strerror
cl_load
cl_scanfile_callback
cl_scandesc_callback
cl_engine_set_clcb_meta
cl_engine_set_clcb_engine_compile_progress
cl_engine_set_clcb_sigload_progress
cl_engine_set_clcb_virus_found
cl_engine_set_clcb_post_scan
cl_engine_set_clcb_pre_cache
cl_engine_free
cl_engine_compile
cl_engine_get_str
cl_engine_set_str
cl_engine_set_num
cl_engine_new

kernel32

FindNextFileW
GetFileAttributesExW
GetCurrentDirectoryW
GetCommandLineW
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateFileMappingA
GetCommandLineA
UnmapViewOfFile
MapViewOfFile
K32GetModuleInformation
K32GetModuleFileNameExA
K32GetModuleBaseNameA
K32EnumProcessModules
lstrcmpiA
GetModuleFileNameA
CopyFileA
GetLastError
MoveFileA
MultiByteToWideChar
K32EnumProcesses
SetFileInformationByHandle
CloseHandle
GetProcAddress
LoadLibraryA
GetFileInformationByHandleEx
ExpandEnvironmentStringsA
CreateFileA
DeleteFileA
FindClose
FindFirstFileW
WriteFile
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
CreateRemoteThread
OpenProcess
ReadProcessMemory
FreeLibrary
IsBadReadPtr
IsBadWritePtr
CreateToolhelp32Snapshot
Process32First
Process32Next
Module32First
Module32Next
WideCharToMultiByte

advapi32

OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges

ws2_32

htonl
getaddrinfo
freeaddrinfo

pthreadvc3

pthread_mutex_unlock
pthread_mutex_lock

wsock32

closesocket
connect
recv
send
WSAGetLastError
socket

vcruntime140

memchr
memset
__C_specific_handler
__current_exception_context
memmove
wcsrchr
wcsstr
strrchr
strchr
__current_exception
memcpy

api-ms-win-crt-stdio-l1-1-0

_open_osfhandle
_read
_open
_getcwd
_isatty
_close
_wopen
__acrt_iob_func
fgets
_fileno
_setmode
fclose
_set_fmode
__p__commode
__stdio_common_vsprintf
__stdio_common_vfprintf
fwrite
fread
fopen
fflush

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
_c_exit
perror
_cexit
__p___argv
exit
terminate
_set_errno
__p___argc
_exit
_initterm
_initterm_e
_errno
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe
_get_initial_narrow_environment

api-ms-win-crt-time-l1-1-0

strftime
_ctime64
_time64
_localtime64_s
_ftime64_s

api-ms-win-crt-string-l1-1-0

strncpy
strncmp
_wcsdup
strncat
_strdup
wcsncpy
strpbrk
wcsncat
strcmp
_strnicmp
isprint
wcsncmp
_stricmp

api-ms-win-crt-heap-l1-1-0

realloc
free
calloc
malloc
_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr
log
round

api-ms-win-crt-convert-l1-1-0

strtoll
atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

_unlink
_umask

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamsubmit.exe
.exe windows:6 windows x64 arch:x64

b4d67a731029fddd593e59ddf4b30423

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libssl-3-x64

SSL_CTX_get_cert_store

libcrypto-3-x64

X509_STORE_add_cert
X509_dup
X509_free
X509_get_subject_name
X509_cmp
X509_NAME_print_ex
ERR_get_error
ERR_error_string
d2i_X509
BIO_new
BIO_ctrl
BIO_s_mem
BIO_free

json-c

json_object_get_string
json_object_put
json_tokener_parse
json_object_object_get_ex

libcurl

curl_formadd
curl_formfree
curl_global_init
curl_global_cleanup
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo

libclamav

cli_ctime
cli_regexec
cli_regcomp
cl_cvdfree
cl_cvdhead
cl_retdbdir
cli_gentemp
cli_regfree

kernel32

CloseHandle
GetFileAttributesExW
CreateFileA
GetCurrentDirectoryW
GetCommandLineA
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FindClose
FindFirstFileW
FindNextFileW
GetCommandLineW
lstrcmpiA
GetModuleFileNameA
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

pthreadvc3

pthread_mutex_unlock
pthread_mutex_lock

crypt32

CertGetNameStringA
CertOpenSystemStoreA
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCloseStore

vcruntime140

__current_exception
__current_exception_context
strstr
wcsrchr
wcsstr
__C_specific_handler
memset
strrchr
strchr
memmove
memcpy

api-ms-win-crt-string-l1-1-0

strpbrk
wcsncat
_strnicmp
_strdup
strncpy
strcmp
strncmp
wcsncpy
wcsncmp

api-ms-win-crt-stdio-l1-1-0

fflush
_setmode
__acrt_iob_func
fclose
__stdio_common_vsprintf
_set_fmode
__stdio_common_vfprintf
feof
fwrite
fread
fopen
_fileno
fgets
__p__commode

api-ms-win-crt-filesystem-l1-1-0

_umask
remove

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
malloc
free
calloc

api-ms-win-crt-runtime-l1-1-0

__p___argc
_exit
_initterm_e
_initterm
_set_errno
exit
_get_initial_narrow_environment
terminate
_cexit
_c_exit
_crt_atexit
__p___argv
_errno
_initialize_narrow_environment
_configure_narrow_argv
_register_onexit_function
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type

api-ms-win-crt-time-l1-1-0

_time64
_ctime64
strftime
_localtime64_s

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/clamunrar.lib
clamav-1.3.1.win.x64/clamunrar_iface.lib
clamav-1.3.1.win.x64/concrt140.dll
.dll windows:6 windows x64 arch:x64

b53a9a2e86c058cbcd81f6f4285ec2fc

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

37:b9:5d:f2:9e:fb:2f:72:31:23:d0:1a:89:0a:8a:b3:e8:3d:ea:77:c1:a7:b3:1a:57:b8:5e:d9:89:d7:e4:f5
Signer

Actual PE Digest

37:b9:5d:f2:9e:fb:2f:72:31:23:d0:1a:89:0a:8a:b3:e8:3d:ea:77:c1:a7:b3:1a:57:b8:5e:d9:89:d7:e4:f5

Digest Algorithm

sha256

PE Digest Matches

true

37:b9:5d:f2:9e:fb:2f:72:31:23:d0:1a:89:0a:8a:b3:e8:3d:ea:77:c1:a7:b3:1a:57:b8:5e:d9:89:d7:e4:f5
Signer

Actual PE Digest

37:b9:5d:f2:9e:fb:2f:72:31:23:d0:1a:89:0a:8a:b3:e8:3d:ea:77:c1:a7:b3:1a:57:b8:5e:d9:89:d7:e4:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\concrt140.amd64.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__uncaught_exception
memcpy
__C_specific_handler
__RTDynamicCast
__std_type_info_destroy_list
__current_exception_context
__current_exception

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-math-l1-1-0

exp
sqrt

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vswprintf_s
__acrt_iob_func
fflush

kernel32

WaitForSingleObjectEx
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetThreadTimes
EncodePointer
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
GetProcAddress
SetLastError
SetThreadpoolTimer
CreateSemaphoreExW
ReleaseSemaphore
InitializeSListHead
VerifyVersionInfoW
SetProcessAffinityMask
GetProcessAffinityMask
VirtualFree
FlushProcessWriteBuffers
VerSetConditionMask
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetTickCount64
GetCurrentProcessorNumberEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadPriority
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
GetCurrentThread
CloseHandle
DuplicateHandle
GetLastError
SetEvent
CreateThread
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSectionEx
CreateEventExW
Sleep
SignalObjectAndWait
SwitchToThread
SetThreadPriority

Exports

Exports

??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Runtime_object@details@Concurrency@@QEAA@H@Z
??0_Runtime_object@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z
??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z
??0agent@Concurrency@@QEAA@XZ
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1agent@Concurrency@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
?AgentEventGuid@Concurrency@@3U_GUID@@B
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?ChoreEventGuid@Concurrency@@3U_GUID@@B
?ConcRTEventGuid@Concurrency@@3U_GUID@@B
?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B
?ContextEventGuid@Concurrency@@3U_GUID@@B
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?LockEventGuid@Concurrency@@3U_GUID@@B
?Log2@details@Concurrency@@YAK_K@Z
?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z
?NFS_Free@details@Concurrency@@YAXPEAX@Z
?NFS_GetLineSize@details@Concurrency@@YA_KXZ
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SchedulerEventGuid@Concurrency@@3U_GUID@@B
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetCombinableSize@details@Concurrency@@YA_KXZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAX1@ZP6AX2PEBX1@Z5@Z
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z
?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KPEAXP6AX10@ZP6AX1PEBX0@Z@Z
?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAXPEBX1@Z@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ
?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z
?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEAX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z
?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z
?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00@Z
?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00P6AXPEAX0@ZP6AX1PEBX0@Z3@Z
?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_KXZ
?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ
?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IEBAX_K@Z
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?cancel@agent@Concurrency@@QEAA_NXZ
?current@location@Concurrency@@SA?AV12@XZ
?done@agent@Concurrency@@IEAA_NXZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?is_current_task_group_canceling@Concurrency@@YA_NXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?start@agent@Concurrency@@QEAA_NXZ
?status@agent@Concurrency@@QEAA?AW4agent_status@2@XZ
?status_port@agent@Concurrency@@QEAAPEAV?$ISource@W4agent_status@Concurrency@@@2@XZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@agent@Concurrency@@SA?AW4agent_status@2@PEAV12@I@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_all@agent@Concurrency@@SAX_KPEAPEAV12@PEAW4agent_status@2@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?wait_for_one@agent@Concurrency@@SAX_KPEAPEAV12@AEAW4agent_status@2@AEA_KI@Z

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/conf_examples/clamd.conf.sample
clamav-1.3.1.win.x64/conf_examples/freshclam.conf.sample
clamav-1.3.1.win.x64/freshclam.exe
.exe windows:6 windows x64 arch:x64

6d489ebdaebe50c205d2df2dc2b68f17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libfreshclam

fc_initialize
fc_cleanup
fc_prune_database_directory
fc_test_database
fc_set_fccb_download_complete
fc_update_databases
fc_download_url_databases
fc_dns_query_update_info
fc_strerror

libclamav

cl_init
cl_set_clcb_msg
cl_strerror
__cli_strndup
cl_retflevel
cl_cvdfree
cl_cvdhead
cl_retdbdir
cli_ctime
cli_regfree
cli_regexec
cli_regcomp
cli_gentemp_with_prefix
cli_rmdirs
cli_strdup
cli_realloc
cli_calloc
cli_strbcasestr

kernel32

GetFileAttributesExW
CreateFileA
GetCurrentDirectoryW
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetCommandLineW
RtlVirtualUnwind
Sleep
GetCurrentProcessId
lstrcmpiA
GetModuleFileNameA
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
SetConsoleCtrlHandler
CloseHandle
FindClose
FindFirstFileW
FindNextFileW
GetCommandLineA
RtlLookupFunctionEntry
UnhandledExceptionFilter
RtlCaptureContext

advapi32

OpenServiceA
DeleteService
CreateServiceA
StartServiceCtrlDispatcherA
CloseServiceHandle
ChangeServiceConfig2A
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA

ws2_32

freeaddrinfo
getaddrinfo

pthreadvc3

pthread_mutex_lock
pthread_mutex_unlock

wsock32

socket
WSAGetLastError
send
connect
closesocket
recv

vcruntime140

__current_exception
memmove
__current_exception_context
wcsrchr
memset
memcpy
__C_specific_handler
strstr
strrchr
strchr
wcsstr

api-ms-win-crt-runtime-l1-1-0

_set_errno
_errno
terminate
system
_register_onexit_function
_initialize_onexit_table
_seh_filter_exe
signal
exit
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_set_app_type
_initterm_e
_exit
_crt_atexit
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initterm

api-ms-win-crt-string-l1-1-0

_strdup
wcsncpy
wcsncat
wcsncmp
strncpy
strpbrk
strncmp
_strnicmp

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
_set_fmode
fflush
fclose
_fileno
fgets
__stdio_common_vsscanf
fopen
__stdio_common_vfprintf
_setmode
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
calloc
_set_new_mode

api-ms-win-crt-time-l1-1-0

_time64
_ctime64
strftime
_localtime64_s

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

_mkdir
_umask
_unlink

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/freshclam.lib
clamav-1.3.1.win.x64/include/clamav-types.h
clamav-1.3.1.win.x64/include/clamav-version.h
clamav-1.3.1.win.x64/include/clamav.h
clamav-1.3.1.win.x64/include/libfreshclam.h
clamav-1.3.1.win.x64/json-c.dll
.dll windows:6 windows x64 arch:x64

7cc385f010422f1faa2c7eb1e5c743a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetLastError
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

vcruntime140

memcpy
strrchr
strchr
__C_specific_handler
memset
memmove
strstr
__std_type_info_destroy_list
memcmp

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
calloc

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-stdio-l1-1-0

_write
_read
_close
__acrt_iob_func
__stdio_common_vfprintf
_open
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm
strerror
abort
_errno
_configure_narrow_argv
_initterm_e

api-ms-win-crt-convert-l1-1-0

strtoll
strtoull
strtod

api-ms-win-crt-string-l1-1-0

_strdup
_strnicmp
strncmp

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

_json_c_strerror
json_c_object_sizeof
json_c_set_serialization_double_format
json_c_shallow_copy_default
json_c_version
json_c_version_num
json_c_visit
json_object_array_add
json_object_array_bsearch
json_object_array_del_idx
json_object_array_get_idx
json_object_array_insert_idx
json_object_array_length
json_object_array_put_idx
json_object_array_shrink
json_object_array_sort
json_object_deep_copy
json_object_double_to_json_string
json_object_equal
json_object_free_userdata
json_object_from_fd
json_object_from_fd_ex
json_object_from_file
json_object_get
json_object_get_array
json_object_get_boolean
json_object_get_double
json_object_get_int
json_object_get_int64
json_object_get_object
json_object_get_string
json_object_get_string_len
json_object_get_type
json_object_get_uint64
json_object_get_userdata
json_object_int_inc
json_object_is_type
json_object_iter_begin
json_object_iter_end
json_object_iter_equal
json_object_iter_init_default
json_object_iter_next
json_object_iter_peek_name
json_object_iter_peek_value
json_object_new_array
json_object_new_array_ext
json_object_new_boolean
json_object_new_double
json_object_new_double_s
json_object_new_int
json_object_new_int64
json_object_new_null
json_object_new_object
json_object_new_string
json_object_new_string_len
json_object_new_uint64
json_object_object_add
json_object_object_add_ex
json_object_object_del
json_object_object_get
json_object_object_get_ex
json_object_object_length
json_object_put
json_object_set_boolean
json_object_set_double
json_object_set_int
json_object_set_int64
json_object_set_serializer
json_object_set_string
json_object_set_string_len
json_object_set_uint64
json_object_set_userdata
json_object_to_fd
json_object_to_file
json_object_to_file_ext
json_object_to_json_string
json_object_to_json_string_ext
json_object_to_json_string_length
json_object_userdata_to_json_string
json_parse_double
json_parse_int64
json_parse_uint64
json_patch_apply
json_pointer_get
json_pointer_getf
json_pointer_set
json_pointer_setf
json_tokener_error_desc
json_tokener_free
json_tokener_get_error
json_tokener_get_parse_end
json_tokener_new
json_tokener_new_ex
json_tokener_parse
json_tokener_parse_ex
json_tokener_parse_verbose
json_tokener_reset
json_tokener_set_flags
json_type_to_name
json_util_get_last_err
mc_debug
mc_error
mc_get_debug
mc_info
mc_set_debug
mc_set_syslog
printbuf_free
printbuf_memappend
printbuf_memset
printbuf_new
printbuf_reset
sprintbuf

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libbz2.dll
.dll windows:6 windows x64 arch:x64

5c603033ce0c1d18ab1cd2405553f4da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-stdio-l1-1-0

fwrite
fread
fopen
fgetc
ungetc
ferror
__stdio_common_vfprintf
_fileno
_setmode
fflush
__acrt_iob_func
fclose

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

exit
_execute_onexit_table
_initialize_onexit_table
_cexit
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-string-l1-1-0

isdigit

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

BZ2_bzBuffToBuffCompress
BZ2_bzBuffToBuffDecompress
BZ2_bzCompress
BZ2_bzCompressEnd
BZ2_bzCompressInit
BZ2_bzDecompress
BZ2_bzDecompressEnd
BZ2_bzDecompressInit
BZ2_bzRead
BZ2_bzReadClose
BZ2_bzReadGetUnused
BZ2_bzReadOpen
BZ2_bzWrite
BZ2_bzWriteClose
BZ2_bzWriteClose64
BZ2_bzWriteOpen
BZ2_bzclose
BZ2_bzdopen
BZ2_bzerror
BZ2_bzflush
BZ2_bzlibVersion
BZ2_bzopen
BZ2_bzread
BZ2_bzwrite

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libclamav.dll
.dll windows:6 windows x64 arch:x64

625c8f37b50255d352ae2b29bc191ed8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libclammspack

mspack_create_chm_decompressor
mspack_destroy_chm_decompressor
mspack_create_cab_decompressor
mspack_destroy_cab_decompressor

libcrypto-3-x64

BIO_new
BIO_set_flags
BIO_free
BN_free
BIO_read
BIO_write
BIO_ctrl
BIO_push
BIO_free_all
BIO_s_mem
BIO_new_mem_buf
BIO_f_base64
BN_zero_ex
BN_CTX_new
BN_CTX_free
BN_num_bits
BN_new
BN_bn2bin
BN_add
BN_set_word
BN_lshift
BN_mod_exp
BN_dec2bn
BN_hex2bn
BN_copy
BN_bin2bn
BN_cmp
BIO_s_file
EVP_MD_get_size
EVP_MD_get_block_size
EVP_MD_CTX_get0_md
EVP_MD_CTX_new
EVP_MD_CTX_free
EVP_MD_CTX_set_flags
EVP_DigestInit_ex
EVP_DigestUpdate
EVP_DigestFinal_ex
EVP_SignFinal
EVP_VerifyFinal
EVP_get_digestbyname
EVP_PKEY_get_size
EVP_PKEY_free
X509_verify_cert
X509_STORE_new
X509_STORE_free
X509_STORE_set_flags
X509_STORE_set1_param
X509_STORE_CTX_new
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_STORE_add_crl
X509_LOOKUP_ctrl
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_set_flags
X509_cmp_current_time
X509_free
X509_CRL_free
X509_get_pubkey
X509_CRL_get0_nextUpdate
PEM_read_bio_X509
PEM_read_X509
PEM_read_bio_X509_AUX
PEM_read_X509_CRL
PEM_read_PrivateKey
CRYPTO_free
BN_bn2hex

libbz2

BZ2_bzDecompressEnd
BZ2_bzDecompressInit
BZ2_bzDecompress

pcre2-8

pcre2_general_context_create_8
pcre2_get_error_message_8
pcre2_get_ovector_pointer_8
pcre2_match_data_free_8
pcre2_match_8
pcre2_match_data_create_from_pattern_8
pcre2_pattern_info_8
pcre2_code_free_8
pcre2_compile_8
pcre2_set_recursion_limit_8
pcre2_set_match_limit_8
pcre2_match_context_free_8
pcre2_general_context_free_8
pcre2_compile_context_create_8
pcre2_compile_context_free_8
pcre2_match_context_create_8

libxml2

xmlReaderWalker
xmlGetDocCompressMode
xmlFreeDoc
xmlReaderForFd
xmlTextReaderSetErrorHandler
xmlTextReaderLocatorBaseURI
xmlTextReaderGetAttribute
xmlStrEqual
xmlStrcasecmp
xmlStrdup
xmlTextReaderValue
xmlTextReaderLocalName
xmlTextReaderDepth
xmlFree
xmlTextReaderReadInnerXml
htmlGetMetaEncoding
htmlReadMemory
xmlInitParser
xmlFreeTextReader
xmlTextReaderClose
xmlReaderForIO
xmlStrcmp
xmlStrlen
xmlTextReaderRead
xmlTextReaderHasAttributes
xmlTextReaderIsEmptyElement
xmlTextReaderNodeType
xmlTextReaderConstLocalName
xmlTextReaderConstValue
xmlTextReaderMoveToFirstAttribute
xmlTextReaderMoveToNextAttribute
xmlTextReaderMoveToElement
xmlTextReaderNext
xmlTextReaderLocatorLineNumber
xmlReaderForMemory

json-c

json_object_put
json_object_new_object
json_object_object_get_ex
json_object_object_del
json_object_get_type
json_object_is_type
json_object_get
json_object_new_array
json_object_array_add
json_object_get_int
json_object_get_boolean
json_object_array_length
json_object_get_string
json_object_to_json_string_ext
json_object_object_add
json_object_new_string_len
json_object_new_string
json_object_new_double
json_object_new_int64
json_object_new_int
json_object_new_boolean
json_object_array_get_idx
json_object_array_put_idx

pthreadvc3

pthread_key_delete
pthread_mutex_init
pthread_mutex_destroy
pthread_mutex_unlock
pthread_mutex_lock
pthread_getspecific
pthread_win32_process_attach_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
pthread_once
pthread_setspecific
pthread_key_create
pthread_win32_process_detach_np

wsock32

WSAStartup
htons
ioctlsocket
WSACleanup
closesocket
WSAGetLastError
getsockopt
recv
send
__WSAFDIsSet
inet_ntoa
connect
select
socket

ws2_32

getaddrinfo
freeaddrinfo

bcrypt

BCryptGenRandom

kernel32

SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
RtlVirtualUnwind
UnhandledExceptionFilter
GetEnvironmentVariableW
GetFileAttributesExW
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
CreateThread
WriteConsoleW
FormatMessageW
GetModuleHandleW
GetConsoleMode
FindFirstFileW
FindNextFileW
GetModuleHandleA
CreateMutexA
WaitForSingleObjectEx
AcquireSRWLockShared
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
WakeConditionVariable
SleepConditionVariableSRW
WakeAllConditionVariable
TerminateProcess
WaitForSingleObject
GetStdHandle
InitializeSListHead
GetCurrentDirectoryW
SetLastError
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcess
AcquireSRWLockExclusive
SwitchToThread
SetThreadStackGuarantee
ReleaseSRWLockShared
FindClose
ReleaseMutex
ReleaseSRWLockExclusive
WriteFile
SetFilePointer
ReadFile
CreateFileA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadTimes
GetCurrentThread
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
GetCurrentProcessId
VirtualFree
VirtualAlloc
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetModuleFileNameA
lstrcmpiA
CopyFileA
GetLastError
CloseHandle
GetFinalPathNameByHandleW
CreateFileW
GetSystemInfo

advapi32

RegCloseKey
RegQueryValueExA
GetCurrentHwProfileA
SystemFunction036
RegOpenKeyExA

ntdll

RtlNtStatusToDosError
NtWriteFile

vcruntime140

strrchr
strstr
memchr
longjmp
__C_specific_handler
_CxxThrowException
memcpy
memcmp
memmove
strchr
__std_type_info_destroy_list
wcsrchr
__CxxFrameHandler3
wcsstr
memset
__intrinsic_setjmp

api-ms-win-crt-stdio-l1-1-0

putc
fputs
_get_osfhandle
_isatty
fputc
getc
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vfprintf
fopen
fread
puts
fgets
_wopen
_close
_lseek
_open
_chsize
_write
_lseeki64
fseek
ftell
_fileno
_dup
fclose
__stdio_common_vfscanf
_read
fflush
fwrite
clearerr
fgetc
ferror
feof
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
calloc

