GrowtopiaInstaller (2)[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

GrowtopiaInstaller (2).exe
Size

230.6MB
MD5

3a3fc09ccd9742f23dfcd213ea0cc4fa
SHA1

e20b17bd6a625259b4f9b2c9f8439d761bc126e3
SHA256

9ccb0bc19f24b694a4129cc387279457e57671f8109937550258ffc40173423b
SHA512

cfc533d6c845692a94868d4df276b47276504cce838bfffea3ff41a33c6d384d70583bb9413fb6048ecea0cf1311ce38c3311fda2e712c2aef3625bb45016971
SSDEEP

6291456:2TkXdHjFqVWTv3QXZ0ZDhip7rOCXqCS6N:2WmWtb6rOCaC/

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/SecureEngineSDK64.dll
unpack001/ubiservices.dll
unpack001/zlibwapi.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

GrowtopiaInstaller (2).exe
.exe windows:4 windows x86 arch:x86

b78ecf47c0a3e24a6f4af114e2d1f5de

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43 UTC

Not After

17/09/2029, 06:43 UTC

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02/11/2023, 08:32 UTC

Not After

30/10/2034, 08:32 UTC

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00 UTC

Not After

28/04/2036, 23:59 UTC

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32 UTC

Not After

18/05/2036, 05:32 UTC

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0a:0b:aa:56:7d:6e:3c:d3:eb:ba:3e:8b:7d:7d:87:f1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/07/2022, 00:00 UTC

Not After

16/07/2025, 23:59 UTC

Subject

CN=UBISOFT ENTERTAINMENT INC.,O=UBISOFT ENTERTAINMENT INC.,L=Montreal,ST=Quebec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

df:f1:02:75:48:b7:d4:49:59:21:aa:5d:9a:26:8c:b4:9c:ec:ab:0f:41:c6:57:80:9c:f5:56:7b:4b:23:42:f0
Signer

Actual PE Digest

df:f1:02:75:48:b7:d4:49:59:21:aa:5d:9a:26:8c:b4:9c:ec:ab:0f:41:c6:57:80:9c:f5:56:7b:4b:23:42:f0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
GetFileAttributesA
SetFileAttributesA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
GetFullPathNameA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
GlobalUnlock
GetDiskFreeSpaceA
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
Growtopia.exe
.exe windows:6 windows x64 arch:x64

857adc0c7299ad317b37f8e938f1816a

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43 UTC

Not After

17/09/2029, 06:43 UTC

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02/11/2023, 08:32 UTC

Not After

30/10/2034, 08:32 UTC

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00 UTC

Not After

28/04/2036, 23:59 UTC

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32 UTC

Not After

18/05/2036, 05:32 UTC

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0a:0b:aa:56:7d:6e:3c:d3:eb:ba:3e:8b:7d:7d:87:f1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/07/2022, 00:00 UTC

Not After

16/07/2025, 23:59 UTC

Subject

CN=UBISOFT ENTERTAINMENT INC.,O=UBISOFT ENTERTAINMENT INC.,L=Montreal,ST=Quebec,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c2:ee:5b:0d:6a:96:0d:12:6f:89:bb:19:d1:21:2a:53:7f:93:97:34:3f:3b:fe:20:38:0a:97:66:f3:d8:45:c7
Signer

Actual PE Digest

c2:ee:5b:0d:6a:96:0d:12:6f:89:bb:19:d1:21:2a:53:7f:93:97:34:3f:3b:fe:20:38:0a:97:66:f3:d8:45:c7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