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_mkdir
_chmod
_rmdir
_unlink
remove
_access_s

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_set_errno
_initterm
_cexit
_errno
perror
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
strerror
_wassert

api-ms-win-crt-string-l1-1-0

wcsncpy
strncmp
isprint
strncat
strpbrk
strncpy
strcmp
_strnicmp
wcsncmp
isalnum
wcsncat
strcspn
tolower
toupper
isspace
isxdigit
isdigit
isupper
isalpha
_strdup
strlen
strtok_s
strnlen
islower

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_difftime64
clock
_ctime64
_mktime64
_ftime64_s
_localtime64
strftime
_localtime64_s
_time64

api-ms-win-crt-convert-l1-1-0

atol
strtol
wcstombs
atof
strtoul
atoi
strtoll

api-ms-win-crt-math-l1-1-0

sin
ceil
_fdopen
log
sqrt
cos
roundf
floorf
powf
truncf
exp2f
expf
sinf
pow
ceilf
exp

Exports

Exports

ARMT_Convert
ARM_Convert
Bcj2_Decode
BraState_Free
BraState_Init
BraState_SetFromMethod
BraState_SetProps
Buf_Create
Buf_Free
Buf_Init
Crc64Calc
Crc64GenerateTable
Crc64Update
CrcCalc
CrcUpdate
Delta_Decode
Delta_Encode
Delta_Init
DllMain
DynBuf_Construct
DynBuf_Free
DynBuf_SeekToBeg
DynBuf_Write
EXTENDED_FUNCTIONS
FUNCTIONS
FileInStream_CreateVTable
FileOutStream_CreateVTable
FileSeqInStream_CreateVTable
File_Close
File_Construct
File_Read
File_Seek
File_Write
IA64_Convert
InFile_Open
InFile_OpenW
LookInStream_LookRead
LookInStream_Read
LookInStream_Read2
LookInStream_SeekTo
LookToRead_CreateVTable
LookToRead_Init
Lzma2Dec_Allocate
Lzma2Dec_AllocateProbs
Lzma2Dec_DecodeToBuf
Lzma2Dec_DecodeToDic
Lzma2Dec_Init
Lzma2Decode
LzmaDec_Allocate
LzmaDec_AllocateProbs
LzmaDec_DecodeToBuf
LzmaDec_DecodeToDic
LzmaDec_Free
LzmaDec_FreeProbs
LzmaDec_Init
LzmaDec_InitDicAndState
LzmaDecode
LzmaProps_Decode
MixCoder_Code
MixCoder_Construct
MixCoder_Free
MixCoder_Init
MixCoder_SetFromMethod
OPCODE_NAMES
OutFile_Open
OutFile_OpenW
PPC_Convert
Ppmd7_Alloc
Ppmd7_Construct
Ppmd7_DecodeSymbol
Ppmd7_Free
Ppmd7_Init
Ppmd7_MakeEscFreq
Ppmd7_Update1
Ppmd7_Update1_0
Ppmd7_Update2
Ppmd7_UpdateBin
Ppmd7z_RangeDec_CreateVTable
Ppmd7z_RangeDec_Init
SPARC_Convert
SecToLook_CreateVTable
SecToRead_CreateVTable
SeqInStream_Read
SeqInStream_Read2
SeqInStream_ReadByte
SzAlloc
SzAllocTemp
SzArEx_Extract
SzArEx_Free
SzArEx_GetFileNameUtf16
SzArEx_GetFolderFullPackSize
SzArEx_GetFolderStreamPos
SzArEx_Init
SzArEx_Open
SzAr_Free
SzAr_Init
SzCoderInfo_Free
SzCoderInfo_Init
SzFile_Init
SzFolder_Decode
SzFolder_FindBindPairForInStream
SzFolder_FindBindPairForOutStream
SzFolder_Free
SzFolder_GetNumOutStreams
SzFolder_GetUnpackSize
SzFolder_Init
SzFree
SzFreeTemp
TOKENS
XZ_FOOTER_SIG
XZ_SIG
XzBlock_Parse
XzBlock_ReadHeader
XzCheck_Final
XzCheck_Init
XzCheck_Update
XzDec_Init
XzFlags_GetCheckSize
XzUnpacker_Code
XzUnpacker_Create
XzUnpacker_Free
XzUnpacker_IsStreamWasFinished
Xz_Construct
Xz_Free
Xz_GetPackSize
Xz_GetUnpackSize
Xz_ParseHeader
Xz_ReadHeader
Xz_ReadVarInt
Xz_WriteVarInt
Xzs_Construct
Xzs_Free
Xzs_GetNumBlocks
Xzs_GetUnpackSize
Xzs_ReadBackward
__cli_strcasestr
__cli_strndup
__cli_strnlen
__cli_strnstr
__isa_available_default
__local_stdio_printf_options
__local_stdio_scanf_options
__lzma_wrap_alloc
__lzma_wrap_free
__xz_wrap_alloc
__xz_wrap_free
_snprintf
_yr_arena_make_relocatable
_yr_arena_new_page
_yr_arena_page_for_address
_yr_compiler_pop_file
_yr_compiler_pop_file_name
_yr_compiler_push_file
_yr_compiler_push_file_name
_yr_parser_write_string
adc_decompress
adc_decompressEnd
adc_decompressInit
allow_list_done
allow_list_match
arc4_apply
arc4_init
asn1_check_mscat
asn1_load_mscat
autoit_functions
autoit_keywords
base64Flush
bc_opstr
bc_tystr
binhexBegin
blank_key
blobAddData
blobArrayDestroy
blobClose
blobCreate
blobDestroy
blobGetData
blobGetDataSize
blobGrow
blobSetFilename
blobToMem
blobcmp
bounceBegin
byte_to_int32
bytecode_init
cdn_ctn_is_valid
cdn_eft_is_valid
cl_ASN1_GetTimeT
cl_always_gen_section_hash
cl_base64_decode
cl_base64_encode
cl_cleanup_crypto
cl_countsigs
cl_cvdfree
cl_cvdgetage
cl_cvdhead
cl_cvdparse
cl_cvdunpack
cl_cvdverify
cl_debug
cl_engine_addref
cl_engine_compile
cl_engine_free
cl_engine_get_num
cl_engine_get_str
cl_engine_new
cl_engine_set_clcb_engine_compile_progress
cl_engine_set_clcb_engine_free_progress
cl_engine_set_clcb_file_inspection
cl_engine_set_clcb_file_props
cl_engine_set_clcb_hash
cl_engine_set_clcb_meta
cl_engine_set_clcb_post_scan
cl_engine_set_clcb_pre_cache
cl_engine_set_clcb_pre_scan
cl_engine_set_clcb_sigload
cl_engine_set_clcb_sigload_progress
cl_engine_set_clcb_stats_add_sample
cl_engine_set_clcb_stats_decrement_count
cl_engine_set_clcb_stats_flush
cl_engine_set_clcb_stats_get_hostid
cl_engine_set_clcb_stats_get_num
cl_engine_set_clcb_stats_get_size
cl_engine_set_clcb_stats_remove_sample
cl_engine_set_clcb_stats_submit
cl_engine_set_clcb_vba
cl_engine_set_clcb_virus_found
cl_engine_set_num
cl_engine_set_stats_set_cbdata
cl_engine_set_str
cl_engine_settings_apply
cl_engine_settings_copy
cl_engine_settings_free
cl_engine_stats_enable
cl_finish_hash
cl_fmap_close
cl_fmap_open_handle
cl_fmap_open_memory
cl_get_pkey_file
cl_get_x509_from_mem
cl_hash_data
cl_hash_destroy
cl_hash_file_fd
cl_hash_file_fd_ctx
cl_hash_file_fp
cl_hash_init
cl_init
cl_initialize_crypto
cl_load
cl_load_cert
cl_load_crl
cl_retdbdir
cl_retflevel
cl_retver
cl_scandesc
cl_scandesc_callback
cl_scanfile
cl_scanfile_callback
cl_scanmap_callback
cl_set_clcb_msg
cl_sha1
cl_sha256
cl_sha384
cl_sha512
cl_sign_data
cl_sign_data_keyfile
cl_sign_file_fd
cl_sign_file_fp
cl_statchkdir
cl_statfree
cl_statinidir
cl_strerror
cl_update_hash
cl_validate_certificate_chain
cl_validate_certificate_chain_ts_dir
cl_verify_signature
cl_verify_signature_fd
cl_verify_signature_fd_x509
cl_verify_signature_fd_x509_keyfile
cl_verify_signature_hash
cl_verify_signature_hash_x509
cl_verify_signature_hash_x509_keyfile
cl_verify_signature_x509
cl_verify_signature_x509_keyfile
clamav_stats_add_sample
clamav_stats_decrement_count
clamav_stats_flush
clamav_stats_get_hostid
clamav_stats_get_num
clamav_stats_get_size
clamav_stats_remove_sample
clamav_stats_submit
clean_cache_add
clean_cache_check
clean_cache_destroy
clean_cache_init
clean_cache_remove
cli_7unz
cli_LzmaDecode
cli_LzmaInit
cli_LzmaShutdown
cli_XzDecode
cli_XzInit
cli_XzShutdown
cli_ac_addpatt
cli_ac_addsig
cli_ac_buildtrie
cli_ac_caloff
cli_ac_chklsig
cli_ac_chkmacro
cli_ac_free
cli_ac_freedata
cli_ac_init
cli_ac_initdata
cli_ac_scanbuff
cli_add_content_match_pattern
cli_always_gen_section_hash
cli_append_potentially_unwanted
cli_append_potentially_unwanted_if_heur_exceedsmax
cli_append_virus
cli_basename
cli_bcapi_atoi
cli_bcapi_buffer_pipe_done
cli_bcapi_buffer_pipe_new
cli_bcapi_buffer_pipe_new_fromfile
cli_bcapi_buffer_pipe_read_avail
cli_bcapi_buffer_pipe_read_get
cli_bcapi_buffer_pipe_read_stopped
cli_bcapi_buffer_pipe_write_avail
cli_bcapi_buffer_pipe_write_get
cli_bcapi_buffer_pipe_write_stopped
cli_bcapi_bytecode_rt_error
cli_bcapi_bzip2_done
cli_bcapi_bzip2_init
cli_bcapi_bzip2_process
cli_bcapi_check_platform
cli_bcapi_debug_print_str
cli_bcapi_debug_print_str_nonl
cli_bcapi_debug_print_str_start
cli_bcapi_debug_print_uint
cli_bcapi_disable_bytecode_if
cli_bcapi_disable_jit_if
cli_bcapi_disasm_x86
cli_bcapi_engine_db_options
cli_bcapi_engine_dconf_level
cli_bcapi_engine_functionality_level
cli_bcapi_engine_scan_options
cli_bcapi_engine_scan_options_ex
cli_bcapi_entropy_buffer
cli_bcapi_extract_new
cli_bcapi_extract_set_container
cli_bcapi_file_byteat
cli_bcapi_file_find
cli_bcapi_file_find_limit
cli_bcapi_fill_buffer
cli_bcapi_get_environment
cli_bcapi_get_file_reliability
cli_bcapi_get_pe_section
cli_bcapi_hashset_add
cli_bcapi_hashset_contains
cli_bcapi_hashset_done
cli_bcapi_hashset_empty
cli_bcapi_hashset_new
cli_bcapi_hashset_remove
cli_bcapi_hex2ui
cli_bcapi_icos
cli_bcapi_iexp
cli_bcapi_ilog2
cli_bcapi_inflate_done
cli_bcapi_inflate_init
cli_bcapi_inflate_process
cli_bcapi_input_switch
cli_bcapi_ipow
cli_bcapi_isin
cli_bcapi_jsnorm_done
cli_bcapi_jsnorm_init
cli_bcapi_jsnorm_process
cli_bcapi_json_get_array_idx
cli_bcapi_json_get_array_length
cli_bcapi_json_get_boolean
cli_bcapi_json_get_int
cli_bcapi_json_get_object
cli_bcapi_json_get_string
cli_bcapi_json_get_string_length
cli_bcapi_json_get_type
cli_bcapi_json_is_active
cli_bcapi_lzma_done
cli_bcapi_lzma_init
cli_bcapi_lzma_process
cli_bcapi_malloc
cli_bcapi_map_addkey
cli_bcapi_map_done
cli_bcapi_map_find
cli_bcapi_map_getvalue
cli_bcapi_map_getvaluesize
cli_bcapi_map_new
cli_bcapi_map_remove
cli_bcapi_map_setvalue
cli_bcapi_matchicon
cli_bcapi_memstr
cli_bcapi_pdf_get_dumpedobjid
cli_bcapi_pdf_get_flags
cli_bcapi_pdf_get_obj_num
cli_bcapi_pdf_get_offset
cli_bcapi_pdf_get_phase
cli_bcapi_pdf_getobj
cli_bcapi_pdf_getobjflags
cli_bcapi_pdf_getobjid
cli_bcapi_pdf_getobjsize
cli_bcapi_pdf_lookupobj
cli_bcapi_pdf_set_flags
cli_bcapi_pdf_setobjflags
cli_bcapi_pe_rawaddr
cli_bcapi_read
cli_bcapi_read_number
cli_bcapi_running_on_jit
cli_bcapi_seek
cli_bcapi_setvirusname
cli_bcapi_test1
cli_bcapi_test2
cli_bcapi_trace_directory
cli_bcapi_trace_op
cli_bcapi_trace_ptr
cli_bcapi_trace_scope
cli_bcapi_trace_source
cli_bcapi_trace_value
cli_bcapi_version_compare
cli_bcapi_write
cli_bcomp_addpatt
cli_bcomp_chk_hex
cli_bcomp_compare_check
cli_bcomp_freemeta
cli_bcomp_normalize_buffer
cli_bcomp_scanbuf
cli_binhex
cli_bitset_free
cli_bitset_init
cli_bitset_set
cli_bitset_test
cli_bm_addpatt
cli_bm_free
cli_bm_freeoff
cli_bm_init
cli_bm_initoff
cli_bm_scanbuff
cli_build_regex_list
cli_bytecode_context_alloc
cli_bytecode_context_destroy
cli_bytecode_context_getresult_file
cli_bytecode_context_getresult_int
cli_bytecode_context_set_trace
cli_bytecode_context_setctx
cli_bytecode_context_setfile
cli_bytecode_context_setfuncid
cli_bytecode_context_setparam_int
cli_bytecode_context_setparam_ptr
cli_bytecode_context_setpdf
cli_bytecode_context_setpe
cli_bytecode_debug
cli_bytecode_debug_printsrc
cli_bytecode_describe
cli_bytecode_destroy
cli_bytecode_done
cli_bytecode_done_jit
cli_bytecode_init
cli_bytecode_init_jit
cli_bytecode_load
cli_bytecode_prepare2
cli_bytecode_prepare_jit
cli_bytecode_printversion
cli_bytecode_run
cli_bytecode_runhook
cli_bytecode_runlsig
cli_bytefunc_describe
cli_byteinst_describe
cli_bytetype_describe
cli_bytevalue_describe
cli_calloc
cli_caloff
cli_check_auth_header
cli_check_fp
cli_check_mydoom_log
cli_check_riff_exploit
cli_checklimits
cli_checktimelimit
cli_chomp
cli_codepage_to_utf8
cli_compare_ftm_file
cli_compare_ftm_partition
cli_crt_clear
cli_crt_init
cli_ctime
cli_cvdload
cli_dbgets
cli_dbgmsg
cli_dbgmsg_no_inline
cli_dconf_init
cli_dconf_load
cli_dconf_print
cli_debug_flag

Sections

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libclammspack.dll
.dll windows:6 windows x64 arch:x64

7292a602d2ee89e0d7a89dfecd76cbe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset
memcmp

api-ms-win-crt-string-l1-1-0

tolower

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-stdio-l1-1-0

ftell
fseek
fread
fputc
fopen
fflush
ferror
fclose
__acrt_iob_func
fwrite
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_cexit
_initialize_narrow_environment
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initterm

kernel32

GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

Exports

Exports

__local_stdio_printf_options
fprintf
lzss_decompress
lzxd_decompress
lzxd_free
lzxd_init
lzxd_set_output_length
lzxd_set_reference_data
mspack_create_cab_compressor
mspack_create_cab_decompressor
mspack_create_chm_compressor
mspack_create_chm_decompressor
mspack_create_hlp_compressor
mspack_create_hlp_decompressor
mspack_create_kwaj_compressor
mspack_create_kwaj_decompressor
mspack_create_lit_compressor
mspack_create_lit_decompressor
mspack_create_oab_compressor
mspack_create_oab_decompressor
mspack_create_szdd_compressor
mspack_create_szdd_decompressor
mspack_default_system
mspack_destroy_cab_compressor
mspack_destroy_cab_decompressor
mspack_destroy_chm_compressor
mspack_destroy_chm_decompressor
mspack_destroy_hlp_compressor
mspack_destroy_hlp_decompressor
mspack_destroy_kwaj_compressor
mspack_destroy_kwaj_decompressor
mspack_destroy_lit_compressor
mspack_destroy_lit_decompressor
mspack_destroy_oab_compressor
mspack_destroy_oab_decompressor
mspack_destroy_szdd_compressor
mspack_destroy_szdd_decompressor
mspack_sys_filelen
mspack_sys_selftest_internal
mspack_valid_system
mspack_version
mszipd_decompress
mszipd_decompress_kwaj
mszipd_free
mszipd_init
qtmd_decompress
qtmd_free
qtmd_init

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libclamunrar.dll
.dll windows:6 windows x64 arch:x64

a714c504dfe73a32980c347a4395aecf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeviceIoControl
GetCurrentProcess
CreateHardLinkW
GetLongPathNameW
GetShortPathNameW
MoveFileW
FlushFileBuffers
GetFileTime
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GetDiskFreeSpaceExW
GetDriveTypeW
GetFileAttributesW
SetFileAttributesW
GetCurrentProcessId
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
GetCurrentDirectoryW
GetFullPathNameW
GetModuleFileNameW
FoldStringW
FreeLibrary
GetProcAddress
CompareStringA
GetLocaleInfoW
CreateEventW
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetSystemDirectoryW
LoadLibraryW
SetThreadExecutionState
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
CreateThread
GetProcessAffinityMask
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
IsDBCSLeadByte
GetVersionExW
LocalFree
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetFileTime
RemoveDirectoryW
DeleteFileW
GetStdHandle
CreateFileW
CreateDirectoryW
SetConsoleCtrlHandler
Sleep
SetLastError
GetLastError
AreFileApisANSI
GetConsoleMode
GetFileType
SetEvent

user32

CharToOemBuffW
CharToOemA
OemToCharBuffA
OemToCharA
CharLowerW
ExitWindowsEx
CharUpperW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoSetProxyBlanket
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
VariantClear

advapi32

OpenProcessToken
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
LookupPrivilegeValueW
SetFileSecurityW
AdjustTokenPrivileges
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

powrprof

SetSuspendState

vcruntime140

_CxxThrowException
memcmp
wcsstr
memmove
memset
__std_terminate
wcschr
memcpy
__std_exception_destroy
__std_exception_copy
__std_type_info_destroy_list
__C_specific_handler
__current_exception_context
__current_exception
wcsrchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
terminate
exit
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
realloc

api-ms-win-crt-stdio-l1-1-0

_fileno
__acrt_iob_func
__stdio_common_vsprintf
_setmode
__stdio_common_vswprintf
setbuf

api-ms-win-crt-convert-l1-1-0

wcstol

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

wcsncmp
wcspbrk
wcsncpy
_wcsdup
strnlen

api-ms-win-crt-time-l1-1-0

clock

Exports

Exports

??$_Allocate_manually_vector_aligned@U_Default_allocate_traits@std@@@std@@YAPEAX_K@Z
??$_Assign_counted_range@PEA_W@?$vector@_WV?$allocator@_W@std@@@std@@AEAAXPEA_W_K@Z
??$_Copy_memmove@PEADPEAD@std@@YAPEADPEAD00@Z
??$_Copy_memmove@PEA_WPEA_W@std@@YAPEA_WPEA_W00@Z
??$_Copy_memmove_n@PEA_WPEA_W@std@@YAPEA_WPEA_W_K0@Z
??$_Emplace_reallocate@D@?$vector@DV?$allocator@D@std@@@std@@AEAAPEADQEAD$$QEAD@Z
??$_Reallocate_for@V<lambda_3fa8b2c8193a0f3144fc4b1b8f243931>@@PEB_W@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AEAAAEAV01@_KV<lambda_3fa8b2c8193a0f3144fc4b1b8f243931>@@PEB_W@Z
??$_Zero_range@PEAD@std@@YAPEADQEAD0@Z
??$_Zero_range@PEA_W@std@@YAPEA_WQEA_W0@Z
??$uiMsg@$$T@@YAXW4UIMESSAGE_CODE@@$$QEA$$T@Z
??$uiMsg@$$TAEAY0IAA@_WAEAPEA_W@@YAXW4UIMESSAGE_CODE@@$$QEA$$TAEAY0IAA@_WAEAPEA_W@Z
??$uiMsg@$$V@@YAXW4UIMESSAGE_CODE@@@Z
??$uiMsg@AEAH@@YAXW4UIMESSAGE_CODE@@AEAH@Z
??$uiMsg@AEAI@@YAXW4UIMESSAGE_CODE@@AEAI@Z
??$uiMsg@AEAPEA_W@@YAXW4UIMESSAGE_CODE@@AEAPEA_W@Z
??$uiMsg@AEAPEA_WAEAPEA_WAEAPEA_W@@YAXW4UIMESSAGE_CODE@@AEAPEA_W11@Z
??$uiMsg@AEAPEA_WAEAY0IAA@_W@@YAXW4UIMESSAGE_CODE@@AEAPEA_WAEAY0IAA@_W@Z
??$uiMsg@AEAPEB_W@@YAXW4UIMESSAGE_CODE@@AEAPEB_W@Z
??$uiMsg@AEAPEB_WAEAPEB_W@@YAXW4UIMESSAGE_CODE@@AEAPEB_W1@Z
??$uiMsg@AEAY03$$CB_WH@@YAXW4UIMESSAGE_CODE@@AEAY03$$CB_W$$QEAH@Z
??$uiMsg@AEAY0EAA@_W@@YAXW4UIMESSAGE_CODE@@AEAY0EAA@_W@Z
??$uiMsg@AEAY0IAA@_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_W@Z
??$uiMsg@AEAY0IAA@_WAEAPEB_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_WAEAPEB_W@Z
??$uiMsg@AEAY0IAA@_WAEAPEB_WAEAPEB_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_WAEAPEB_W2@Z
??$uiMsg@AEAY0IAA@_WAEAY01$$CB_WAEAY0IAA@_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_WAEAY01$$CB_W1@Z
??$uiMsg@AEAY0IAA@_WAEAY0IAA@_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_W1@Z
??$uiMsg@AEAY0IAA@_WAEAY0IAA@_WAEAY0IAA@_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_W11@Z
??$uiMsg@AEAY0IAA@_WAEAY0IAC@_W@@YAXW4UIMESSAGE_CODE@@AEAY0IAA@_WAEAY0IAC@_W@Z
??$uiMsg@H@@YAXW4UIMESSAGE_CODE@@$$QEAH@Z
??$uiMsg@PEA_WAEAPEB_W@@YAXW4UIMESSAGE_CODE@@$$QEAPEA_WAEAPEB_W@Z
??$uiMsgBase@AEA$$T$$V@@YAXAEAVuiMsgStore@@AEA$$T@Z
??$uiMsgBase@AEA$$TAEAY0IAA@_WAEAPEA_W@@YAXAEAVuiMsgStore@@AEA$$TAEAY0IAA@_WAEAPEA_W@Z
??$uiMsgBase@AEAH$$V@@YAXAEAVuiMsgStore@@AEAH@Z
??$uiMsgBase@AEAI$$V@@YAXAEAVuiMsgStore@@AEAI@Z
??$uiMsgBase@AEAPEA_W$$V@@YAXAEAVuiMsgStore@@AEAPEA_W@Z
??$uiMsgBase@AEAPEA_WAEAPEA_W@@YAXAEAVuiMsgStore@@AEAPEA_W1@Z
??$uiMsgBase@AEAPEA_WAEAPEA_WAEAPEA_W@@YAXAEAVuiMsgStore@@AEAPEA_W11@Z
??$uiMsgBase@AEAPEA_WAEAPEB_W@@YAXAEAVuiMsgStore@@AEAPEA_WAEAPEB_W@Z
??$uiMsgBase@AEAPEA_WAEAY0IAA@_W@@YAXAEAVuiMsgStore@@AEAPEA_WAEAY0IAA@_W@Z
??$uiMsgBase@AEAPEB_W$$V@@YAXAEAVuiMsgStore@@AEAPEB_W@Z
??$uiMsgBase@AEAPEB_WAEAPEB_W@@YAXAEAVuiMsgStore@@AEAPEB_W1@Z
??$uiMsgBase@AEAY01$$CB_WAEAY0IAA@_W@@YAXAEAVuiMsgStore@@AEAY01$$CB_WAEAY0IAA@_W@Z
??$uiMsgBase@AEAY03$$CB_WAEAH@@YAXAEAVuiMsgStore@@AEAY03$$CB_WAEAH@Z
??$uiMsgBase@AEAY0EAA@_W$$V@@YAXAEAVuiMsgStore@@AEAY0EAA@_W@Z
??$uiMsgBase@AEAY0IAA@_W$$V@@YAXAEAVuiMsgStore@@AEAY0IAA@_W@Z
??$uiMsgBase@AEAY0IAA@_WAEAPEA_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_WAEAPEA_W@Z
??$uiMsgBase@AEAY0IAA@_WAEAPEB_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_WAEAPEB_W@Z
??$uiMsgBase@AEAY0IAA@_WAEAPEB_WAEAPEB_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_WAEAPEB_W2@Z
??$uiMsgBase@AEAY0IAA@_WAEAY01$$CB_WAEAY0IAA@_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_WAEAY01$$CB_W1@Z
??$uiMsgBase@AEAY0IAA@_WAEAY0IAA@_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_W1@Z
??$uiMsgBase@AEAY0IAA@_WAEAY0IAA@_WAEAY0IAA@_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_W11@Z
??$uiMsgBase@AEAY0IAA@_WAEAY0IAC@_W@@YAXAEAVuiMsgStore@@AEAY0IAA@_WAEAY0IAC@_W@Z
??$uiMsgBase@AEAY0IAC@_W$$V@@YAXAEAVuiMsgStore@@AEAY0IAC@_W@Z
??0?$Array@D@@QEAA@XZ
??0?$Array@D@@QEAA@_K@Z
??0?$Array@E@@QEAA@XZ
??0?$Array@E@@QEAA@_K@Z
??0?$Array@H@@QEAA@XZ
??0?$Array@PEAUUnpackFilter30@@@@QEAA@XZ
??0?$Array@UExtractRef@CmdExtract@@@@QEAA@XZ
??0?$Array@URecVolItem@@@@QEAA@XZ
??0?$Array@UUnpackFilter@@@@QEAA@XZ
??0?$Array@_W@@QEAA@XZ
??0?$Array@_W@@QEAA@_K@Z
??0Archive@@QEAA@PEAVCommandData@@@Z
??0BitInput@@QEAA@_N@Z
??0CmdExtract@@QEAA@PEAVCommandData@@@Z
??0CommandData@@QEAA@XZ
??0ComprDataIO@@QEAA@XZ
??0CryptData@@QEAA@XZ
??0DataHash@@QEAA@XZ
??0EncodeFileName@@QEAA@XZ
??0ErrorHandler@@QEAA@XZ
??0File@@QEAA@XZ
??0FindFile@@QEAA@XZ
??0FragmentedWindow@@QEAA@XZ
??0KDF3CacheItem@CryptData@@QEAA@XZ
??0KDF5CacheItem@CryptData@@QEAA@XZ
??0ModelPPM@@QEAA@XZ
??0QuickOpen@@QEAA@XZ
??0RAROptions@@QEAA@XZ
??0RSCoder16@@QEAA@XZ
??0RarVM@@QEAA@XZ
??0RawRead@@QEAA@PEAVFile@@@Z
??0RawRead@@QEAA@XZ
??0RecVolumes3@@QEAA@PEAVCommandData@@_N@Z
??0RecVolumes5@@QEAA@PEAVCommandData@@_N@Z
??0Rijndael@@QEAA@XZ
??0ScanTree@@QEAA@PEAVStringList@@W4RECURSE_MODE@@_NW4SCAN_DIRS@@@Z
??0SecPassword@@QEAA@XZ
??0StringList@@QEAA@XZ
??0SubAllocator@@QEAA@XZ
??0SupportDBCS@@QEAA@XZ
??0ThreadPool@@QEAA@I@Z
??0Unpack@@QEAA@PEAVComprDataIO@@@Z
??0UnpackThreadData@@QEAA@XZ
??0bad_alloc@std@@QEAA@AEBV01@@Z
??0bad_alloc@std@@QEAA@XZ
??0bad_array_new_length@std@@QEAA@AEBV01@@Z
??0bad_array_new_length@std@@QEAA@XZ
??0blake2s_state@@QEAA@AEAU0@@Z
??0blake2s_state@@QEAA@XZ
??0blake2sp_state@@QEAA@AEAU0@@Z
??0exception@std@@QEAA@AEBV01@@Z
??1?$Array@D@@QEAA@XZ
??1?$Array@E@@QEAA@XZ
??1?$Array@H@@QEAA@XZ
??1?$Array@PEAUUnpackFilter30@@@@QEAA@XZ
??1?$Array@UExtractRef@CmdExtract@@@@QEAA@XZ
??1?$Array@URecVolItem@@@@QEAA@XZ
??1?$Array@UUnpackFilter@@@@QEAA@XZ
??1?$Array@_W@@QEAA@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@XZ
??1?$vector@DV?$allocator@D@std@@@std@@QEAA@XZ
??1?$vector@_JV?$allocator@_J@std@@@std@@QEAA@XZ
??1?$vector@_WV?$allocator@_W@std@@@std@@QEAA@XZ
??1Archive@@UEAA@XZ
??1BitInput@@QEAA@XZ
??1CmdExtract@@QEAA@XZ
??1CommandData@@QEAA@XZ
??1ComprDataIO@@QEAA@XZ
??1CryptData@@QEAA@XZ
??1DataHash@@QEAA@XZ
??1DataSet@@QEAA@XZ
??1File@@UEAA@XZ
??1FileHeader@@QEAA@XZ
??1FindFile@@QEAA@XZ
??1FragmentedWindow@@QEAA@XZ
??1KDF3CacheItem@CryptData@@QEAA@XZ
??1KDF5CacheItem@CryptData@@QEAA@XZ
??1MainHeader@@QEAA@XZ
??1ModelPPM@@QEAA@XZ
??1QuickOpen@@QEAA@XZ
??1RSCoder16@@QEAA@XZ
??1RarCheckPassword@@QEAA@XZ
??1RarVM@@QEAA@XZ
??1RawRead@@QEAA@XZ
??1RecVolumes3@@QEAA@XZ
??1RecVolumes5@@QEAA@XZ
??1ScanTree@@QEAA@XZ
??1SecPassword@@QEAA@XZ
??1StringList@@QEAA@XZ
??1ThreadPool@@QEAA@XZ
??1Unpack@@QEAA@XZ
??1UnpackThreadData@@QEAA@XZ
??1_bstr_t@@QEAA@XZ
??1bad_alloc@std@@UEAA@XZ
??1bad_array_new_length@std@@UEAA@XZ
??1exception@std@@UEAA@XZ
??4?$Array@E@@QEAAAEAV0@AEBV0@@Z
??4File@@QEAAXAEAV0@@Z
??4FileHeader@@QEAAAEAU0@AEAU0@@Z
??8HashValue@@QEBA_NAEBU0@@Z
??8SecPassword@@QEAA_NAEAV0@@Z
??AFragmentedWindow@@QEAAAEAE_K@Z
??_H@YAXPEAX_K1P6APEAX0@Z@Z
??_R0?AVArchive@@@8
??_R0?AVCheckPassword@@@8
??_R0?AVFile@@@8
??_R0?AVRarCheckPassword@@@8
??_R0?AVbad_alloc@std@@@8
??_R0?AVbad_array_new_length@std@@@8
??_R0?AVexception@std@@@8
??_R0?AW4RAR_EXIT@@@8
??__G@YAXPEAX0_K1P6APEAX00@Z@Z
?Add@?$Array@D@@QEAAX_K@Z
?Add@?$Array@E@@QEAAX_K@Z
?Add@?$Array@H@@QEAAX_K@Z
?Add@?$Array@I@@QEAAX_K@Z
?Add@?$Array@PEAUUnpackFilter30@@@@QEAAX_K@Z
?Add@?$Array@UExtractRef@CmdExtract@@@@QEAAX_K@Z
?Add@?$Array@URecVolItem@@@@QEAAX_K@Z
?Add@?$Array@UUnpackFilter@@@@QEAAX_K@Z
?Add@?$Array@_W@@QEAAX_K@Z
?AddArcName@CommandData@@QEAAXPEB_W@Z
?AddEndSlash@@YAXPEA_W_K@Z
?AddFilter@Unpack@@AEAA_NAEAUUnpackFilter@@@Z
?AddString@StringList@@QEAAXPEB_W@Z
?AddStringA@StringList@@QEAAXPEBD@Z
?AddTask@ThreadPool@@QEAAXP6AXPEAX@Z0@Z
?AddVMCode@Unpack@@AEAA_NIPEAEI@Z
?Adjust@RarTime@@QEAAX_J@Z
?AdjustTotalArcSize@ComprDataIO@@QEAAXPEAVArchive@@@Z
?Alloc@?$Array@D@@QEAAX_K@Z
?Alloc@?$Array@E@@QEAAX_K@Z
?Alloc@?$Array@URecVolItem@@@@QEAAX_K@Z
?Alloc@?$Array@UUnpackFilter@@@@QEAAX_K@Z
?Alloc@?$Array@_W@@QEAAX_K@Z
?AllocUnits@SubAllocator@@QEAAPEAXH@Z
?AllocUnitsRare@SubAllocator@@AEAAPEAXH@Z
?AnalyzeArchive@CmdExtract@@AEAAXPEB_W_N1@Z
?ApplyFilter@Unpack@@AEAAPEAEPEAEIPEAUUnpackFilter@@@Z
?ArcBrokenMsg@ErrorHandler@@QEAAXPEB_W@Z
?ArcCharToWide@@YAXPEBDPEA_W_KW4ACTW_ENCODING@@@Z
?AskRepeatRead@ErrorHandler@@QEAAXPEB_WAEA_N11@Z
?AskRepeatWrite@ErrorHandler@@QEAA_NPEB_W_N@Z
?BadSwitch@CommandData@@AEAAXPEB_W@Z
?BinToHex@@YAXPEBE_KPEADPEA_W1@Z
?Blake2Thread@@YAXPEAX@Z
?BrokenHeaderMsg@Archive@@AEAAXXZ
?CRC32@@YAIIPEBX_K@Z
?CalcFileSum@@YAXPEAVFile@@PEAIPEAEI_JI@Z
?CharToWide@@YA_NPEBDPEA_W_K@Z
?Check@RarCheckPassword@@UEAA_NPEAVSecPassword@@@Z
?CheckArc@Archive@@QEAAX_N@Z
?CheckArgs@CommandData@@SA_NPEAVStringList@@_NPEB_W1H@Z
?CheckOpen@Archive@@QEAAXPEB_W@Z
?CheckUnpVer@CmdExtract@@AEAA_NAEAVArchive@@PEB_W@Z
?CheckWinSize@CommandData@@QEAA_NXZ
?Checksum14@@YAGGPEBX_K@Z
?ChecksumFailedMsg@ErrorHandler@@QEAAXPEB_W0@Z
?Clean@ErrorHandler@@QEAAXXZ
?Clean@SecPassword@@QEAAXXZ
?Clean@SubAllocator@@QEAAXXZ
?CleanUp@ModelPPM@@QEAAXXZ
?Close@File@@UEAA_NXZ
?Close@QuickOpen@@AEAAXXZ
?CloseError@ErrorHandler@@QEAAXPEB_W@Z
?Cmp@DataHash@@QEAA_NPEAUHashValue@@PEAE@Z
?CmpExt@@YA_NPEB_W0@Z
?CmpName@@YA_NPEB_W0H@Z
?ConvertAttributes@Archive@@QEAAXXZ
?ConvertDosPassword@CmdExtract@@AEAAXAEAVArchive@@AEAVSecPassword@@@Z
?ConvertFileHeader@Archive@@AEAAXPEAUFileHeader@@@Z
?ConvertHashToMAC@@YAXPEAUHashValue@@PEAE@Z
?ConvertNameCase@Archive@@AEAAXPEA_W@Z
?ConvertNameToFull@@YAXPEB_WPEA_W_K@Z
?ConvertPath@@YAPEA_WPEB_WPEA_W_K@Z
?ConvertToPrecomposed@@YAXPEA_W_K@Z
?Copy@File@@QEAA_JAEAV1@_J@Z
?CopyData@FragmentedWindow@@QEAAXPEAE_K1@Z
?CopyString15@Unpack@@AEAAXII@Z
?CopyString20@Unpack@@AEAAXII@Z
?CopyString@FragmentedWindow@@QEAAXIIAEA_K_K@Z
?CorrHuff@Unpack@@AEAAXPEAGPEAE@Z
?Create@File@@QEAA_NPEB_WI@Z
?CreateErrorMsg@ErrorHandler@@QEAAXPEB_W0@Z
?CreateErrorMsg@ErrorHandler@@QEAAXPEB_W@Z
?CreatePath@@YA_NPEB_W_N1@Z
?CreateReparsePoint@@YA_NPEAVCommandData@@PEB_WPEAUFileHeader@@@Z
?CreateSuccessors@ModelPPM@@AEAAPEAURARPPM_CONTEXT@@_NPEAURARPPM_STATE@@@Z
?CreateThreads@ThreadPool@@AEAAXXZ
?Crypt15@CryptData@@AEAAXPEAE_K@Z
?Decode@EncodeFileName@@QEAAXPEAD_KPEAE1PEA_W1@Z
?Decode@RSCoder@@QEAA_NPEAEHPEAHH@Z
?DecodeAudio@Unpack@@AEAAEH@Z
?DecodeBuf@RSEncode@@QEAAXXZ
?DecodeChar@ModelPPM@@QEAAHXZ
?DecodeInit@ModelPPM@@QEAA_NPEAVUnpack@@AEAH@Z
?DecodeNum@Unpack@@AEAAIIIPEAI0@Z
?Decrypt13@CryptData@@AEAAXPEAE_K@Z
?DecryptBlock20@CryptData@@AEAAXPEAE@Z
?DecryptBlock@CryptData@@QEAAXPEAE_K@Z
?DelDir@@YA_NPEB_W@Z
?DelFile@@YA_NPEB_W@Z
?Delete@File@@QEAA_NXZ
?DetectTextEncoding@@YA?AW4RAR_CHARSET@@PEBE_K@Z
?DirectRead@File@@QEAAHPEAX_K@Z
?DoExtract@CmdExtract@@QEAAXXZ
?DoGetComment@Archive@@AEAA_NPEAV?$Array@_W@@@Z
?DoUnpack@Unpack@@QEAAXI_N@Z
?DosSlashToUnix@@YAXPEBDPEAD_K@Z
?DosSlashToUnix@@YAXPEB_WPEA_W_K@Z
?Encode@RSCoder@@QEAAXPEAEH0@Z
?EncodeBuf@RSEncode@@QEAAXXZ
?EncryptBlock20@CryptData@@AEAAXPEAE@Z
?EnumConfigPaths@@YA_NIPEA_W_K_N@Z
?ErrHandler@@3VErrorHandler@@A
?ExclCheck@CommandData@@QEAA_NPEB_W_N11@Z
?ExclDirByAttr@CommandData@@QEAA_NI@Z
?Execute@RarVM@@QEAAXPEAUVM_PreparedProgram@@@Z
?ExecuteCode@Unpack@@AEAAXPEAUVM_PreparedProgram@@@Z
?ExecuteStandardFilter@RarVM@@AEAA_NW4VM_StandardFilters@@@Z
?Exit@ErrorHandler@@QEAAXW4RAR_EXIT@@@Z
?ExpandFolderMask@ScanTree@@AEAA_NXZ
?ExtrCreateDir@CmdExtract@@AEAAXAEAVArchive@@PEB_W@Z
?ExtrCreateFile@CmdExtract@@AEAA_NAEAVArchive@@AEAVFile@@@Z
?ExtrDllGetPassword@CmdExtract@@AEAA_NXZ
?ExtrPrepareName@CmdExtract@@AEAAXAEAVArchive@@PEB_WPEA_W_K@Z
?ExtractACL20@@YAXAEAVArchive@@PEB_W@Z
?ExtractACL@@YAXAEAVArchive@@PEB_W@Z
?ExtractArchive@CmdExtract@@AEAA?AW4EXTRACT_ARC_CODE@@XZ
?ExtractArchiveInit@CmdExtract@@QEAAXAEAVArchive@@@Z
?ExtractCurrentFile@CmdExtract@@QEAA_NAEAVArchive@@_KAEA_N@Z
?ExtractFileCopy@CmdExtract@@AEAA_NAEAVFile@@PEA_WPEB_W11_K_J@Z
?ExtractHardlink@@YA_NPEAVCommandData@@PEA_W1_K@Z
?ExtractStreams20@@YAXAEAVArchive@@PEB_W@Z
?ExtractStreams@@YAXAEAVArchive@@PEB_W_N@Z
?ExtractSymlink@@YA_NPEAVCommandData@@AEAVComprDataIO@@AEAVArchive@@PEB_WAEA_N@Z
?FastFind@FindFile@@SA_NPEB_WPEAUFindData@@_N@Z
?FileCreate@@YA_NPEAVCommandData@@PEAVFile@@PEA_W_KPEA_N_JPEAVRarTime@@_N@Z
?FileExist@@YA_NPEB_W@Z
?FileLength@File@@QEAA_JXZ
?FilterItanium_GetBits@RarVM@@AEAAIPEAEII@Z
?FilterItanium_SetBits@RarVM@@AEAAXPEAEIII@Z
?FindProc@ScanTree@@AEAA?AW4SCAN_CODE@@PEAUFindData@@@Z
?Flush@File@@QEAAXXZ
?FreeAnalyzeData@CmdExtract@@AEAAXXZ
?FullHeaderSize@Archive@@QEAAI_K@Z
?GeneralErrMsg@ErrorHandler@@QEAAXPEB_WZZ
?GenerateArchiveName@@YAXPEA_W_KPEB_W_N@Z
?GenerateTables@Rijndael@@AEAAXXZ
?Get1@RawRead@@QEAAEXZ
?Get2@RawRead@@QEAAGXZ
?Get4@RawRead@@QEAAIXZ
?Get8@RawRead@@QEAA_KXZ
?Get@SecPassword@@QEAAXPEA_W_K@Z
?GetAppDataPath@@YA_NPEA_W_K_N@Z
?GetArcName@CommandData@@QEAA_NPEA_WH@Z
?GetAutoRenamedName@@YA_NPEA_W_K@Z
?GetB@RawRead@@QEAA_KPEAX_K@Z
?GetBlockSize@FragmentedWindow@@QEAA_K_K0@Z
?GetByte@File@@QEAAEXZ
?GetCRC15@RawRead@@QEAAI_N@Z
?GetCRC32@DataHash@@QEAAIXZ
?GetCRC50@RawRead@@QEAAIXZ
?GetCmdParam@@YAPEB_WPEB_WPEA_W_K@Z
?GetComment@Archive@@QEAA_NPEAV?$Array@_W@@@Z
?GetConfidence@RarCheckPassword@@UEAA?AW4CONFIDENCE@CheckPassword@@XZ
?GetConfigName@@YAXPEB_WPEA_W_K_N3@Z
?GetDigits@@YAII@Z
?GetDos@RarTime@@QEAAIXZ
?GetExclAttr@CommandData@@AEAAIPEB_WAEA_N@Z
?GetExt@@YAPEA_WPEB_W@Z
?GetFileAttr@@YAIPEB_W@Z
?GetFilePath@@YAXPEB_WPEA_W_K@Z
?GetFilteredMask@ScanTree@@AEAA_NXZ
?GetFirstVolIfFullSet@CmdExtract@@AEAAXPEB_W_NPEA_W_K@Z
?GetFlagsBuf@Unpack@@AEAAXXZ
?GetFreeDisk@@YA_JPEB_W@Z
?GetLocal@RarTime@@QEAAXPEAURarLocalTime@@@Z
?GetMonthName@@YAPEB_WH@Z
?GetNext@ScanTree@@QEAA?AW4SCAN_CODE@@PEAUFindData@@@Z
?GetNextMask@ScanTree@@AEAA_NXZ
?GetNumberOfCPU@@YAIXZ
?GetNumberOfThreads@@YAIXZ
?GetOpenFileTime@File@@QEAAXPEAVRarTime@@00@Z
?GetPathDisk@@YAHPEB_W@Z
?GetPathRoot@@YAXPEB_WPEA_W_K@Z
?GetQueuedTask@ThreadPool@@AEAA_NPEAUQueueEntry@1@@Z
?GetRarDataPath@@YAXPEA_W_K_N@Z
?GetRnd@@YAXPEAE_K@Z
?GetSSEVersion@@YA?AW4SSE_VERSION@@XZ
?GetStartPos@Archive@@QEAA_JXZ
?GetStreamNameNTFS@@YAXAEAVArchive@@PEA_W_K@Z
?GetString@StringList@@QEAAPEA_WXZ
?GetString@StringList@@QEAA_NPEAPEA_W@Z
?GetString@StringList@@QEAA_NPEA_W_K@Z
?GetString@StringList@@QEAA_NPEA_W_KH@Z
?GetStringA@StringList@@QEAA_NPEAD_K@Z
?GetSysErrMsg@ErrorHandler@@QEAA_NPEA_W_K@Z
?GetSystemErrorCode@ErrorHandler@@QEAAHXZ
?GetText@RarTime@@QEAAXPEA_W_K_N@Z
?GetUnix@RarTime@@QEAA_JXZ
?GetUnixNS@RarTime@@QEAA_KXZ
?GetUnpackedData@ComprDataIO@@QEAAXPEAPEAEPEA_K@Z
?GetV@RawRead@@QEAA_KXZ
?GetVSize@RawRead@@QEAAI_K@Z
?GetVolNumPart@@YAPEA_WPEB_W@Z
?GetW@RawRead@@QEAAXPEA_W_K@Z
?GetWide@@YAPEB_WPEBD@Z
?GetWideName@@YAPEA_WPEBDPEB_WPEA_W_K@Z
?GetWin@RarTime@@QEAA_KXZ
?GetWinFT@RarTime@@QEAAXPEAU_FILETIME@@@Z
?GetWinLongPath@@YA_NPEB_WPEA_W_K@Z
?GlueFreeBlocks@SubAllocator@@AEAAXXZ
?HuffDecode@Unpack@@AEAAXXZ
?Init@CommandData@@QEAAXXZ
?Init@ComprDataIO@@QEAAXXZ
?Init@DataHash@@QEAAXW4HASH_TYPE@@I@Z
?Init@FragmentedWindow@@QEAAX_K@Z
?Init@HashValue@@QEAAXW4HASH_TYPE@@@Z
?Init@QuickOpen@@QEAAXPEAVArchive@@_N@Z
?Init@RAROptions@@QEAAXXZ
?Init@RSCoder16@@QEAA_NIIPEA_N@Z
?Init@RSCoder@@QEAAXH@Z
?Init@RarVM@@QEAAXXZ
?Init@Rijndael@@QEAAX_NPEBEI1@Z
?Init@SupportDBCS@@QEAAXXZ
?Init@Unpack@@QEAAX_K_N@Z
?InitCRC32@@YAXPEAI@Z
?InitConsole@@YAXXZ
?InitDecoder@RangeCoder@@QEAAXPEAVUnpack@@@Z
?InitFilters30@Unpack@@AEAAX_N@Z
?InitFilters@Unpack@@AEAAXXZ
?InitHuff@Unpack@@AEAAXXZ
?InitLogOptions@@YAXPEB_WW4RAR_CHARSET@@@Z
?InitMT@Unpack@@AEAAXXZ
?InitSubAllocator@SubAllocator@@QEAAXXZ
?InitSystemOptions@@YAXH@Z
?IntToExt@@YAXPEBDPEAD_K@Z
?InvertDecoderMatrix@RSCoder16@@AEAAXXZ
?IsAlpha@@YA_NH@Z
?IsArcDir@Archive@@QEAA_NXZ
?IsArchive@Archive@@QEAA_N_N@Z
?IsDeleteAllowed@@YA_NI@Z
?IsDevice@File@@QEAA_NXZ
?IsDigit@@YA_NH@Z
?IsDir@@YA_NI@Z
?IsDriveDiv@@YA_NH@Z
?IsDriveLetter@@YA_NPEB_W@Z
?IsFullPath@@YA_NPEB_W@Z
?IsFullRootPath@@YA_NPEB_W@Z
?IsLeapYear@@YA_NH@Z
?IsLink@@YA_NI@Z
?IsNameUsable@@YA_NPEB_W@Z
?IsOpened@File@@UEAA_NXZ
?IsPathDiv@@YA_NH@Z
?IsProcessFile@CommandData@@QEAAHAEAUFileHeader@@PEA_NH_NPEA_WI@Z
?IsRelativeSymlinkSafe@@YA_NPEAVCommandData@@PEB_W11@Z
?IsRemovable@@YA_NPEB_W@Z
?IsSignature@Archive@@SA?AW4RARFORMAT@@PEBE_K@Z
?IsSpace@@YA_NH@Z
?IsSwitch@CommandData@@QEAA_NH@Z
?IsTextUtf8@@YA_NPEBE@Z
?IsTextUtf8@@YA_NPEBE_K@Z
?IsUnreadable@@YA_NI@Z
?IsUserAdmin@@YA_NXZ
?IsWildcard@@YA_NPEB_W@Z
?IsWindows11OrGreater@@YA_NXZ
?Length@SecPassword@@QEAA_KXZ
?LinksToDirs@@YA_NPEB_W0AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?ListArchive@@YAXPEAVCommandData@@@Z
?Load@QuickOpen@@QEAAX_K@Z
?LoadSysLibrary@@YAPEAUHINSTANCE__@@PEB_W@Z
?LongLZ@Unpack@@AEAAXXZ
?LowAscii@@YA_NPEBD@Z
?LowAscii@@YA_NPEB_W@Z
?MakeDecodeTables@Unpack@@AEAAXPEAEPEAUDecodeTable@@I@Z
?MakeDecoderMatrix@RSCoder16@@AEAAXXZ
?MakeDir@@YA?AW4MKDIR_CODE@@PEB_W_NI@Z
?MakeEncoderMatrix@RSCoder16@@AEAAXXZ
?MakeName@@YAXPEB_W0PEA_W_K@Z
?MakeNameCompatible@@YAXPEA_W_K@Z
?MakeNameUsable@@YAXPEA_W_N@Z
?MemoryError@ErrorHandler@@QEAAXXZ
?MemoryErrorMsg@ErrorHandler@@QEAAXXZ
?MergeArchive@@YA_NAEAVArchive@@PEAVComprDataIO@@_N_W@Z
?MkTemp@@YAPEA_WPEA_W_K@Z
?MonoClock@@YAJXZ
?Msg@uiMsgStore@@QEAAXXZ
?Next@FindFile@@QEAA_NPEAUFindData@@_N@Z
?NextVolumeName@@YAXPEA_WI_N@Z
?NullToEmpty@@YAPEBDPEBD@Z
?NullToEmpty@@YAPEB_WPEB_W@Z
?Open@Archive@@UEAA_NPEB_WI@Z
?Open@File@@UEAA_NPEB_WI@Z
?OpenError@ErrorHandler@@QEAAXPEB_W@Z
?OpenErrorMsg@ErrorHandler@@QEAAXPEB_W0@Z
?OpenErrorMsg@ErrorHandler@@QEAAXPEB_W@Z
?OutComment@@YAXPEB_W_K@Z
?OutHelp@CommandData@@QEAAXW4RAR_EXIT@@@Z
?OutTitle@CommandData@@QEAAXXZ
?ParseArg@CommandData@@QEAAXPEA_W@Z
?ParseCommandLine@CommandData@@QEAAX_NHQEAPEAD@Z
?ParseDone@CommandData@@QEAAXXZ
?ParseEnvVar@CommandData@@QEAAXXZ
?ParseVersionFileName@@YAHPEA_W_N@Z
?PointToLastChar@@YAPEA_WPEB_W@Z
?PointToName@@YAPEA_WPEB_W@Z
?PoolThread@ThreadPool@@CAKPEAX@Z
?PoolThreadLoop@ThreadPool@@AEAAXXZ
?Prealloc@File@@QEAAX_J@Z
?Prepare@RarVM@@QEAAXPEAEIPEAUVM_PreparedProgram@@@Z
?PrepareToDelete@@YAXPEB_W@Z
?PreprocessArg@CommandData@@QEAAXPEB_W@Z
?Process@SecPassword@@AEAAXPEB_W_KPEA_W1_N@Z
?ProcessAreaRS@RecVolumes5@@QEAAXPEAURecRSThreadData@@@Z
?ProcessCommand@CommandData@@QEAAXXZ
?ProcessDecoded@Unpack@@AEAA_NAEAUUnpackThreadData@@@Z
?ProcessExtra50@Archive@@AEAAXPEAVRawRead@@_KPEBUBaseBlock@@@Z
?ProcessFile@@YAHPEAXHPEAD1PEA_W2@Z
?ProcessRS@RecVolumes5@@AEAAXPEAVCommandData@@IPEBEI_N@Z
?ProcessSignal@@YAHK@Z
?ProcessSwitch@CommandData@@AEAAXPEB_W@Z
?ProcessSwitchesString@CommandData@@QEAAXPEB_W@Z
?ProhibitConsoleInput@@YAXXZ
?Push@?$Array@E@@QEAAXE@Z
?Push@?$Array@H@@QEAAXH@Z
?Push@?$Array@I@@QEAAXI@Z
?Push@?$Array@UExtractRef@CmdExtract@@@@QEAAXUExtractRef@CmdExtract@@@Z
?Push@?$Array@UUnpackFilter@@@@QEAAXUUnpackFilter@@@Z
?Push@?$Array@_W@@QEAAX_W@Z
?PutByte@File@@QEAAXE@Z
?RSDecodeThread@@YAXPEAX@Z
?RSEncodeThread@@YAXPEAX@Z
?RawGetV@@YA_KPEBEAEAIIAEA_N@Z
?RawSeek@File@@QEAA_N_JH@Z
?RawToWide@@YAPEA_WPEBEPEA_W_K@Z
?Read@Archive@@UEAAHPEAX_K@Z
?Read@File@@UEAAHPEAX_K@Z
?Read@QuickOpen@@QEAA_NPEAX_KAEA_K@Z
?Read@RawRead@@QEAAXPEAE_K@Z
?Read@RawRead@@QEAA_K_K@Z
?ReadBlockHeader@Unpack@@AEAA_NAEAVBitInput@@AEAUUnpackBlockHeader@@@Z
?ReadBuffer@QuickOpen@@AEAAIXZ
?ReadCommentData@Archive@@AEAA_NPEAV?$Array@_W@@@Z
?ReadConfig@CommandData@@QEAAXXZ
?ReadData@RarVM@@SAIAEAVBitInput@@@Z
?ReadEndOfBlock@Unpack@@AEAA_NXZ