WSASetLastError

dinput8

DirectInput8Create

winmm

timeGetTime

anzu

Anzu_SetGDPRConsent

fmod64

?setDriver@System@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z

kernel32

GetVersionExA
GetVersionExW

user32

MessageBoxW

gdi32

ChoosePixelFormat

shell32

ExtractIconA

ole32

CoGetApartmentType

advapi32

SetSecurityInfo

secureenginesdk64

ord103

shlwapi

PathCombineW

version

GetFileVersionInfoA

iphlpapi

GetAdaptersInfo

crypt32

CertGetEnhancedKeyUsage

bcrypt

BCryptGenRandom

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: - Virtual size: 32.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xps0
Size: - Virtual size: 19.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xps1
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xps2
Size: 39.8MB - Virtual size: 39.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MicrosoftEdgeWebview2Setup.exe
.exe windows:5 windows x86 arch:x86

ccc6e30409f96054ca558f4765d32e38

Code Sign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51 UTC

Not After

16/10/2024, 19:51 UTC

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59 UTC

Not After

08/07/2026, 21:09 UTC

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:57:97:41:81:d1:09:95:4f:1c:10:95:8c:65:4e:63
Certificate

Issuer

CN=EdgeBuild,O=EdgeBuild,L=Redmond,ST=Washington,C=US

Not Before

15/06/2020, 23:52 UTC

Not After

31/12/2039, 23:59 UTC

Subject

CN=EdgeBuild,O=EdgeBuild,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69
Signer

Actual PE Digest

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69

Digest Algorithm

sha256

PE Digest Matches

true

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69
Signer

Actual PE Digest

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mi_exe_stub.pdb

Imports

kernel32

GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
OutputDebugStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
RaiseException
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
WriteConsoleW
DecodePointer
VirtualProtect
EncodePointer
QueryPerformanceCounter
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStringTypeW
CreateDirectoryW
SizeofResource
Wow64DisableWow64FsRedirection
RemoveDirectoryW
GetTempPathW
FormatMessageW
Wow64RevertWow64FsRedirection
GetDiskFreeSpaceExW
LockResource
DeleteFileW
FindResourceExW
LoadResource
FindResourceW
HeapDestroy
LocalFree
VerSetConditionMask
CopyFileW
VerifyVersionInfoW
GetTempFileNameW
lstrcmpiW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateEventW
SetEvent
CreateThread
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
VirtualQuery
CreateProcessW
GetExitCodeProcess
ResetEvent
WaitForSingleObjectEx
GetSystemInfo
LoadLibraryExA

advapi32

RegOpenKeyExA
SetSecurityDescriptorDacl
GetAclInformation
SetSecurityDescriptorOwner
GetSidSubAuthority
GetSidLengthRequired
CopySid
InitializeSid
IsValidSid
AddAce
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
GetSecurityDescriptorLength
MakeSelfRelativeSD
MakeAbsoluteSD
SetSecurityDescriptorGroup
RegOpenKeyExW
RegQueryValueExW
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteValueA

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx

shell32

SHGetKnownFolderPath
ord680
CommandLineToArgvW
SHGetFolderPathW

user32

CharLowerBuffW
MessageBoxW

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SecureEngineSDK64.dll
.dll windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ClearEnd
ClearStart
CodeReplaceEnd
CodeReplaceStart
CustomVM00000100_End
CustomVM00000100_Start
CustomVM00000101_End
CustomVM00000101_Start
CustomVM00000102_End
CustomVM00000102_Start
CustomVM00000103_End
CustomVM00000103_Start
CustomVM00000104_End
CustomVM00000104_Start
CustomVM00000105_End
CustomVM00000105_Start
CustomVM00000106_End
CustomVM00000106_Start
CustomVM00000107_End
CustomVM00000107_Start
CustomVM00000108_End
CustomVM00000108_Start
CustomVM00000109_End
CustomVM00000109_Start
CustomVM00000110_End
CustomVM00000110_Start
CustomVM00000111_End
CustomVM00000111_Start
CustomVM00000112_End
CustomVM00000112_Start
CustomVM00000113_End
CustomVM00000113_Start
CustomVM00000114_End
CustomVM00000114_Start
CustomVM00000115_End
CustomVM00000115_Start
CustomVM00000116_End
CustomVM00000116_Start
CustomVM00000117_End
CustomVM00000117_Start
CustomVM00000118_End
CustomVM00000118_Start
CustomVM00000119_End
CustomVM00000119_Start
CustomVM00000120_End
CustomVM00000120_Start
CustomVM00000121_End
CustomVM00000121_Start
CustomVM00000122_End
CustomVM00000122_Start
CustomVM00000123_End
CustomVM00000123_Start
CustomVM00000124_End
CustomVM00000124_Start
CustomVM00000125_End
CustomVM00000125_Start
CustomVM00000126_End
CustomVM00000126_Start
CustomVM00000127_End
CustomVM00000127_Start
CustomVM00000128_End
CustomVM00000128_Start
CustomVM00000129_End
CustomVM00000129_Start
CustomVM00000130_End
CustomVM00000130_Start
CustomVM00000131_End
CustomVM00000131_Start
CustomVM00000132_End
CustomVM00000132_Start
CustomVM00000133_End
CustomVM00000133_Start
CustomVM00000134_End
CustomVM00000134_Start
CustomVM00000135_End
CustomVM00000135_Start
CustomVM00000136_End
CustomVM00000136_Start
CustomVM00000137_End
CustomVM00000137_Start
CustomVM00000138_End
CustomVM00000138_Start
CustomVM00000139_End
CustomVM00000139_Start
CustomVM00000140_End
CustomVM00000140_Start
CustomVM00000141_End
CustomVM00000141_Start
CustomVM00000142_End
CustomVM00000142_Start
CustomVM00000143_End
CustomVM00000143_Start
CustomVM00000144_End
CustomVM00000144_Start
CustomVM00000145_End
CustomVM00000145_Start
CustomVM00000146_End
CustomVM00000146_Start
CustomVM00000147_End
CustomVM00000147_Start
CustomVM00000148_End
CustomVM00000148_Start
CustomVM00000149_End
CustomVM00000149_Start
CustomVM00000150_End
CustomVM00000150_Start
CustomVM00000151_End
CustomVM00000151_Start
CustomVM00000152_End
CustomVM00000152_Start
CustomVM00000153_End
CustomVM00000153_Start
CustomVM00000154_End
CustomVM00000154_Start
CustomVM00000155_End
CustomVM00000155_Start
CustomVM00000156_End
CustomVM00000156_Start
CustomVM00000157_End
CustomVM00000157_Start
CustomVM00000158_End
CustomVM00000158_Start
CustomVM00000159_End
CustomVM00000159_Start
CustomVM00000160_End
CustomVM00000160_Start
CustomVM00000161_End
CustomVM00000161_Start
CustomVM00000162_End
CustomVM00000162_Start
CustomVM00000163_End
CustomVM00000163_Start
CustomVM00000164_End
CustomVM00000164_Start
CustomVM00000165_End
CustomVM00000165_Start
CustomVM00000166_End
CustomVM00000166_Start
CustomVM00000167_End
CustomVM00000167_Start
CustomVM00000168_End
CustomVM00000168_Start
CustomVM00000169_End
CustomVM00000169_Start
CustomVM00000170_End
CustomVM00000170_Start
CustomVM00000171_End
CustomVM00000171_Start
CustomVM00000172_End
CustomVM00000172_Start
CustomVM00000173_End