Sections

.text
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libclamunrar_iface.dll
.dll windows:6 windows x64 arch:x64

94c8c8e6cee57ec65fa5b1ab1757b2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libclamunrar

RAROpenArchiveEx
RARSetCallback
RARProcessFile
RARReadHeaderEx
RARCloseArchive

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_cexit
_initterm_e

kernel32

GetCurrentProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

?_OptionsStorage@?1??__local_stdio_printf_options@@9@4_KA
CallbackProc
__local_stdio_printf_options
libclamunrar_iface_LTX_unrar_close
libclamunrar_iface_LTX_unrar_extract_file
libclamunrar_iface_LTX_unrar_open
libclamunrar_iface_LTX_unrar_peek_file_header
libclamunrar_iface_LTX_unrar_skip_file
unrar_debug

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libcrypto-3-x64.dll
.dll windows:6 windows x64 arch:x64

ffad349c528447ceb8e9673f0e076e21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\build\.mussels\cache\work\x64\openssl-3.2.1\libcrypto-3-x64.pdb

Imports

ws2_32

WSAStartup
select
getsockopt
getsockname
htonl
accept
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
ntohs
inet_ntoa
inet_addr
htons
bind
closesocket
connect
listen
setsockopt
socket
shutdown
recv
send
getpeername
recvfrom
sendto
WSACleanup
ioctlsocket

advapi32

CryptGenRandom
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
DeregisterEventSource

crypt32

CertFindCertificateInStore
CertFreeCertificateContext
CertOpenSystemStoreW
CertCloseStore

user32

GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW

kernel32

GetCurrentProcess
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
CreateSemaphoreA
GetExitCodeThread
WaitForSingleObject
ReleaseSemaphore
GetCurrentProcessId
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
TlsFree
TlsSetValue
TlsGetValue
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
DeleteCriticalSection
TerminateProcess
TlsAlloc
GetCurrentThreadId
AcquireSRWLockShared
AcquireSRWLockExclusive
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiberEx
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
GetLastError
SetLastError
CloseHandle
LoadLibraryW
GetEnvironmentVariableW
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetModuleHandleExW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualLock
FindClose
FindFirstFileW
FindNextFileW
Sleep
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared

vcruntime140

__current_exception
__C_specific_handler
wcsstr
__current_exception_context
strstr
strchr
memmove
strrchr
memcmp
memset
memcpy
memchr
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vfprintf
__stdio_common_vsscanf
ftell
fseek
fread
_fileno
__stdio_common_vswprintf
_wfopen
fopen
setvbuf
fflush
ferror
feof
clearerr
setbuf
fclose
fputs
__acrt_iob_func
__stdio_common_vsprintf_s
fwrite
fgets
_setmode

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
strtol

api-ms-win-crt-string-l1-1-0

tolower
strspn
strcspn
strncpy
strncmp
strcmp
strcat_s
isspace
_strdup
isdigit
strncpy_s
strcpy_s

api-ms-win-crt-time-l1-1-0

_gmtime64_s
__timezone
_mktime64
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

malloc
realloc
calloc
free

api-ms-win-crt-runtime-l1-1-0

terminate
signal
_initialize_narrow_environment
_beginthreadex
_endthreadex
_register_onexit_function
strerror_s
_execute_onexit_table
raise
_crt_atexit
_exit
_crt_at_quick_exit
_errno
_cexit
_initterm_e
_configure_narrow_argv
_initialize_onexit_table
_initterm
_seh_filter_dll

api-ms-win-crt-filesystem-l1-1-0

_chmod
_stat64i32
_fstat64i32

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_dup
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_dup
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_print_ex
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_dup
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_bio_ex
ASN1_item_d2i_ex
ASN1_item_d2i_fp
ASN1_item_d2i_fp_ex
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_i2d_mem_bio
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_new_ex
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_sign_ex
ASN1_item_unpack
ASN1_item_unpack_ex
ASN1_item_verify
ASN1_item_verify_ctx
ASN1_item_verify_ex
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_callback
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_set_status
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_mem_functions
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_set_mem_functions
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_copy
BIO_ADDR_dup
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_debug_callback_ex
BIO_dgram_non_fatal_error
BIO_do_connect_retry
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_err_is_non_fatal
BIO_f_asn1
BIO_f_base64
BIO_f_brotli
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_prefix
BIO_f_readbuffer
BIO_f_reliable
BIO_f_zlib
BIO_f_zstd
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_line
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_rpoll_descriptor
BIO_get_shutdown
BIO_get_wpoll_descriptor
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_recvmmsg
BIO_meth_get_sendmmsg
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_recvmmsg
BIO_meth_set_sendmmsg
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_dgram_pair
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_ex
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_from_core_bio
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_recvmmsg
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_core
BIO_s_datagram
BIO_s_dgram_mem
BIO_s_dgram_pair
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_sendmmsg
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libcurl.dll
.dll windows:6 windows x64 arch:x64

a1b089d85072465d68636c8e8163c9aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

freeaddrinfo
getaddrinfo
accept
WSAIoctl
socket
setsockopt
recv
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
WSAGetLastError
WSASetLastError
send
closesocket
gethostname
listen
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
WSAWaitForMultipleEvents
ioctlsocket
htonl
__WSAFDIsSet
select
WSAStartup
WSACleanup
recvfrom
sendto
inet_ntop
inet_pton

bcrypt

BCryptGenRandom

libssl-3-x64

SSL_get1_peer_certificate
SSL_set_session
SSL_SESSION_free
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_PrivateKey_file
SSL_CTX_set_ciphersuites
SSL_set0_wbio
SSL_set0_rbio
SSL_pending
SSL_CIPHER_get_name
SSL_get_current_cipher
SSL_CTX_set_cert_store
SSL_CTX_get_cert_store
SSL_CTX_free
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey
SSL_CTX_use_certificate
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_check_private_key
SSL_new
SSL_CTX_set_srp_username
SSL_CTX_set_srp_password
SSL_free
SSL_connect
SSL_read
SSL_write
SSL_ctrl
SSL_CTX_ctrl
SSL_get_error
SSL_get_version
TLS_client_method
SSL_shutdown
SSL_CTX_set_post_handshake_auth
SSL_alert_desc_string_long
SSL_CTX_add_client_CA
SSL_set_connect_state
SSL_get_certificate
SSL_get_privatekey
SSL_get_shutdown
SSL_get_verify_result
SSL_get0_verified_chain
SSL_set_ex_data
SSL_get_ex_data
OPENSSL_init_ssl
SSL_CTX_set_msg_callback
SSL_get_peer_cert_chain
SSL_CTX_sess_set_new_cb
SSL_CTX_set_options
SSL_CTX_set_alpn_protos
SSL_get0_alpn_selected
SSL_CTX_set_keylog_callback
SSL_get_peer_signature_type_nid
SSL_get0_group_name
SSL_CTX_set_cipher_list
SSL_CTX_new

libcrypto-3-x64

X509V3_EXT_print
X509_check_issued
ERR_get_error
ERR_peek_error
ERR_peek_last_error
ERR_clear_error
ERR_error_string_n
PKCS12_free
PKCS12_PBE_add
PKCS12_parse
d2i_PKCS12_bio
OCSP_cert_to_id
OCSP_response_status
OCSP_response_get1_basic
OCSP_resp_find_status
OCSP_check_validity
OCSP_BASICRESP_free
OCSP_RESPONSE_free
d2i_OCSP_RESPONSE
OCSP_CERTID_free
OCSP_response_status_str
OCSP_cert_status_str
OCSP_crl_reason_str
OCSP_basic_verify
UI_get0_user_data
GENERAL_NAMES_free
UI_create_method
UI_destroy_method
UI_method_set_opener
UI_method_set_writer
UI_method_set_reader
UI_method_set_closer
UI_method_get_opener
UI_method_get_writer
UI_method_get_reader
UI_method_get_closer
UI_get_string_type
UI_get_input_flags
UI_set_result
ENGINE_get_first
ENGINE_get_next
ENGINE_by_id
ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_free
ENGINE_get_id
ENGINE_init
ENGINE_finish
ENGINE_load_private_key
ENGINE_set_default
BIO_meth_set_write
X509_EXTENSION_get_data
RAND_status
UI_OpenSSL
X509_EXTENSION_get_object
X509_get_ext_d2i
X509_NAME_ENTRY_get_data
PEM_read_bio_PrivateKey
RAND_bytes
BIO_meth_new
X509_NAME_get_index_by_NID
PEM_read_bio_X509_AUX
X509_NAME_print_ex
X509_get_pubkey
PEM_write_bio_X509
X509_get0_pubkey
X509_get0_extensions
X509_get_X509_PUBKEY
X509_get0_notAfter
X509_get0_notBefore
X509_get_subject_name
X509_get_issuer_name
X509_get_serialNumber
X509_get_version
X509_INFO_free
X509_get0_signature
d2i_X509
X509_free
i2d_X509_PUBKEY
X509_ALGOR_get0
d2i_PrivateKey_bio
d2i_X509_bio
X509_verify_cert_error_string
X509_STORE_load_path
X509_STORE_load_file
X509_load_crl_file
X509_STORE_add_crl
X509_STORE_add_cert
X509_LOOKUP_file
X509_STORE_add_lookup
X509_STORE_set_flags
X509_STORE_up_ref
PEM_read_bio_X509
X509_STORE_free
RSA_flags
RSA_free
BIO_printf
BIO_new_mem_buf
BIO_s_mem
BIO_ctrl
BIO_puts
BIO_up_ref
BIO_get_shutdown
BIO_set_shutdown
BIO_set_init
BIO_get_data
BIO_set_data
BIO_free
BIO_new
BIO_s_file
BIO_clear_flags
BIO_set_flags
CRYPTO_free
CRYPTO_malloc
BIO_meth_set_read
BIO_meth_set_ctrl
BIO_meth_set_create
PEM_X509_INFO_read_bio
BIO_meth_set_destroy
BN_num_bits
BN_clear_free
BN_print
ASN1_STRING_length
X509_NAME_get_entry
ASN1_STRING_type
ASN1_STRING_get0_data
i2a_ASN1_OBJECT
i2t_ASN1_OBJECT
ASN1_STRING_to_UTF8
ASN1_TIME_print
ASN1_STRING_print
OBJ_nid2sn
OBJ_obj2txt
EVP_DigestInit
EVP_sha1
EVP_PKEY_get_id
EVP_PKEY_get_bits
EVP_PKEY_get_security_bits
EVP_PKEY_get1_RSA
EVP_PKEY_free
EVP_PKEY_copy_parameters
EVP_PKEY_get0_type_name
EVP_PKEY_get_bn_param
X509_PUBKEY_get0_param
DES_ecb_encrypt
DES_set_odd_parity
DES_set_key_unchecked
EVP_MD_CTX_new
EVP_MD_CTX_free
EVP_DigestInit_ex
EVP_DigestUpdate
EVP_DigestFinal_ex
EVP_sha512_256
MD5_Init
MD5_Update
MD5_Final
EVP_sha256
OPENSSL_sk_num
OPENSSL_sk_value
OPENSSL_sk_pop_free
OPENSSL_sk_pop
OpenSSL_version
EVP_PKEY_get_group_name
BIO_meth_free

nghttp2

nghttp2_session_get_local_window_size
nghttp2_session_get_stream_effective_local_window_size
nghttp2_session_get_stream_effective_recv_data_length
nghttp2_session_set_stream_user_data
nghttp2_session_callbacks_set_error_callback
nghttp2_session_callbacks_set_on_begin_headers_callback
nghttp2_is_fatal
nghttp2_session_set_local_window_size
nghttp2_submit_settings
nghttp2_submit_request
nghttp2_http2_strerror
nghttp2_strerror
nghttp2_session_consume
nghttp2_session_get_remote_window_size
nghttp2_session_get_stream_remote_window_size
nghttp2_session_get_stream_user_data
nghttp2_session_want_write
nghttp2_session_want_read
nghttp2_session_resume_data
nghttp2_session_mem_recv
nghttp2_session_send
nghttp2_session_del
nghttp2_session_client_new2
nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation
nghttp2_option_set_no_auto_window_update
nghttp2_option_del
nghttp2_session_callbacks_set_on_header_callback
nghttp2_session_callbacks_set_on_stream_close_callback
nghttp2_session_callbacks_set_on_frame_send_callback
nghttp2_session_callbacks_set_on_data_chunk_recv_callback
nghttp2_session_callbacks_set_on_frame_recv_callback
nghttp2_session_upgrade2
nghttp2_pack_settings_payload
nghttp2_priority_spec_init
nghttp2_submit_priority
nghttp2_submit_rst_stream
nghttp2_submit_ping
nghttp2_session_check_request_allowed
nghttp2_session_callbacks_new
nghttp2_session_get_remote_settings
nghttp2_version
nghttp2_session_callbacks_set_send_callback
nghttp2_session_callbacks_del
nghttp2_option_new

wldap32

ord217
ord46
ord211
ord60
ord50
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord143

libssh2

libssh2_sftp_readdir_ex
libssh2_sftp_write
libssh2_sftp_close_handle
libssh2_sftp_seek64
libssh2_sftp_rename_ex
libssh2_sftp_unlink_ex
libssh2_sftp_statvfs
libssh2_sftp_mkdir_ex
libssh2_sftp_rmdir_ex
libssh2_sftp_stat_ex
libssh2_sftp_symlink_ex
libssh2_sftp_last_error
libssh2_sftp_shutdown
libssh2_sftp_init
libssh2_agent_free
libssh2_agent_disconnect
libssh2_agent_userauth
libssh2_agent_get_identity
libssh2_agent_list_identities
libssh2_agent_connect
libssh2_agent_init
libssh2_knownhost_get
libssh2_knownhost_writefile
libssh2_knownhost_readfile
libssh2_knownhost_free
libssh2_knownhost_del
libssh2_knownhost_checkp
libssh2_knownhost_add
libssh2_knownhost_init
libssh2_sftp_read
libssh2_scp_send64
libssh2_scp_recv2
libssh2_channel_free
libssh2_channel_wait_closed
libssh2_channel_wait_eof
libssh2_channel_send_eof
libssh2_session_set_read_timeout
libssh2_session_set_blocking
libssh2_channel_write_ex
libssh2_channel_read_ex
libssh2_userauth_keyboard_interactive_ex
libssh2_userauth_publickey_fromfile_ex
libssh2_userauth_password_ex
libssh2_userauth_authenticated
libssh2_userauth_list
libssh2_session_flag
libssh2_session_block_directions
libssh2_session_last_errno
libssh2_session_last_error
libssh2_session_method_pref
libssh2_session_hostkey
libssh2_hostkey_hash
libssh2_session_free
libssh2_session_disconnect_ex
libssh2_session_handshake
libssh2_session_callback_set
libssh2_session_abstract
libssh2_session_init_ex
libssh2_exit
libssh2_init
libssh2_version
libssh2_sftp_open_ex

advapi32

CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash

crypt32

CertOpenSystemStoreA
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage

kernel32

CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
MultiByteToWideChar
SleepEx
WaitForSingleObjectEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetEnvironmentVariableA
Sleep
MoveFileExA
GetCurrentProcessId
GetLastError
SetLastError
FormatMessageW
QueryPerformanceFrequency
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemDirectoryA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
GetSystemTimeAsFileTime
CompareFileTime

vcruntime140

memcpy
memset
memcmp
strchr
memmove
strrchr
memchr
strstr
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

_strdup
strspn
strpbrk
strcmp
strcspn
strncmp

api-ms-win-crt-stdio-l1-1-0

fputc
setvbuf
ftell
fseek
fclose
_fseeki64
fread
_lseeki64
__stdio_common_vsprintf
fputs
_open
__stdio_common_vsscanf
fopen
fgets
feof
__acrt_iob_func
__stdio_common_vswprintf
_close
fwrite
_fileno
_read
_write
fflush

api-ms-win-crt-convert-l1-1-0

atoi
strtoll
strtol
strtoul
wcstombs

api-ms-win-crt-time-l1-1-0

_gmtime64
_time64
strftime

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_narrow_environment
_seh_filter_dll
_errno
_initterm_e
_initterm
_configure_narrow_argv
_beginthreadex
_execute_onexit_table
_initialize_onexit_table
__sys_errlist
__sys_nerr

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_unlink
_access
_stat64

api-ms-win-crt-heap-l1-1-0

calloc
free
realloc
malloc

api-ms-win-crt-multibyte-l1-1-0

_mbspbrk

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_header
curl_easy_init
curl_easy_nextheader
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_global_trace
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_get_handles
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_url_strerror
curl_version
curl_version_info
curl_ws_meta
curl_ws_recv
curl_ws_send

Sections

.text
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libfreshclam.dll
.dll windows:6 windows x64 arch:x64

3a76affdb3c322e50e420019183c4cc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libcurl

curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo
curl_global_cleanup
curl_global_init
curl_easy_init

libssl-3-x64

SSL_CTX_get_cert_store

libcrypto-3-x64

BIO_s_mem
RAND_bytes
d2i_X509
X509_STORE_add_cert
BIO_free
ERR_error_string
ERR_get_error
X509_NAME_print_ex
X509_cmp
X509_get_subject_name
X509_free
X509_dup
BIO_ctrl
BIO_new

libclamav

cli_versig2
cli_get_debug_flag
cli_warnmsg
cli_errmsg
cli_dbgmsg_no_inline
cl_debug
cl_engine_new
cl_engine_free
cl_engine_set_clcb_stats_submit
cl_load
cl_strerror
cli_hashset_destroy
cli_bytecode_prepare2
cli_strtok
cli_dbgmsg
cli_malloc
cli_strdup
cl_cvdhead
cl_cvdparse
cl_cvdverify
cl_cvdfree
cli_infomsg_simple
cl_cvdunpack
cl_retflevel
cli_strbcasestr
cli_isnumber
cli_rmdirs
cli_gentemp
cli_filecopy
cli_strerror
cli_ctime

kernel32

GetCurrentThreadId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
IsDebuggerPresent
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
WriteConsoleW
CreateFileA
DeleteFileA
GetFileAttributesA
GetFileAttributesExW
SetFileAttributesA
InitializeSListHead
GetEnvironmentVariableW
GetFullPathNameW
FormatMessageW
GetModuleHandleW
GetConsoleMode
Sleep
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
ReleaseSRWLockExclusive
ReleaseMutex
FindClose
ReleaseSRWLockShared
AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetFinalPathNameByHandleW
SetFilePointerEx
GetStdHandle
GetCurrentProcessId
WaitForSingleObject
TerminateProcess
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
FindNextFileW
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
FindFirstFileW
DeleteFileW
MoveFileExW

ntdll

NtReadFile
RtlNtStatusToDosError
NtWriteFile

ws2_32

ntohs
WSAStartup
WSACleanup

pthreadvc3

pthread_win32_process_attach_np
pthread_win32_thread_detach_np
pthread_mutex_lock
pthread_mutex_unlock
pthread_win32_thread_attach_np
pthread_win32_process_detach_np

dnsapi

DnsQuery_A
DnsFree

wsock32

getservbyname

crypt32

CertGetNameStringA
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenSystemStoreA

vcruntime140

__CxxFrameHandler3
wcsstr
wcsrchr
__std_type_info_destroy_list
__C_specific_handler
_CxxThrowException
memcmp
memmove
memset
memcpy
strrchr
strstr
strchr

api-ms-win-crt-string-l1-1-0

strncpy
strncmp
wcsncmp
wcsncat
strnlen
_strdup
strcmp
_strnicmp
wcsncpy
isprint

api-ms-win-crt-stdio-l1-1-0

fclose
_wopen
_lseeki64
fopen
_get_osfhandle
_close
fflush
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
_lseek
_open
_read
_write
_getcwd
fgets

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
calloc

api-ms-win-crt-convert-l1-1-0

atoi
wcstombs

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64
strftime
_localtime64

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_set_errno
strerror
_errno

api-ms-win-crt-math-l1-1-0

trunc
round
fmod

api-ms-win-crt-filesystem-l1-1-0

_mkdir
_fstat64i32
_unlink
_chdir
rename
_umask

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

DllMain
__local_stdio_printf_options
dnsquery
fc_cleanup
fc_dns_query_update_info
fc_download_url_database
fc_download_url_databases
fc_initialize
fc_prune_database_directory
fc_set_fccb_download_complete
fc_strerror
fc_test_database
fc_update_database
fc_update_databases
fprintf
g_bCompressLocalDatabase
g_cb_download_complete
g_connectTimeout
g_databaseDirectory
g_freshclamDat
g_localIP
g_maxAttempts
g_proxyPassword
g_proxyPort
g_proxyServer
g_proxyUsername
g_requestTimeout
g_tempDirectory
g_userAgent
load_freshclam_dat
new_freshclam_dat
printf
save_freshclam_dat
snprintf
updatecustomdb
updatedb
version_string_compare

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libssh2.dll
.dll windows:6 windows x64 arch:x64

f6523ec4d8764f16469b331cd0217464

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libcrypto-3-x64

EVP_PKEY_CTX_free
EVP_PKEY_new_raw_private_key
EVP_PKEY_new_raw_public_key
EVP_PKEY_get_raw_private_key
EVP_PKEY_get_raw_public_key
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_derive
EVP_PKEY_keygen_init
EVP_PKEY_keygen
RAND_bytes
PEM_read_bio_RSAPrivateKey
PEM_read_bio_DSAPrivateKey
PEM_read_bio_ECPrivateKey
BN_div
ERR_get_error
ENGINE_load_builtin_engines
ENGINE_register_all_complete
BN_set_word
EVP_sha1
HMAC_CTX_new
HMAC_CTX_free
EVP_CipherInit
HMAC_Update
HMAC_Final
EVP_md5
EVP_sha256
EVP_sha512
EVP_ripemd160
BN_sub
EVP_DigestInit
EVP_MD_CTX_new
EVP_Cipher
ECDSA_do_verify
ECDSA_do_sign
ECDSA_SIG_set0
ECDSA_SIG_get0
ECDSA_SIG_free
BN_bn2bin
BN_bin2bn
BN_clear_free
BN_new
BN_num_bits
BN_rand
EVP_PKEY_CTX_new_id
BN_CTX_new
BN_value_one
BIO_new_mem_buf
BIO_ctrl
BIO_free
BIO_new_file
EVP_CIPHER_CTX_free
EVP_aes_256_gcm
EVP_aes_256_ctr
ECDSA_SIG_new
ECDH_compute_key
EC_KEY_generate_key
EC_KEY_set_public_key
EC_KEY_get0_public_key
EC_KEY_set_private_key
EC_KEY_get0_group
EC_KEY_free
EC_KEY_new_by_curve_name
EC_POINT_oct2point
EC_POINT_point2oct
EC_POINT_free
EC_POINT_new
EC_GROUP_get_degree
EC_GROUP_get_curve_name
DSA_set0_key
EVP_PKEY_CTX_new
EVP_PKEY_free
DSA_get0_key
DSA_set0_pqg
DSA_get0_pqg
EVP_PKEY_new
EVP_PKEY_get1_EC_KEY
DSA_free
EVP_PKEY_set1_EC_KEY
EVP_PKEY_get1_DSA
EVP_PKEY_set1_DSA
EVP_PKEY_get1_RSA
EVP_PKEY_set1_RSA
EVP_PKEY_get_id
DSA_new
DSA_do_verify
EVP_get_digestbyname
DSA_do_sign
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_new
EVP_DigestVerifyInit
EVP_DigestSignInit
DSA_SIG_set0
DSA_SIG_get0
DSA_SIG_free
DSA_SIG_new
RSA_verify
RSA_sign
RSA_free
RSA_get0_factors
RSA_get0_key
RSA_set0_crt_params
RSA_set0_factors
RSA_set0_key
EVP_DigestVerify
BN_CTX_free
RSA_size
RSA_new
EVP_DigestSign
HMAC_Init_ex
BN_mod_exp
EVP_aes_256_cbc
EVP_aes_192_ctr
EVP_aes_192_cbc
EVP_aes_128_gcm
EVP_aes_128_ctr
EVP_aes_128_cbc
EVP_cast5_cbc
EVP_bf_cbc
EVP_rc4
EVP_des_ede3_cbc
EVP_DigestFinal
EVP_DigestUpdate
PEM_read_bio_PrivateKey
EVP_MD_CTX_free

ws2_32

ioctlsocket
__WSAFDIsSet
WSAGetLastError
send
recv
getsockopt
select

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
WaitNamedPipeA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetCurrentThreadId
CreateEventA
SleepEx
CancelIo
GetOverlappedResult
GetLastError
SetHandleInformation
CloseHandle
WriteFile
ReadFile
CreateFileA
IsDebuggerPresent

user32

SendMessageA
FindWindowA

vcruntime140

__C_specific_handler
memchr
__std_type_info_destroy_list
memset
strrchr
memcmp
memcpy
memmove
strchr

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
fclose
fopen
rewind
fread
feof
fgets
__stdio_common_vfprintf
__stdio_common_vsprintf
fwrite

api-ms-win-crt-time-l1-1-0

_time64
_difftime64

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

realloc
calloc
free
malloc

api-ms-win-crt-string-l1-1-0

strcmp
isspace
strncmp

api-ms-win-crt-convert-l1-1-0

strtol
strtoll

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_onexit_table
_seh_filter_dll
_execute_onexit_table
_initterm_e
_cexit
_initterm
_initialize_narrow_environment

Exports

Exports

libssh2_agent_connect
libssh2_agent_disconnect
libssh2_agent_free
libssh2_agent_get_identity
libssh2_agent_get_identity_path
libssh2_agent_init
libssh2_agent_list_identities
libssh2_agent_set_identity_path
libssh2_agent_sign
libssh2_agent_userauth
libssh2_banner_set
libssh2_base64_decode
libssh2_channel_close
libssh2_channel_direct_streamlocal_ex
libssh2_channel_direct_tcpip_ex
libssh2_channel_eof
libssh2_channel_flush_ex
libssh2_channel_forward_accept
libssh2_channel_forward_cancel
libssh2_channel_forward_listen_ex
libssh2_channel_free
libssh2_channel_get_exit_signal
libssh2_channel_get_exit_status
libssh2_channel_handle_extended_data
libssh2_channel_handle_extended_data2
libssh2_channel_open_ex
libssh2_channel_process_startup
libssh2_channel_read_ex
libssh2_channel_receive_window_adjust
libssh2_channel_receive_window_adjust2
libssh2_channel_request_auth_agent
libssh2_channel_request_pty_ex
libssh2_channel_request_pty_size_ex
libssh2_channel_send_eof
libssh2_channel_set_blocking
libssh2_channel_setenv_ex
libssh2_channel_signal_ex
libssh2_channel_wait_closed
libssh2_channel_wait_eof
libssh2_channel_window_read_ex
libssh2_channel_window_write_ex
libssh2_channel_write_ex
libssh2_channel_x11_req_ex
libssh2_crypto_engine
libssh2_exit
libssh2_free
libssh2_hostkey_hash
libssh2_init
libssh2_keepalive_config
libssh2_keepalive_send
libssh2_knownhost_add
libssh2_knownhost_addc
libssh2_knownhost_check
libssh2_knownhost_checkp
libssh2_knownhost_del
libssh2_knownhost_free
libssh2_knownhost_get
libssh2_knownhost_init
libssh2_knownhost_readfile
libssh2_knownhost_readline
libssh2_knownhost_writefile
libssh2_knownhost_writeline
libssh2_poll
libssh2_poll_channel_read
libssh2_publickey_add_ex
libssh2_publickey_init
libssh2_publickey_list_fetch
libssh2_publickey_list_free
libssh2_publickey_remove_ex
libssh2_publickey_shutdown
libssh2_scp_recv
libssh2_scp_recv2
libssh2_scp_send64
libssh2_scp_send_ex
libssh2_session_abstract
libssh2_session_banner_get
libssh2_session_banner_set
libssh2_session_block_directions
libssh2_session_callback_set
libssh2_session_disconnect_ex
libssh2_session_flag
libssh2_session_free
libssh2_session_get_blocking
libssh2_session_get_read_timeout
libssh2_session_get_timeout
libssh2_session_handshake
libssh2_session_hostkey
libssh2_session_init_ex
libssh2_session_last_errno
libssh2_session_last_error
libssh2_session_method_pref
libssh2_session_methods
libssh2_session_set_blocking
libssh2_session_set_last_error
libssh2_session_set_read_timeout
libssh2_session_set_timeout
libssh2_session_startup
libssh2_session_supported_algs
libssh2_sftp_close_handle
libssh2_sftp_fstat_ex
libssh2_sftp_fstatvfs
libssh2_sftp_fsync
libssh2_sftp_get_channel
libssh2_sftp_init
libssh2_sftp_last_error
libssh2_sftp_mkdir_ex
libssh2_sftp_open_ex
libssh2_sftp_open_ex_r
libssh2_sftp_read
libssh2_sftp_readdir_ex
libssh2_sftp_rename_ex
libssh2_sftp_rmdir_ex
libssh2_sftp_seek
libssh2_sftp_seek64
libssh2_sftp_shutdown
libssh2_sftp_stat_ex
libssh2_sftp_statvfs
libssh2_sftp_symlink_ex
libssh2_sftp_tell
libssh2_sftp_tell64
libssh2_sftp_unlink_ex
libssh2_sftp_write
libssh2_trace
libssh2_trace_sethandler
libssh2_userauth_authenticated
libssh2_userauth_banner
libssh2_userauth_hostbased_fromfile_ex
libssh2_userauth_keyboard_interactive_ex
libssh2_userauth_list
libssh2_userauth_password_ex
libssh2_userauth_publickey
libssh2_userauth_publickey_fromfile_ex
libssh2_userauth_publickey_frommemory
libssh2_userauth_publickey_sk
libssh2_version

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libssl-3-x64.dll
.dll windows:6 windows x64 arch:x64

953b7c0a3858f38be5733a1891b9bb53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\build\.mussels\cache\work\x64\openssl-3.2.1\libssl-3-x64.pdb

Imports

libcrypto-3-x64

EVP_PKEY_encapsulate_init
EVP_PKEY_encapsulate
EVP_PKEY_decapsulate_init
EVP_PKEY_decapsulate
EVP_PKEY_paramgen_init
EVP_PKEY_paramgen
EVP_PKEY_keygen_init
EVP_PKEY_keygen
EVP_PKEY_CTX_set_group_name
X509_NAME_free
OSSL_STACK_OF_X509_free
RAND_bytes_ex
INT32_it
ZINT32_it
UINT32_it
ZUINT32_it
ZINT64_it
ZUINT64_it
ASN1_OCTET_STRING_it
X509_it
CRYPTO_strndup
ASN1_item_free
ASN1_item_d2i
ASN1_item_i2d
i2d_PUBKEY
d2i_PUBKEY_ex
X509_free
OPENSSL_DIR_read
OPENSSL_DIR_end
OPENSSL_sk_shift
OPENSSL_sk_pop
OPENSSL_sk_set_cmp_func
CRYPTO_get_ex_new_index
CRYPTO_THREAD_run_once
OSSL_LIB_CTX_set0_default
BIO_s_file
BIO_snprintf
OBJ_nid2ln
OBJ_nid2sn
OPENSSL_LH_new
OPENSSL_LH_free
OPENSSL_LH_insert
OPENSSL_LH_retrieve
X509_verify_cert
X509_STORE_new
X509_STORE_free
X509_STORE_up_ref
X509_STORE_CTX_new_ex
X509_STORE_CTX_free
X509_STORE_CTX_init
X509_STORE_CTX_init_rpk
X509_STORE_CTX_set_verify_cb
X509_STORE_add_cert
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_get_error
X509_STORE_CTX_get0_chain
X509_STORE_CTX_get1_chain
X509_STORE_CTX_set_flags
X509_STORE_CTX_get0_param
X509_STORE_CTX_set_default
X509_STORE_CTX_set0_dane
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_auth_level
X509_VERIFY_PARAM_move_peername
X509_verify_cert_error_string
X509_NAME_dup
i2d_X509_NAME
X509_new_ex
X509_get_subject_name
X509_up_ref
X509_chain_up_ref
X509_cmp
X509_NAME_hash_ex
PEM_read_bio_X509
OSSL_STORE_open
OSSL_STORE_load
OSSL_STORE_eof
OSSL_STORE_error
OSSL_STORE_close
OSSL_STORE_INFO_get_type
OSSL_STORE_INFO_get0_NAME
OSSL_STORE_INFO_get0_CERT
OSSL_STORE_INFO_free
X509_get_extension_flags
COMP_CTX_new
COMP_CTX_free
COMP_compress_block
COMP_zlib_oneshot
COMP_brotli_oneshot
COMP_zstd_oneshot
BIO_f_zlib
BIO_f_brotli
BIO_f_zstd
OPENSSL_sk_new
OPENSSL_sk_delete
OPENSSL_sk_unshift
OPENSSL_sk_dup
OPENSSL_sk_sort
COMP_get_type
COMP_get_name
COMP_zlib
EVP_CIPHER_get_block_size
EVP_CIPHER_get_flags
EVP_CIPHER_get_mode
EVP_CIPHER_fetch
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
EVP_SIGNATURE_free
EVP_SIGNATURE_fetch
EVP_KEYEXCH_free
EVP_KEYEXCH_fetch
CONF_parse_list
ERR_set_mark
ERR_pop_to_mark
OPENSSL_strcasecmp
OPENSSL_strncasecmp
ERR_clear_last_mark
X509_STORE_load_path
X509_STORE_load_file_ex
X509_STORE_load_store_ex
OSSL_DECODER_CTX_free
OSSL_DECODER_from_bio
OSSL_DECODER_CTX_new_for_pkey
ERR_reason_error_string
ERR_load_strings_const
OPENSSL_init_crypto
OPENSSL_atexit
OPENSSL_sk_insert
CRYPTO_THREAD_lock_new
CRYPTO_THREAD_read_lock
CRYPTO_THREAD_write_lock
CRYPTO_THREAD_unlock
CRYPTO_THREAD_lock_free
OPENSSL_strnlen
CRYPTO_new_ex_data
CRYPTO_dup_ex_data
CRYPTO_free_ex_data
CRYPTO_set_ex_data
CRYPTO_get_ex_data
CRYPTO_secure_zalloc
CRYPTO_secure_free
BUF_MEM_free
BIO_get_rpoll_descriptor
BIO_get_wpoll_descriptor
BIO_int_ctrl
BIO_pop
BIO_free_all
BIO_s_socket
BIO_s_datagram
ASN1_OCTET_STRING_free
OPENSSL_LH_num_items
ERR_peek_error
OSSL_PARAM_construct_int
OSSL_PARAM_construct_uint32
OSSL_PARAM_construct_uint64
OBJ_bsearch_
EVP_MD_get0_provider
EVP_CIPHER_get0_provider
EVP_CIPHER_up_ref
EVP_CIPHER_free
EVP_MD_fetch
EVP_MD_up_ref
EVP_MD_free
EVP_PKEY_get_security_bits
X509_STORE_add_lookup
X509_LOOKUP_hash_dir
X509_LOOKUP_file
X509_LOOKUP_store
X509_LOOKUP_ctrl
X509_LOOKUP_ctrl_ex
X509_STORE_set_default_paths_ex
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set1_host
X509_VERIFY_PARAM_add1_host
X509_VERIFY_PARAM_set_hostflags
X509_VERIFY_PARAM_get0_peername
X509_VERIFY_PARAM_get1_ip_asc
X509_VERIFY_PARAM_set1_ip_asc
X509_VERIFY_PARAM_get_depth
d2i_PUBKEY
X509_EXTENSION_free
d2i_X509
X509_get0_pubkey
X509_check_private_key
X509_get_ext_d2i
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_start_job
ASYNC_get_current_job
CT_POLICY_EVAL_CTX_new_ex
CT_POLICY_EVAL_CTX_free
CT_POLICY_EVAL_CTX_set1_cert
CT_POLICY_EVAL_CTX_set1_issuer
CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
CT_POLICY_EVAL_CTX_set_time
SCT_free
SCT_LIST_free
SCT_set_source
SCT_get_validation_status
SCT_LIST_validate
o2i_SCT_LIST
CTLOG_STORE_new_ex
CTLOG_STORE_free
CTLOG_STORE_load_file
CTLOG_STORE_load_default_file
X509_get_key_usage
a2i_IPADDRESS
RAND_priv_bytes_ex
OCSP_response_get1_basic
OCSP_resp_count
OCSP_resp_get0
OCSP_SINGLERESP_get1_ext_d2i
OCSP_BASICRESP_free
OCSP_RESPID_free
OCSP_RESPONSE_free
EVP_PKEY_up_ref
conf_ssl_get
conf_ssl_name_find
conf_ssl_get_cmd
ERR_peek_last_error
EVP_PKEY_can_sign
d2i_PrivateKey_ex
EVP_PKEY_copy_parameters
EVP_PKEY_missing_parameters
EVP_PKEY_eq
d2i_X509_bio
d2i_PrivateKey_ex_bio
X509_get_pubkey
PEM_read_bio
PEM_read_bio_X509_AUX
PEM_read_bio_PrivateKey_ex
RSA_free
RSA_up_ref
d2i_RSAPrivateKey
EVP_PKEY_assign
EVP_PKEY_new
d2i_RSAPrivateKey_bio
PEM_read_bio_RSAPrivateKey
OPENSSL_LH_delete
OPENSSL_LH_get_down_load
OPENSSL_LH_set_down_load
PEM_ASN1_read_bio
PEM_ASN1_write_bio
PEM_ASN1_read
PEM_ASN1_write
BIO_puts
BIO_dump_indent
BIO_printf
OSSL_PARAM_construct_utf8_string
EVP_PKEY_derive
EVP_CIPHER_is_a
EVP_KDF_free
EVP_KDF_fetch
EVP_KDF_CTX_new
EVP_KDF_CTX_free
EVP_KDF_derive
CRYPTO_memcmp
BN_free
BN_get_rfc2409_prime_1024
BN_get_rfc3526_prime_2048
BN_get_rfc3526_prime_3072
BN_get_rfc3526_prime_4096
BN_get_rfc3526_prime_8192
OBJ_nid2obj
OBJ_txt2nid
OBJ_ln2nid
OBJ_sn2nid
OBJ_create
OBJ_add_sigid
OSSL_PARAM_locate_const
OSSL_PARAM_get_int
OSSL_PARAM_get_uint
OSSL_PARAM_free
EVP_CIPHER_CTX_get_iv_length
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_DecryptFinal
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_free
EVP_MAC_fetch
EVP_MAC_free
EVP_MAC_CTX_new
EVP_MAC_CTX_free
EVP_MAC_CTX_get_mac_size
EVP_MAC_init
EVP_MAC_update
EVP_MAC_final
EVP_PKEY_get_id
EVP_PKEY_get_bits
EVP_PKEY_get_size
EVP_PKEY_set_type
EVP_PKEY_digestsign_supports_digest
EVP_PKEY_set1_encoded_public_key
EVP_KEYMGMT_fetch
EVP_KEYMGMT_free
EVP_KEYMGMT_get0_provider
EVP_PKEY_fromdata_init
EVP_PKEY_fromdata
EVP_PKEY_get_ec_point_conv_form
EVP_PKEY_get_field_type
EVP_PKEY_get_group_name
X509_get_signature_info
X509_get_signature_nid
X509_get_issuer_name
X509_chain_check_suiteb
X509_NAME_cmp
OSSL_PROVIDER_do_all
OSSL_PROVIDER_get_capabilities
OSSL_PARAM_BLD_new
OSSL_PARAM_BLD_to_param
OSSL_PARAM_BLD_free
OSSL_PARAM_BLD_push_uint
OSSL_PARAM_BLD_push_BN
BIO_indent
COMP_expand_block
EVP_PKEY_print_public
d2i_X509_NAME
X509_NAME_print_ex
X509_print_ex
PEM_write_bio_X509
EVP_Q_mac
EC_GROUP_get_curve_name
EC_KEY_get0_group
EVP_PKEY_set1_DH
ENGINE_get_ssl_client_cert_function
ENGINE_get_cipher
ENGINE_get_digest
ENGINE_init
ENGINE_finish
ENGINE_load_ssl_client_cert
ENGINE_get_cipher_engine
ENGINE_get_digest_engine
HMAC_size
HMAC_CTX_new
HMAC_CTX_free
HMAC_Init_ex
HMAC_Update
HMAC_Final
BN_is_zero
BN_num_bits
BN_clear_free
BN_copy
BN_bin2bn
BN_bn2bin
BN_dup
BN_ucmp
SRP_create_verifier_BN_ex
SRP_check_known_gN_param
SRP_get_default_gN
SRP_Calc_server_key
SRP_Calc_B_ex
SRP_Verify_A_mod_N
SRP_Calc_u_ex
SRP_Calc_x_ex
SRP_Calc_A
SRP_Calc_client_key_ex
SRP_Verify_B_mod_N
OSSL_PARAM_get_size_t
BIO_ADDR_family
OPENSSL_LH_error
OSSL_ERR_STATE_new
OSSL_ERR_STATE_save
OSSL_ERR_STATE_restore
OSSL_ERR_STATE_free
BUF_MEM_new
BIO_recvmmsg
BIO_err_is_non_fatal
OPENSSL_LH_doall_arg
ERR_vset_error
EVP_CipherInit_ex
EVP_CipherUpdate
EVP_CipherFinal_ex
EVP_CIPHER_CTX_ctrl
BIO_sendmmsg
BIO_s_null
ERR_count_to_mark
OSSL_ERR_STATE_save_to_mark
BIO_s_dgram_mem
OSSL_PARAM_construct_uint
OSSL_PARAM_construct_size_t
BIO_write_ex
EVP_CIPHER_CTX_get0_cipher
EVP_CIPHER_CTX_get_block_size
EVP_DigestFinal
MD5_Init
MD5_Transform
SHA1_Init
SHA1_Transform
SHA224_Init
SHA256_Init
SHA256_Transform
SHA384_Init
SHA512_Init
SHA512_Transform
OSSL_PARAM_construct_octet_ptr
EVP_Cipher
EVP_CIPHER_CTX_get_params
EVP_MD_CTX_get_pkey_ctx
EVP_MD_CTX_ctrl
EVP_MD_CTX_copy
EVP_DigestSignInit_ex
EVP_DigestSignUpdate
EVP_DigestSignFinal
EVP_PKEY_CTX_set_params
EVP_PKEY_new_mac_key
EVP_PKEY_new_raw_private_key_ex
COMP_CTX_get_method
OSSL_PARAM_get_uint32
OSSL_PARAM_get_uint64
EVP_CIPHER_CTX_set_params
EVP_PKEY_get1_encoded_public_key
i2d_X509_EXTENSIONS
i2d_OCSP_RESPID
EVP_DigestSign
d2i_X509_EXTENSIONS
d2i_OCSP_RESPID
BUF_MEM_grow_clean
EVP_Digest
EVP_DigestInit
EVP_DigestVerify
EVP_DigestVerifyInit_ex
EVP_PKEY_CTX_ctrl
EVP_PKEY_encrypt_init
EVP_PKEY_encrypt
EVP_PKEY_public_check
EVP_PKEY_param_check_quick
EVP_PKEY_CTX_set_rsa_padding
EVP_PKEY_CTX_set_rsa_pss_saltlen
BUF_reverse
EVP_DigestVerifyUpdate
EVP_DigestVerifyFinal
i2d_X509_PUBKEY
i2d_X509
X509_get_X509_PUBKEY
ASN1_ANY_it
ASN1_TYPE_get
ASN1_item_new
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_EncryptFinal
EVP_PKEY_decrypt_init
EVP_PKEY_decrypt
EVP_PKEY_get_bn_param
EVP_PKEY_is_a
EVP_MD_is_a
EVP_PKEY_CTX_set_dh_pad
CRYPTO_strdup
CRYPTO_memdup
OPENSSL_sk_pop_free
OPENSSL_sk_new_reserve
OPENSSL_sk_value
OPENSSL_sk_num
EVP_DigestFinal_ex
EVP_DigestUpdate
EVP_DigestInit_ex
EVP_MD_CTX_copy_ex
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_MD_CTX_set_params
EVP_CIPHER_get_iv_length
EVP_CIPHER_get_key_length
EVP_MD_CTX_get0_md
EVP_MD_get_size
EVP_MD_get_type
OSSL_PARAM_construct_end
OSSL_PARAM_construct_octet_string
BIO_s_mem
OPENSSL_cleanse
CRYPTO_clear_free
CRYPTO_realloc
OPENSSL_sk_push
OPENSSL_sk_find
OPENSSL_sk_free
OPENSSL_sk_new_null
ERR_clear_error
ERR_set_error
ERR_set_debug
ERR_new
BIO_ADDR_clear
BIO_ADDR_free
BIO_ADDR_new
BIO_read
BIO_test_flags
BIO_copy_next_retry
BIO_f_buffer
BIO_s_connect
BIO_set_retry_reason
BIO_get_retry_reason
BIO_set_next

ws2_32

WSAGetLastError
select

kernel32

GetStartupInfoW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetSystemTime
SystemTimeToFileTime
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
GetCurrentThreadId
SetUnhandledExceptionFilter
GetExitCodeThread
CreateSemaphoreA
SetLastError
GetLastError
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

vcruntime140

memcpy
memset
__current_exception_context
strchr
memcmp
memchr
strstr
memmove
__std_type_info_destroy_list
__current_exception
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_errno
_endthreadex
terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_beginthreadex

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-string-l1-1-0

strncmp
strcmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLS_client_method
DTLS_get_data_mtu
DTLS_method
DTLS_server_method
DTLS_set_timer_cb
DTLSv1_2_client_method
DTLSv1_2_method
DTLSv1_2_server_method
DTLSv1_client_method
DTLSv1_listen
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
OPENSSL_cipher_name
OPENSSL_init_ssl
OSSL_QUIC_client_method
OSSL_QUIC_client_thread_method
OSSL_default_cipher_list
OSSL_default_ciphersuites
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SSL_CIPHER_description
SSL_CIPHER_find
SSL_CIPHER_get_auth_nid
SSL_CIPHER_get_bits
SSL_CIPHER_get_cipher_nid
SSL_CIPHER_get_digest_nid
SSL_CIPHER_get_handshake_digest
SSL_CIPHER_get_id
SSL_CIPHER_get_kx_nid
SSL_CIPHER_get_name
SSL_CIPHER_get_protocol_id
SSL_CIPHER_get_version
SSL_CIPHER_is_aead
SSL_CIPHER_standard_name
SSL_COMP_add_compression_method
SSL_COMP_get0_name
SSL_COMP_get_compression_methods
SSL_COMP_get_id
SSL_COMP_get_name
SSL_COMP_set0_compression_methods
SSL_CONF_CTX_clear_flags
SSL_CONF_CTX_finish
SSL_CONF_CTX_free
SSL_CONF_CTX_new
SSL_CONF_CTX_set1_prefix
SSL_CONF_CTX_set_flags
SSL_CONF_CTX_set_ssl
SSL_CONF_CTX_set_ssl_ctx
SSL_CONF_cmd
SSL_CONF_cmd_argv
SSL_CONF_cmd_value_type
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add1_to_CA_list
SSL_CTX_add_client_CA
SSL_CTX_add_client_custom_ext
SSL_CTX_add_custom_ext
SSL_CTX_add_server_custom_ext
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_clear_options
SSL_CTX_compress_certs
SSL_CTX_config
SSL_CTX_ct_is_enabled
SSL_CTX_ctrl
SSL_CTX_dane_clear_flags
SSL_CTX_dane_enable
SSL_CTX_dane_mtype_set
SSL_CTX_dane_set_flags
SSL_CTX_enable_ct
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get0_CA_list
SSL_CTX_get0_certificate
SSL_CTX_get0_client_cert_type
SSL_CTX_get0_ctlog_store
SSL_CTX_get0_param
SSL_CTX_get0_privatekey
SSL_CTX_get0_security_ex_data
SSL_CTX_get0_server_cert_type
SSL_CTX_get1_compressed_cert
SSL_CTX_get_cert_store
SSL_CTX_get_ciphers
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_default_passwd_cb
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_get_ex_data
SSL_CTX_get_info_callback
SSL_CTX_get_keylog_callback
SSL_CTX_get_max_early_data
SSL_CTX_get_num_tickets
SSL_CTX_get_options
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_record_padding_callback_arg
SSL_CTX_get_recv_max_early_data
SSL_CTX_get_security_callback
SSL_CTX_get_security_level
SSL_CTX_get_ssl_method
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_has_client_custom_ext
SSL_CTX_load_verify_dir
SSL_CTX_load_verify_file
SSL_CTX_load_verify_locations
SSL_CTX_load_verify_store
SSL_CTX_new
SSL_CTX_new_ex
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set0_CA_list
SSL_CTX_set0_ctlog_store
SSL_CTX_set0_security_ex_data
SSL_CTX_set0_tmp_dh_pkey
SSL_CTX_set1_cert_comp_preference
SSL_CTX_set1_cert_store
SSL_CTX_set1_client_cert_type
SSL_CTX_set1_compressed_cert
SSL_CTX_set1_param
SSL_CTX_set1_server_cert_type
SSL_CTX_set_allow_early_data_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_alpn_select_cb
SSL_CTX_set_async_callback
SSL_CTX_set_async_callback_arg
SSL_CTX_set_block_padding
SSL_CTX_set_cert_cb
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_hello_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_ct_validation_callback
SSL_CTX_set_ctlog_list_file
SSL_CTX_set_default_ctlog_list_file
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_read_buffer_len
SSL_CTX_set_default_verify_dir
SSL_CTX_set_default_verify_file
SSL_CTX_set_default_verify_paths
SSL_CTX_set_default_verify_store
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_keylog_callback
SSL_CTX_set_max_early_data
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_not_resumable_session_callback
SSL_CTX_set_num_tickets
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_find_session_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_psk_use_session_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_record_padding_callback
SSL_CTX_set_record_padding_callback_arg
SSL_CTX_set_recv_max_early_data
SSL_CTX_set_security_callback
SSL_CTX_set_security_level
SSL_CTX_set_session_id_context
SSL_CTX_set_session_ticket_cb
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_stateless_cookie_generate_cb
SSL_CTX_set_stateless_cookie_verify_cb
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_max_fragment_length
SSL_CTX_set_tlsext_ticket_key_evp_cb
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_up_ref
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_cert_and_key
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_CTX_use_serverinfo
SSL_CTX_use_serverinfo_ex
SSL_CTX_use_serverinfo_file
SSL_SESSION_dup
SSL_SESSION_free
SSL_SESSION_get0_alpn_selected
SSL_SESSION_get0_cipher
SSL_SESSION_get0_hostname
SSL_SESSION_get0_id_context
SSL_SESSION_get0_peer
SSL_SESSION_get0_peer_rpk
SSL_SESSION_get0_ticket
SSL_SESSION_get0_ticket_appdata
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_id
SSL_SESSION_get_master_key
SSL_SESSION_get_max_early_data
SSL_SESSION_get_max_fragment_length
SSL_SESSION_get_protocol_version
SSL_SESSION_get_ticket_lifetime_hint
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_has_ticket
SSL_SESSION_is_resumable
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_print_keylog
SSL_SESSION_set1_alpn_selected
SSL_SESSION_set1_hostname
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SSL_SESSION_set1_master_key
SSL_SESSION_set1_ticket_appdata
SSL_SESSION_set_cipher
SSL_SESSION_set_ex_data
SSL_SESSION_set_max_early_data
SSL_SESSION_set_protocol_version
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SESSION_up_ref
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_accept_stream
SSL_add1_host
SSL_add1_to_CA_list
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_expected_rpk
SSL_add_file_cert_subjects_to_stack
SSL_add_ssl_module
SSL_add_store_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_alloc_buffers
SSL_bytes_to_cipher_list
SSL_callback_ctrl
SSL_certs_clear
SSL_check_chain
SSL_check_private_key
SSL_clear
SSL_clear_options
SSL_client_hello_get0_ciphers
SSL_client_hello_get0_compression_methods
SSL_client_hello_get0_ext
SSL_client_hello_get0_legacy_version
SSL_client_hello_get0_random
SSL_client_hello_get0_session_id
SSL_client_hello_get1_extensions_present
SSL_client_hello_get_extension_order
SSL_client_hello_isv2
SSL_client_version
SSL_compress_certs
SSL_config
SSL_connect
SSL_copy_session_id
SSL_ct_is_enabled
SSL_ctrl
SSL_dane_clear_flags
SSL_dane_enable
SSL_dane_set_flags
SSL_dane_tlsa_add
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_enable_ct
SSL_export_keying_material
SSL_export_keying_material_early
SSL_extension_supported
SSL_free
SSL_free_buffers
SSL_get0_CA_list
SSL_get0_alpn_selected
SSL_get0_client_cert_type
SSL_get0_connection
SSL_get0_dane
SSL_get0_dane_authority
SSL_get0_dane_tlsa
SSL_get0_group_name
SSL_get0_next_proto_negotiated
SSL_get0_param
SSL_get0_peer_CA_list
SSL_get0_peer_certificate
SSL_get0_peer_rpk
SSL_get0_peer_scts
SSL_get0_peername
SSL_get0_security_ex_data
SSL_get0_server_cert_type
SSL_get0_verified_chain
SSL_get1_compressed_cert
SSL_get1_peer_certificate
SSL_get1_session
SSL_get1_supported_ciphers
SSL_get_SSL_CTX
SSL_get_accept_stream_queue_len
SSL_get_all_async_fds
SSL_get_async_status
SSL_get_blocking_mode
SSL_get_certificate
SSL_get_changed_async_fds
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_client_ciphers
SSL_get_client_random
SSL_get_conn_close_info
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_passwd_cb
SSL_get_default_passwd_cb_userdata
SSL_get_default_timeout
SSL_get_early_data_status
SSL_get_error
SSL_get_event_timeout
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_fd
SSL_get_finished
SSL_get_handshake_rtt
SSL_get_info_callback
SSL_get_key_update_type
SSL_get_max_early_data
SSL_get_negotiated_client_cert_type
SSL_get_negotiated_server_cert_type
SSL_get_num_tickets
SSL_get_options
SSL_get_peer_cert_chain
SSL_get_peer_finished
SSL_get_peer_signature_type_nid
SSL_get_pending_cipher
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_record_padding_callback_arg
SSL_get_recv_max_early_data
SSL_get_rfd
SSL_get_rpoll_descriptor
SSL_get_security_callback
SSL_get_security_level
SSL_get_selected_srtp_profile
SSL_get_server_random
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shared_sigalgs
SSL_get_shutdown
SSL_get_sigalgs
SSL_get_signature_type_nid
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_state
SSL_get_stream_id
SSL_get_stream_read_error_code
SSL_get_stream_read_state
SSL_get_stream_type
SSL_get_stream_write_error_code
SSL_get_stream_write_state
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_get_wpoll_descriptor
SSL_group_to_name
SSL_handle_events
SSL_has_matching_session_id
SSL_has_pending
SSL_in_before
SSL_in_init
SSL_inject_net_dgram
SSL_is_connection
SSL_is_dtls
SSL_is_init_finished
SSL_is_quic
SSL_is_server
SSL_is_stream_local
SSL_is_tls
SSL_key_update
SSL_load_client_CA_file
SSL_load_client_CA_file_ex
SSL_net_read_desired
SSL_net_write_desired
SSL_new
SSL_new_session_ticket
SSL_new_stream
SSL_peek
SSL_peek_ex
SSL_pending
SSL_read
SSL_read_early_data
SSL_read_ex
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_sendfile
SSL_session_reused
SSL_set0_CA_list
SSL_set0_rbio
SSL_set0_security_ex_data
SSL_set0_tmp_dh_pkey
SSL_set0_wbio
SSL_set1_cert_comp_preference
SSL_set1_client_cert_type
SSL_set1_compressed_cert
SSL_set1_host
SSL_set1_initial_peer_addr
SSL_set1_param
SSL_set1_server_cert_type
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_allow_early_data_cb
SSL_set_alpn_protos
SSL_set_async_callback
SSL_set_async_callback_arg
SSL_set_bio
SSL_set_block_padding
SSL_set_blocking_mode
SSL_set_cert_cb
SSL_set_cipher_list
SSL_set_ciphersuites
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ct_validation_callback
SSL_set_debug
SSL_set_default_passwd_cb
SSL_set_default_passwd_cb_userdata
SSL_set_default_read_buffer_len
SSL_set_default_stream_mode
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_hostflags
SSL_set_incoming_stream_policy
SSL_set_info_callback
SSL_set_max_early_data
SSL_set_msg_callback
SSL_set_not_resumable_session_callback
SSL_set_num_tickets
SSL_set_options
SSL_set_post_handshake_auth

Sections

.text
Size: 847KB - Virtual size: 846KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/libxml2.dll
.dll windows:6 windows x64 arch:x64

3c1cc760e6c83b9db3b23ce5f185b281

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

gethostbyaddr
gethostbyname
getservbyport
getservbyname
WSAStartup
WSACleanup
WSASetLastError
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
htonl
getsockopt
ioctlsocket
connect
closesocket
WSAGetLastError
__WSAFDIsSet

kernel32

InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlCaptureContext

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
strstr
strchr
memset
memchr
memcpy
memmove

api-ms-win-crt-stdio-l1-1-0

_lseeki64
fread
fflush
ferror
_wfopen
_close
_open
_read
_write
_dup
_getcwd
_fileno
__stdio_common_vsprintf
_wopen
__stdio_common_vfprintf
__stdio_common_vsprintf_s
fclose
fopen
fwrite
__acrt_iob_func
fputc
__stdio_common_vsscanf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

strncpy_s
isspace
tolower
strcpy_s
strcat_s
toupper
strcmp
strncmp
strncpy

api-ms-win-crt-filesystem-l1-1-0

_wstat64i32
_stat64i32

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
realloc

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_initterm_e
exit
_cexit
_errno
abort
_initterm
_crt_atexit
strerror
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-convert-l1-1-0

strtol
wcstombs
strtoul

api-ms-win-crt-math-l1-1-0

pow
fmod
log10
ceil
floor

Exports

Exports

DllMain
UTF8ToHtml
UTF8Toisolat1
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNewSAXParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
valuePop
valuePush
xlinkGetDefaultDetect
xlinkGetDefaultHandler
xlinkIsLink
xlinkSetDefaultDetect
xlinkSetDefaultHandler
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufNodeDump
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlC14NDocDumpMemory
xmlC14NDocSave
xmlC14NDocSaveTo
xmlC14NExecute
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckThreadLocalStorage
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtSetMaxAmplification
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEntity
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeTextWriter
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashDefaultDeallocator
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCharGroup
xmlIsCombining
xmlIsCombiningGroup
xmlIsDigit
xmlIsDigitGroup
xmlIsExtender
xmlIsExtenderGroup
xmlIsID
xmlIsIdeographic
xmlIsIdeographicGroup
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsPubidChar_tab
xmlIsRef
xmlIsXHTML
xmlKeepBlanksDefault
xmlLastElementChild
xmlLineNumbersDefault
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
xmlListReverseWalk
xmlListSearch
xmlListSize
xmlListSort
xmlListWalk
xmlLoadACatalog
xmlLoadCatalog
xmlLoadCatalogs
xmlLoadExternalEntity
xmlLoadSGMLSuperCatalog
xmlLockLibrary
xmlLsCountNode
xmlLsOneNode
xmlMalloc
xmlMallocAtomic
xmlMallocAtomicLoc
xmlMallocLoc
xmlMemBlocks
xmlMemDisplay

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/msvcp140.dll
.dll windows:6 windows x64 arch:x64

118dde577a38119350ab495f68a0326f

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

Actual PE Digest

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0

Digest Algorithm

sha256

PE Digest Matches

true

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

Actual PE Digest

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__current_exception_context
__C_specific_handler
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_endthreadex
_beginthreadex
_set_new_handler
abort
terminate
_cexit
_initialize_onexit_table
_errno
_initterm_e
_initterm

api-ms-win-crt-string-l1-1-0

iswspace
_wcsdup
iswalnum
__strncnt
wcsnlen
wcscpy_s
strcspn
iswdigit
isupper
tolower
isdigit
isspace
islower
iswxdigit
isxdigit
isalnum

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
setlocale
_unlock_locales
___lc_locale_name_func
localeconv
__pctype_func
___mb_cur_max_func
___lc_collate_cp_func
_lock_locales

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fgetc
fseek
_fsopen
_wfsopen
fputs
fgetwc
fputwc
ungetwc
fflush
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
setvbuf
__acrt_iob_func
_get_stream_buffer_pointers
fclose
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wchdir
_unlock_file
_wremove
_wrmdir
_lock_file

api-ms-win-crt-time-l1-1-0

_Wcsftime
_W_Gettnames
_W_Getmonths
_W_Getdays
_Strftime
_Getdays
_Gettnames
_Getmonths

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysign
copysignf
ldexp
_dclass
frexp
_ldclass
log
logf

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

EnterCriticalSection
RaiseException
CompareStringEx
MultiByteToWideChar
GetCPInfo
InitializeSListHead
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
RtlPcToFileHeader
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@G@std@@QEAA@AEBV01@@Z
??0?$_Yarn@G@std@@QEAA@PEBG@Z
??0?$_Yarn@G@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z
??0?$_Yarn@_W@std@@QEAA@PEB_W@Z
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@G@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@G@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Getptr@_Timevec@std@@QEBAPEAXXZ
?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/msvcp140_1.dll
.dll windows:6 windows x64 arch:x64

20717227ccb65afbaea7feeb74196ea2

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:88:b8:be:53:b1:29:f4:26:9a:e2:a9:c1:35:2c:db:61:ac:ab:e2:89:c1:e5:af:01:02:dd:22:37:3a:58:c9
Signer

Actual PE Digest

02:88:b8:be:53:b1:29:f4:26:9a:e2:a9:c1:35:2c:db:61:ac:ab:e2:89:c1:e5:af:01:02:dd:22:37:3a:58:c9

Digest Algorithm

sha256

PE Digest Matches

true

02:88:b8:be:53:b1:29:f4:26:9a:e2:a9:c1:35:2c:db:61:ac:ab:e2:89:c1:e5:af:01:02:dd:22:37:3a:58:c9
Signer

Actual PE Digest

02:88:b8:be:53:b1:29:f4:26:9a:e2:a9:c1:35:2c:db:61:ac:ab:e2:89:c1:e5:af:01:02:dd:22:37:3a:58:c9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb

Imports

msvcp140

?_Xbad_alloc@std@@YAXXZ

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
memset
__std_exception_copy
memcpy
__C_specific_handler
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_callnewh
free
_aligned_free
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm_e
_initterm
_initialize_narrow_environment
_execute_onexit_table

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
IsProcessorFeaturePresent
DisableThreadLibraryCalls
SetUnhandledExceptionFilter

Exports

Exports

_Aligned_get_default_resource
_Aligned_new_delete_resource
_Aligned_set_default_resource
_Unaligned_get_default_resource
_Unaligned_new_delete_resource
_Unaligned_set_default_resource
null_memory_resource

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/msvcp140_2.dll
.dll windows:6 windows x64 arch:x64

888e6d55400991a8c64e77ff0ef6377b

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:b7:b8:da:81:90:7e:e9:0c:06:f9:c6:ac:3e:31:db:93:a9:6d:59:78:49:d6:23:15:af:38:40:35:e4:77:1a
Signer

Actual PE Digest

a4:b7:b8:da:81:90:7e:e9:0c:06:f9:c6:ac:3e:31:db:93:a9:6d:59:78:49:d6:23:15:af:38:40:35:e4:77:1a

Digest Algorithm

sha256

PE Digest Matches

true

a4:b7:b8:da:81:90:7e:e9:0c:06:f9:c6:ac:3e:31:db:93:a9:6d:59:78:49:d6:23:15:af:38:40:35:e4:77:1a
Signer

Actual PE Digest

a4:b7:b8:da:81:90:7e:e9:0c:06:f9:c6:ac:3e:31:db:93:a9:6d:59:78:49:d6:23:15:af:38:40:35:e4:77:1a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_2.amd64.pdb

Imports

msvcp140

?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?clear@ios_base@std@@QEAAXH_N@Z
?rdstate@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?precision@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?widen@?$ctype@D@std@@QEBADD@Z
??1ios_base@std@@UEAA@XZ
?_Addstd@ios_base@std@@SAXPEAV12@@Z
??0ios_base@std@@IEAA@XZ
?_Init@ios_base@std@@IEAAXXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?uncaught_exceptions@std@@YAHXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Lockit@std@@QEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0_Lockit@std@@QEAA@H@Z

vcruntime140

memcmp
__std_exception_destroy
memcpy
memchr
__C_specific_handler
__std_terminate
memmove
memset
__std_exception_copy
__std_type_info_destroy_list
_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initterm
_initterm_e
_errno

api-ms-win-crt-math-l1-1-0

tan
sin
pow
frexp
log
ldexp
sqrt
_dclass
_ldclass
atan
ceil
cos
cosh
sqrtf
fmod
exp
sinh
floor

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strcspn

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-locale-l1-1-0

localeconv

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

Exports

Exports

__std_smf_assoc_laguerre
__std_smf_assoc_laguerref
__std_smf_assoc_legendre
__std_smf_assoc_legendref
__std_smf_beta
__std_smf_betaf
__std_smf_comp_ellint_1
__std_smf_comp_ellint_1f
__std_smf_comp_ellint_2
__std_smf_comp_ellint_2f
__std_smf_comp_ellint_3
__std_smf_comp_ellint_3f
__std_smf_cyl_bessel_i
__std_smf_cyl_bessel_if
__std_smf_cyl_bessel_j
__std_smf_cyl_bessel_jf
__std_smf_cyl_bessel_k
__std_smf_cyl_bessel_kf
__std_smf_cyl_neumann
__std_smf_cyl_neumannf
__std_smf_ellint_1
__std_smf_ellint_1f
__std_smf_ellint_2
__std_smf_ellint_2f
__std_smf_ellint_3
__std_smf_ellint_3f
__std_smf_expint
__std_smf_expintf
__std_smf_hermite
__std_smf_hermitef
__std_smf_hypot3
__std_smf_hypot3f
__std_smf_laguerre
__std_smf_laguerref
__std_smf_legendre
__std_smf_legendref
__std_smf_riemann_zeta
__std_smf_riemann_zetaf
__std_smf_sph_bessel
__std_smf_sph_besself
__std_smf_sph_legendre
__std_smf_sph_legendref
__std_smf_sph_neumann
__std_smf_sph_neumannf

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/msvcp140_atomic_wait.dll
.dll windows:6 windows x64 arch:x64

bced65fa8a1a54f039081b1993833c8f

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:c9:d9:39:7b:41:42:13:51:ab:62:2f:ef:49:3a:4a:98:a5:a5:89:10:cd:63:0f:5d:21:3e:ea:8e:6d:c7:32
Signer

Actual PE Digest

ec:c9:d9:39:7b:41:42:13:51:ab:62:2f:ef:49:3a:4a:98:a5:a5:89:10:cd:63:0f:5d:21:3e:ea:8e:6d:c7:32

Digest Algorithm

sha256

PE Digest Matches

true

ec:c9:d9:39:7b:41:42:13:51:ab:62:2f:ef:49:3a:4a:98:a5:a5:89:10:cd:63:0f:5d:21:3e:ea:8e:6d:c7:32
Signer

Actual PE Digest

ec:c9:d9:39:7b:41:42:13:51:ab:62:2f:ef:49:3a:4a:98:a5:a5:89:10:cd:63:0f:5d:21:3e:ea:8e:6d:c7:32

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_atomic_wait.amd64.pdb

Imports

msvcp140

??0_Init_locks@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Init_locks@std@@QEAA@XZ
_Thrd_hardware_concurrency

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
memcpy
__std_exception_destroy
__std_exception_copy
__std_terminate
memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
abort

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
calloc
free

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
AreFileApisANSI
MultiByteToWideChar
CloseThreadpoolWork
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsProcessorFeaturePresent
GetTickCount64
GetModuleHandleW
GetProcAddress
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
GetLastError
SetLastError
LoadLibraryExW
DisableThreadLibraryCalls

Exports

Exports

__std_acquire_shared_mutex_for_instance
__std_atomic_compare_exchange_128
__std_atomic_get_mutex
__std_atomic_has_cmpxchg16b
__std_atomic_notify_all_direct
__std_atomic_notify_all_indirect
__std_atomic_notify_one_direct
__std_atomic_notify_one_indirect
__std_atomic_set_api_level
__std_atomic_wait_direct
__std_atomic_wait_get_deadline
__std_atomic_wait_get_remaining_timeout
__std_atomic_wait_indirect
__std_bulk_submit_threadpool_work
__std_calloc_crt
__std_close_threadpool_work
__std_create_threadpool_work
__std_execution_wait_on_uchar
__std_execution_wake_by_address_all
__std_free_crt
__std_parallel_algorithms_hw_threads
__std_release_shared_mutex_for_instance
__std_submit_threadpool_work
__std_tzdb_delete_current_zone
__std_tzdb_delete_leap_seconds
__std_tzdb_delete_sys_info
__std_tzdb_delete_time_zones
__std_tzdb_get_current_zone
__std_tzdb_get_leap_seconds
__std_tzdb_get_sys_info
__std_tzdb_get_time_zones
__std_wait_for_threadpool_work_callbacks

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/msvcp140_codecvt_ids.dll
.dll windows:6 windows x64 arch:x64

8e3190ca5b1dfe3662e83fefed12f437

Code Sign

33:00:00:00:f7:80:de:c4:94:54:79:46:07:00:00:00:00:00:f7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:9e:5b:f2:38:f1:45:2a:33:77:3b:da:0f:8d:e9:cc:6b:f3:68:2e:f6:9c:10:0c:a2:f5:35:27:09:3e:7e:d6
Signer

Actual PE Digest

69:9e:5b:f2:38:f1:45:2a:33:77:3b:da:0f:8d:e9:cc:6b:f3:68:2e:f6:9c:10:0c:a2:f5:35:27:09:3e:7e:d6

Digest Algorithm

sha256

PE Digest Matches

true

69:9e:5b:f2:38:f1:45:2a:33:77:3b:da:0f:8d:e9:cc:6b:f3:68:2e:f6:9c:10:0c:a2:f5:35:27:09:3e:7e:d6
Signer

Actual PE Digest

69:9e:5b:f2:38:f1:45:2a:33:77:3b:da:0f:8d:e9:cc:6b:f3:68:2e:f6:9c:10:0c:a2:f5:35:27:09:3e:7e:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140_codecvt_ids.amd64.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

IsDebuggerPresent
QueryPerformanceCounter
DisableThreadLibraryCalls
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcessId
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_S_QU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_UDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_U_QU_Mbstatet@@@std@@2V0locale@2@A

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/nghttp2.dll
.dll windows:6 windows x64 arch:x64

e2bbc9c19b73316c08dcaf12c6278fd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memmove
memcpy
memcmp
memset

api-ms-win-crt-runtime-l1-1-0

_wassert
_cexit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
abort
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
calloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-time-l1-1-0

_time64

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId

Exports

Exports

nghttp2_check_authority
nghttp2_check_header_name
nghttp2_check_header_value
nghttp2_check_header_value_rfc9113
nghttp2_check_method
nghttp2_check_path
nghttp2_extpri_parse_priority
nghttp2_hd_deflate_bound
nghttp2_hd_deflate_change_table_size
nghttp2_hd_deflate_del
nghttp2_hd_deflate_get_dynamic_table_size
nghttp2_hd_deflate_get_max_dynamic_table_size
nghttp2_hd_deflate_get_num_table_entries
nghttp2_hd_deflate_get_table_entry
nghttp2_hd_deflate_hd
nghttp2_hd_deflate_hd2
nghttp2_hd_deflate_hd_vec
nghttp2_hd_deflate_hd_vec2
nghttp2_hd_deflate_new
nghttp2_hd_deflate_new2
nghttp2_hd_inflate_change_table_size
nghttp2_hd_inflate_del
nghttp2_hd_inflate_end_headers
nghttp2_hd_inflate_get_dynamic_table_size
nghttp2_hd_inflate_get_max_dynamic_table_size
nghttp2_hd_inflate_get_num_table_entries
nghttp2_hd_inflate_get_table_entry
nghttp2_hd_inflate_hd
nghttp2_hd_inflate_hd2
nghttp2_hd_inflate_hd3
nghttp2_hd_inflate_new
nghttp2_hd_inflate_new2
nghttp2_http2_strerror
nghttp2_is_fatal
nghttp2_nv_compare_name
nghttp2_option_del
nghttp2_option_new
nghttp2_option_set_builtin_recv_extension_type
nghttp2_option_set_max_continuations
nghttp2_option_set_max_deflate_dynamic_table_size
nghttp2_option_set_max_outbound_ack
nghttp2_option_set_max_reserved_remote_streams
nghttp2_option_set_max_send_header_block_length
nghttp2_option_set_max_settings
nghttp2_option_set_no_auto_ping_ack
nghttp2_option_set_no_auto_window_update
nghttp2_option_set_no_closed_streams
nghttp2_option_set_no_http_messaging
nghttp2_option_set_no_recv_client_magic
nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation
nghttp2_option_set_peer_max_concurrent_streams
nghttp2_option_set_server_fallback_rfc7540_priorities
nghttp2_option_set_stream_reset_rate_limit
nghttp2_option_set_user_recv_extension_type
nghttp2_pack_settings_payload
nghttp2_pack_settings_payload2
nghttp2_priority_spec_check_default
nghttp2_priority_spec_default_init
nghttp2_priority_spec_init
nghttp2_rcbuf_decref
nghttp2_rcbuf_get_buf
nghttp2_rcbuf_incref
nghttp2_rcbuf_is_static
nghttp2_select_alpn
nghttp2_select_next_protocol
nghttp2_session_callbacks_del
nghttp2_session_callbacks_new
nghttp2_session_callbacks_set_before_frame_send_callback
nghttp2_session_callbacks_set_data_source_read_length_callback
nghttp2_session_callbacks_set_data_source_read_length_callback2
nghttp2_session_callbacks_set_error_callback
nghttp2_session_callbacks_set_error_callback2
nghttp2_session_callbacks_set_on_begin_frame_callback
nghttp2_session_callbacks_set_on_begin_headers_callback
nghttp2_session_callbacks_set_on_data_chunk_recv_callback
nghttp2_session_callbacks_set_on_extension_chunk_recv_callback
nghttp2_session_callbacks_set_on_frame_not_send_callback
nghttp2_session_callbacks_set_on_frame_recv_callback
nghttp2_session_callbacks_set_on_frame_send_callback
nghttp2_session_callbacks_set_on_header_callback
nghttp2_session_callbacks_set_on_header_callback2
nghttp2_session_callbacks_set_on_invalid_frame_recv_callback
nghttp2_session_callbacks_set_on_invalid_header_callback
nghttp2_session_callbacks_set_on_invalid_header_callback2
nghttp2_session_callbacks_set_on_stream_close_callback
nghttp2_session_callbacks_set_pack_extension_callback
nghttp2_session_callbacks_set_pack_extension_callback2
nghttp2_session_callbacks_set_recv_callback
nghttp2_session_callbacks_set_recv_callback2
nghttp2_session_callbacks_set_select_padding_callback
nghttp2_session_callbacks_set_select_padding_callback2
nghttp2_session_callbacks_set_send_callback
nghttp2_session_callbacks_set_send_callback2
nghttp2_session_callbacks_set_send_data_callback
nghttp2_session_callbacks_set_unpack_extension_callback
nghttp2_session_change_extpri_stream_priority
nghttp2_session_change_stream_priority
nghttp2_session_check_request_allowed
nghttp2_session_check_server_session
nghttp2_session_client_new
nghttp2_session_client_new2
nghttp2_session_client_new3
nghttp2_session_consume
nghttp2_session_consume_connection
nghttp2_session_consume_stream
nghttp2_session_create_idle_stream
nghttp2_session_del
nghttp2_session_find_stream
nghttp2_session_get_effective_local_window_size
nghttp2_session_get_effective_recv_data_length
nghttp2_session_get_extpri_stream_priority
nghttp2_session_get_hd_deflate_dynamic_table_size
nghttp2_session_get_hd_inflate_dynamic_table_size
nghttp2_session_get_last_proc_stream_id
nghttp2_session_get_local_settings
nghttp2_session_get_local_window_size
nghttp2_session_get_next_stream_id
nghttp2_session_get_outbound_queue_size
nghttp2_session_get_remote_settings
nghttp2_session_get_remote_window_size
nghttp2_session_get_root_stream
nghttp2_session_get_stream_effective_local_window_size
nghttp2_session_get_stream_effective_recv_data_length
nghttp2_session_get_stream_local_close
nghttp2_session_get_stream_local_window_size
nghttp2_session_get_stream_remote_close
nghttp2_session_get_stream_remote_window_size
nghttp2_session_get_stream_user_data
nghttp2_session_mem_recv
nghttp2_session_mem_recv2
nghttp2_session_mem_send
nghttp2_session_mem_send2
nghttp2_session_recv
nghttp2_session_resume_data
nghttp2_session_send
nghttp2_session_server_new
nghttp2_session_server_new2
nghttp2_session_server_new3
nghttp2_session_set_local_window_size
nghttp2_session_set_next_stream_id
nghttp2_session_set_stream_user_data
nghttp2_session_set_user_data
nghttp2_session_terminate_session
nghttp2_session_terminate_session2
nghttp2_session_upgrade
nghttp2_session_upgrade2
nghttp2_session_want_read
nghttp2_session_want_write
nghttp2_set_debug_vprintf_callback
nghttp2_stream_get_first_child
nghttp2_stream_get_next_sibling
nghttp2_stream_get_parent
nghttp2_stream_get_previous_sibling
nghttp2_stream_get_state
nghttp2_stream_get_stream_id
nghttp2_stream_get_sum_dependency_weight
nghttp2_stream_get_weight
nghttp2_strerror
nghttp2_submit_altsvc
nghttp2_submit_data
nghttp2_submit_data2
nghttp2_submit_extension
nghttp2_submit_goaway
nghttp2_submit_headers
nghttp2_submit_origin
nghttp2_submit_ping
nghttp2_submit_priority
nghttp2_submit_priority_update
nghttp2_submit_push_promise
nghttp2_submit_request
nghttp2_submit_request2
nghttp2_submit_response
nghttp2_submit_response2
nghttp2_submit_rst_stream
nghttp2_submit_settings
nghttp2_submit_shutdown_notice
nghttp2_submit_trailer
nghttp2_submit_window_update
nghttp2_version

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/pcre2-8.dll
.dll windows:6 windows x64 arch:x64

a962b64894ee7f4ce11609b883fc00aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memchr
strchr
memset
memmove
memcpy
memcmp

api-ms-win-crt-string-l1-1-0

isprint
isalnum
isxdigit
isdigit
islower
isupper
isalpha
toupper
isgraph
ispunct
tolower
isspace
iscntrl

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_cexit
_initterm_e
_initialize_onexit_table
_initterm
_seh_filter_dll
_configure_narrow_argv

kernel32

InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
IsDebuggerPresent
RtlCaptureContext
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId

Exports

Exports

pcre2_callout_enumerate_8
pcre2_code_copy_8
pcre2_code_copy_with_tables_8
pcre2_code_free_8
pcre2_compile_8
pcre2_compile_context_copy_8
pcre2_compile_context_create_8
pcre2_compile_context_free_8
pcre2_config_8
pcre2_convert_context_copy_8
pcre2_convert_context_create_8
pcre2_convert_context_free_8
pcre2_converted_pattern_free_8
pcre2_dfa_match_8
pcre2_general_context_copy_8
pcre2_general_context_create_8
pcre2_general_context_free_8
pcre2_get_error_message_8
pcre2_get_mark_8
pcre2_get_match_data_heapframes_size_8
pcre2_get_match_data_size_8
pcre2_get_ovector_count_8
pcre2_get_ovector_pointer_8
pcre2_get_startchar_8
pcre2_jit_compile_8
pcre2_jit_free_unused_memory_8
pcre2_jit_match_8
pcre2_jit_stack_assign_8
pcre2_jit_stack_create_8
pcre2_jit_stack_free_8
pcre2_maketables_8
pcre2_maketables_free_8
pcre2_match_8
pcre2_match_context_copy_8
pcre2_match_context_create_8
pcre2_match_context_free_8
pcre2_match_data_create_8
pcre2_match_data_create_from_pattern_8
pcre2_match_data_free_8
pcre2_pattern_convert_8
pcre2_pattern_info_8
pcre2_serialize_decode_8
pcre2_serialize_encode_8
pcre2_serialize_free_8
pcre2_serialize_get_number_of_codes_8
pcre2_set_bsr_8
pcre2_set_callout_8
pcre2_set_character_tables_8
pcre2_set_compile_extra_options_8
pcre2_set_compile_recursion_guard_8
pcre2_set_depth_limit_8
pcre2_set_glob_escape_8
pcre2_set_glob_separator_8
pcre2_set_heap_limit_8
pcre2_set_match_limit_8
pcre2_set_max_pattern_length_8
pcre2_set_max_varlookbehind_8
pcre2_set_newline_8
pcre2_set_offset_limit_8
pcre2_set_parens_nest_limit_8
pcre2_set_recursion_limit_8
pcre2_set_recursion_memory_management_8
pcre2_set_substitute_callout_8
pcre2_substitute_8
pcre2_substring_copy_byname_8
pcre2_substring_copy_bynumber_8
pcre2_substring_free_8
pcre2_substring_get_byname_8
pcre2_substring_get_bynumber_8
pcre2_substring_length_byname_8
pcre2_substring_length_bynumber_8
pcre2_substring_list_free_8
pcre2_substring_list_get_8
pcre2_substring_nametable_scan_8
pcre2_substring_number_from_name_8

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/pdcurses.dll
.dll windows:6 windows x64 arch:x64

f65506a82327ddf9c885e8b89b7e7006

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

CloseClipboard
MessageBeep
GetWindowThreadProcessId
FindWindowW
SendMessageW
wsprintfW
MapVirtualKeyW
GetKeyState
EmptyClipboard
GetClipboardData
SetClipboardData
OpenClipboard

advapi32

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

CreateFileW
GetStringTypeW
SetStdHandle
HeapSize
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapReAlloc
SetEndOfFile
GetProcessHeap
IsDebuggerPresent
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GetTickCount
SetConsoleMode
WriteConsoleA
WriteConsoleW
SetConsoleCursorPosition
WriteConsoleOutputW
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetNumberOfConsoleInputEvents
ReadConsoleInputW
PeekConsoleInputW
FlushConsoleInputBuffer
GetStdHandle
GetFileType
CloseHandle
DuplicateHandle
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
GetCurrentProcessId
OpenProcess
GetVersion
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleHandleA
GetProcAddress
GetConsoleOutputCP
GetConsoleMode
SetConsoleCtrlHandler
CreateConsoleScreenBuffer
SetConsoleActiveScreenBuffer
SetConsoleScreenBufferSize
GetLargestConsoleWindowSize
SetConsoleTextAttribute
SetConsoleWindowInfo
GetConsoleTitleW
SetConsoleTitleW
SetConsoleCursorInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
GetCommandLineA
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
QueryPerformanceFrequency
GetModuleFileNameW
HeapFree
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
ReadFile
ReadConsoleW
WriteFile
GetFileSizeEx
SetFilePointerEx
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

Exports

Exports

COLORS
COLOR_PAIRS
COLS
LINES
Mouse_status
PDC_clearclipboard
PDC_debug
PDC_freeclipboard
PDC_get_input_fd
PDC_get_key_modifiers
PDC_get_version
PDC_getclipboard
PDC_return_key_modifiers
PDC_set_blink
PDC_set_bold
PDC_set_line_color
PDC_set_title
PDC_setclipboard
PDC_ungetch
SP
TABSIZE
acs_map
add_wch
add_wchnstr
add_wchstr
addch
addchnstr
addchstr
addnstr
addnwstr
addrawch
addstr
addwstr
assume_default_colors
attr_get
attr_off
attr_on
attr_set
attroff
attron
attrset
baudrate
beep
bkgd
bkgdset
bkgrnd
bkgrndset
border
border_set
bottom_panel
box
box_set
can_change_color
cbreak
chgat
clear
clearok
clrtobot
clrtoeol
color_content
color_set
copywin
crmode
curs_set
curscr
curses_version
def_prog_mode
def_shell_mode
del_panel
delay_output
delch
deleteln
delscreen
delwin
derwin
doupdate
draino
dupwin
echo
echo_wchar
echochar
endwin
erase
erasechar
erasewchar
filter
fixterm
flash
flushinp
get_wch
get_wstr
getattrs
getbegx
getbegy
getbkgd
getbkgrnd
getcchar
getcurx
getcury
getmaxx
getmaxy
getmouse
getn_wstr
getnstr
getparx
getpary
getstr
getwin
halfdelay
has_colors
has_ic
has_il
has_key
has_mouse
hide_panel
hline
hline_set
idcok
idlok
immedok
in_wch
in_wchnstr
in_wchstr
inch
inchnstr
inchstr
init_color
init_pair
initscr
innstr
innwstr
ins_nwstr
ins_wch
ins_wstr
insch
insdelln
insertln
insnstr
insrawch
insstr
instr
intrflush
inwstr
is_keypad
is_leaveok
is_linetouched
is_pad
is_termresized
is_wintouched
isendwin
key_name
keyname
keypad
killchar
killwchar
leaveok
longname
meta
mouse_off
mouse_on
mouse_set
mouse_trafo
mouseinterval
mousemask
move
move_panel
mvadd_wch
mvadd_wchnstr
mvadd_wchstr
mvaddch
mvaddchnstr
mvaddchstr
mvaddnstr
mvaddnwstr
mvaddrawch
mvaddstr
mvaddwstr
mvchgat
mvcur
mvdelch
mvdeleteln
mvderwin
mvget_wch
mvget_wstr
mvgetch
mvgetn_wstr
mvgetnstr
mvgetstr
mvhline
mvhline_set
mvin_wch
mvin_wchnstr
mvin_wchstr
mvinch
mvinchnstr
mvinchstr
mvinnstr
mvinnwstr
mvins_nwstr
mvins_wch
mvins_wstr
mvinsch
mvinsertln
mvinsnstr
mvinsrawch
mvinsstr
mvinstr
mvinwstr
mvprintw
mvscanw
mvvline
mvvline_set
mvwadd_wch
mvwadd_wchnstr
mvwadd_wchstr
mvwaddch
mvwaddchnstr
mvwaddchstr
mvwaddnstr
mvwaddnwstr
mvwaddrawch
mvwaddstr
mvwaddwstr
mvwchgat
mvwdelch
mvwdeleteln
mvwget_wch
mvwget_wstr
mvwgetch
mvwgetn_wstr
mvwgetnstr
mvwgetstr
mvwhline
mvwhline_set
mvwin
mvwin_wch
mvwin_wchnstr
mvwin_wchstr
mvwinch
mvwinchnstr
mvwinchstr
mvwinnstr
mvwinnwstr
mvwins_nwstr
mvwins_wch
mvwins_wstr
mvwinsch
mvwinsertln
mvwinsnstr
mvwinsrawch
mvwinsstr
mvwinstr
mvwinwstr
mvwprintw
mvwscanw
mvwvline
mvwvline_set
napms
nc_getmouse
new_panel
newpad
newterm
newwin
nl
nocbreak
nocrmode
nodelay
noecho
nonl
noqiflush
noraw
notimeout
overlay
overwrite
pair_content
panel_above
panel_below
panel_hidden
panel_userptr
panel_window
pecho_wchar
pechochar
pnoutrefresh
prefresh
printw
putwin
qiflush
raw
raw_output
redrawwin
refresh
replace_panel
request_mouse_pos
reset_prog_mode
reset_shell_mode
resetterm
resetty
resize_term
resize_window
ripoffline
saveterm
savetty
scanw
scr_dump
scr_init
scr_restore
scr_set
scrl
scroll
scrollok
set_panel_userptr
set_tabsize
set_term
setcchar
setscrreg
setsyx
show_panel
slk_attr_off
slk_attr_on
slk_attr_set
slk_attroff
slk_attron
slk_attrset
slk_clear
slk_color
slk_init
slk_label
slk_noutrefresh
slk_refresh
slk_restore
slk_set
slk_touch
slk_wlabel
slk_wset
standend
standout
start_color
stdscr
subpad
subwin
syncok
term_attrs
termattrs
termname
timeout
top_panel
touchline
touchoverlap
touchwin
traceoff
traceon
ttytype
typeahead
unctrl
underend
underscore
unget_wch
ungetmouse
untouchwin
update_panels
use_default_colors
use_env
vline
vline_set
vw_printw
vw_scanw
vwprintw
vwscanw
wadd_wch
wadd_wchnstr
wadd_wchstr
waddch
waddchnstr
waddchstr
waddnstr
waddnwstr
waddrawch
waddstr
waddwstr
wattr_get
wattr_off
wattr_on
wattr_set
wattroff
wattron
wattrset
wbkgd
wbkgdset
wbkgrnd
wbkgrndset
wborder
wborder_set
wchgat
wclear
wclrtobot
wclrtoeol
wcolor_set
wcursyncup
wdelch
wdeleteln
wecho_wchar
wechochar
wenclose
werase
wget_wch
wget_wstr
wgetbkgrnd
wgetch
wgetn_wstr
wgetnstr
wgetstr
whline
whline_set
win_wch
win_wchnstr
win_wchstr
winch
winchnstr
winchstr
winnstr
winnwstr
wins_nwstr
wins_wch
wins_wstr
winsch
winsdelln
winsertln
winsnstr
winsrawch
winsstr
winstr
winwstr
wmouse_position
wmouse_trafo
wmove
wnoutrefresh
wordchar
wprintw
wredrawln
wrefresh
wresize
wscanw
wscrl
wsetscrreg
wstandend
wstandout
wsyncdown
wsyncup
wtimeout
wtouchln
wunctrl
wunderend
wunderscore
wvline
wvline_set

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/pthreadvc3.dll
.dll windows:6 windows x64 arch:x64

386cfa9a9ee31d942fe6bc9326866881

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\build\.mussels\cache\work\x64\pthread-win32-version-3.1.0-release\pthreadVC3.pdb

Imports

kernel32

CloseHandle
DuplicateHandle
RaiseException
GetLastError
SetLastError
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
Sleep
WaitForMultipleObjects
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
SuspendThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetThreadContext
SetThreadContext
OpenProcess
GetSystemTimeAsFileTime
GetSystemDirectoryA
FreeLibrary
GetProcAddress
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
CreateSemaphoreA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW

vcruntime140

longjmp
__C_specific_handler
memset
__intrinsic_setjmp
__std_type_info_destroy_list
__current_exception
__current_exception_context
memcpy

api-ms-win-crt-runtime-l1-1-0

_get_errno
exit
_set_errno
terminate
_endthreadex
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_beginthreadex

api-ms-win-crt-string-l1-1-0

strncat_s
_strdup

api-ms-win-crt-heap-l1-1-0

malloc
free
calloc

Exports

Exports

__ptw32_get_exception_services_code
__ptw32_pop_cleanup
__ptw32_push_cleanup
_sched_affinitycpuand
_sched_affinitycpuclr
_sched_affinitycpucount
_sched_affinitycpuequal
_sched_affinitycpuisset
_sched_affinitycpuor
_sched_affinitycpuset
_sched_affinitycpuxor
_sched_affinitycpuzero
pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getaffinity_np
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getname_np
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setaffinity_np
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setname_np
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getaffinity_np
pthread_getconcurrency
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_getunique_np
pthread_getw32threadhandle_np
pthread_getw32threadid_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_consistent
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_getrobust
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_setrobust
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setaffinity_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_timedjoin_np
pthread_tryjoin_np
pthread_win32_getabstime_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
sched_get_priority_max
sched_get_priority_min
sched_getaffinity
sched_setaffinity
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/sigtool.exe
.exe windows:6 windows x64 arch:x64

0097b3ee49b0afb4c600d2bcd2584c7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libclamav

text_normalize_reset
text_normalize_init
cli_getdsig
cli_scan_fmap
cli_ac_chklsig
cli_check_auth_header
cli_genhash_pe
cli_realpath
cl_debug
cli_strerror
cli_gentemp
cli_gentemp_with_prefix
cli_gettmpdir
cl_engine_free
cl_engine_set_clcb_vba
cl_scandesc_callback
text_normalize_map
cli_utf16toascii
readdb_parse_ldb_subsignature
cli_hashstream
cli_rmdirs
cli_ctime
cli_calloc
cli_dbgmsg
cli_regcomp
cl_retdbdir
cli_regexec
cli_regfree
cli_strbcasestr
cli_chomp
cli_strtok
cli_hex2ui
cl_engine_compile
cli_hashfile
cli_hex2str
cli_str2hex
cli_strtokenize
cli_ldbtokenize
cli_add_content_match_pattern
cli_initroots
cl_engine_set_str
cl_engine_set_num
html_normalise_map
cl_engine_new
cl_init
cli_isnumber
cli_get_debug_flag
cli_versig2
cli_errmsg
cli_warnmsg
cli_infomsg_simple
cli_dbgmsg_no_inline
fmap
cl_hash_destroy
cl_finish_hash
cl_update_hash
cl_hash_init
cl_strerror
cl_retflevel
cl_cvdunpack
cl_cvdfree
cl_cvdverify
cl_cvdhead
cl_load

kernel32

GetCommandLineA
SetFileAttributesA
GetFileAttributesExW
GetFileAttributesA
DeleteFileA
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
CreateFileA
MoveFileExW
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
CreateThread
WriteConsoleW
GetFullPathNameW
FormatMessageW
GetModuleHandleW
GetConsoleMode
GetFinalPathNameByHandleW
Sleep
GetLastError
MoveFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
lstrcmpiA
CopyFileA
ReleaseSRWLockExclusive
CloseHandle
ReleaseMutex
FindClose
ReleaseSRWLockShared
SetThreadStackGuarantee
SwitchToThread
GetSystemInfo
AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
GetProcAddress
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
DeleteFileW
GetEnvironmentVariableW
GetCommandLineW
SetFilePointerEx
GetStdHandle
GetCurrentProcessId
WaitForSingleObject
TerminateProcess
WakeAllConditionVariable
SleepConditionVariableSRW
WakeConditionVariable
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetModuleHandleA
FindNextFileW
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
FindFirstFileW

advapi32

RegCloseKey
RegQueryValueExA
SystemFunction036
RegOpenKeyExA

bcrypt

BCryptGenRandom

ntdll

RtlNtStatusToDosError
NtReadFile
NtWriteFile

pthreadvc3

pthread_mutex_unlock
pthread_mutex_lock

vcruntime140

wcsstr
wcsrchr
__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
memcmp
memmove
__CxxFrameHandler3
memset
memcpy
strstr
strrchr
strchr

api-ms-win-crt-string-l1-1-0

strncmp
strlen
isdigit
_strdup
strncpy
strpbrk
wcsncpy
_strnicmp
strcmp
wcsncat
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_initterm
_set_app_type
_seh_filter_exe
_initterm_e
_exit
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_errno
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_set_errno
exit
_get_initial_narrow_environment
strerror
perror

api-ms-win-crt-stdio-l1-1-0

ftell
rewind
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vsprintf
fseek
_lseeki64
fwrite
_getcwd
fread
fopen
_wopen
_fileno
fgets
_setmode
_write
_read
_set_fmode
fflush
fclose
_open
_lseek
__acrt_iob_func
_close
__p__commode
_get_osfhandle

api-ms-win-crt-heap-l1-1-0

realloc
malloc
calloc
free
_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

strtoll
atoi
strtol
wcstombs

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64
_localtime64
_ctime64
strftime

api-ms-win-crt-filesystem-l1-1-0

_unlink
rename
_chdir
_mkdir
_umask
_fstat64i32

api-ms-win-crt-locale-l1-1-0

setlocale
_configthreadlocale

api-ms-win-crt-math-l1-1-0

powf
truncf
cos
roundf
expf
sinf
ceilf
ceil
__setusermatherr
sin
floorf
exp2f

Sections

.text
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 975KB - Virtual size: 974KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0
Signer

Actual PE Digest

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0

Digest Algorithm

sha256

PE Digest Matches

true

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0
Signer

Actual PE Digest

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fothk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clamav-1.3.1.win.x64/vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

72707e942878aac770fcc118ce3ec1c9

Code Sign

33:00:00:00:f8:ae:a0:bd:67:8b:63:ac:eb:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:43

Not After

16/10/2024, 19:43

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a
Signer

Actual PE Digest

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a

Digest Algorithm

sha256

PE Digest Matches

true

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a
Signer

Actual PE Digest

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
GetLastError
DeleteCriticalSection
SetLastError

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f466c0171be25422dde2e6073e15c23

Headers

DLL Characteristics

File Characteristics

Imports

libclamav

kernel32

advapi32

bcrypt

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 133KB - Virtual size: 133KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 3KB

e760fa9c46ce7e6ab6f4ee4d5e84acc1

Headers

DLL Characteristics

File Characteristics

Imports

libclamav

kernel32

advapi32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 3KB - Virtual size: 2KB

b9b0f3cc8c8d4a4b26ec6f10c8893143

Headers

DLL Characteristics

File Characteristics

Imports

libclamav

kernel32

advapi32

ws2_32

pthreadvc3

wsock32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 60KB - Virtual size: 59KB

.text
Size: 133KB - Virtual size: 133KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 2KB - Virtual size: 5KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 3KB - Virtual size: 37KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 3KB - Virtual size: 2KB