CustomVM00000173_Start
CustomVM00000174_End
CustomVM00000174_Start
CustomVM00000175_End
CustomVM00000175_Start
CustomVM00000176_End
CustomVM00000176_Start
CustomVM00000177_End
CustomVM00000177_Start
CustomVM00000178_End
CustomVM00000178_Start
CustomVM00000179_End
CustomVM00000179_Start
CustomVM00000180_End
CustomVM00000180_Start
CustomVM00000181_End
CustomVM00000181_Start
CustomVM00000182_End
CustomVM00000182_Start
CustomVM00000183_End
CustomVM00000183_Start
CustomVM00000184_End
CustomVM00000184_Start
CustomVM00000185_End
CustomVM00000185_Start
CustomVM00000186_End
CustomVM00000186_Start
CustomVM00000187_End
CustomVM00000187_Start
CustomVM00000188_End
CustomVM00000188_Start
CustomVM00000189_End
CustomVM00000189_Start
CustomVM00000190_End
CustomVM00000190_Start
CustomVM00000191_End
CustomVM00000191_Start
CustomVM00000192_End
CustomVM00000192_Start
CustomVM00000193_End
CustomVM00000193_Start
CustomVM00000194_End
CustomVM00000194_Start
CustomVM00000195_End
CustomVM00000195_Start
CustomVM00000196_End
CustomVM00000196_Start
CustomVM00000197_End
CustomVM00000197_Start
CustomVM00000198_End
CustomVM00000198_Start
CustomVM00000199_End
CustomVM00000199_Start
CustomVM00000200_End
CustomVM00000200_Start
CustomVM00000201_End
CustomVM00000201_Start
CustomVM00000202_End
CustomVM00000202_Start
CustomVM00000203_End
CustomVM00000203_Start
CustomVM00000204_End
CustomVM00000204_Start
CustomVM00000205_End
CustomVM00000205_Start
CustomVM00000206_End
CustomVM00000206_Start
CustomVM00000207_End
CustomVM00000207_Start
CustomVM00000208_End
CustomVM00000208_Start
CustomVM00000209_End
CustomVM00000209_Start
CustomVM00000210_End
CustomVM00000210_Start
CustomVM00000211_End
CustomVM00000211_Start
CustomVM00000212_End
CustomVM00000212_Start
CustomVM00000213_End
CustomVM00000213_Start
CustomVM00000214_End
CustomVM00000214_Start
CustomVM00000215_End
CustomVM00000215_Start
CustomVM00000216_End
CustomVM00000216_Start
CustomVM00000217_End
CustomVM00000217_Start
CustomVM00000218_End
CustomVM00000218_Start
CustomVM00000219_End
CustomVM00000219_Start
CustomVM00000220_End
CustomVM00000220_Start
CustomVM00000221_End
CustomVM00000221_Start
CustomVM00000222_End
CustomVM00000222_Start
CustomVM00000223_End
CustomVM00000223_Start
CustomVM00000224_End
CustomVM00000224_Start
CustomVM00000225_End
CustomVM00000225_Start
CustomVM00000226_End
CustomVM00000226_Start
CustomVM00000227_End
CustomVM00000227_Start
CustomVM00000228_End
CustomVM00000228_Start
CustomVM00000229_End
CustomVM00000229_Start
CustomVM00000230_End
CustomVM00000230_Start
CustomVM00000231_End
CustomVM00000231_Start
CustomVM00000232_End
CustomVM00000232_Start
CustomVM00000233_End
CustomVM00000233_Start
CustomVM00000234_End
CustomVM00000234_Start
CustomVM00000235_End
CustomVM00000235_Start
CustomVM00000236_End
CustomVM00000236_Start
CustomVM00000237_End
CustomVM00000237_Start
CustomVM00000238_End
CustomVM00000238_Start
CustomVM00000239_End
CustomVM00000239_Start
CustomVM00000240_End
CustomVM00000240_Start
CustomVM00000241_End
CustomVM00000241_Start
CustomVM00000242_End
CustomVM00000242_Start
CustomVM00000243_End
CustomVM00000243_Start
CustomVM00000244_End
CustomVM00000244_Start
CustomVM00000245_End
CustomVM00000245_Start
CustomVM00000246_End
CustomVM00000246_Start
CustomVM00000247_End
CustomVM00000247_Start
CustomVM00000248_End
CustomVM00000248_Start
CustomVM00000249_End
CustomVM00000249_Start
CustomVM00000250_End
CustomVM00000250_Start
CustomVM00000251_End
CustomVM00000251_Start
CustomVM00000252_End
CustomVM00000252_Start
CustomVM00000253_End
CustomVM00000253_Start
CustomVM00000254_End
CustomVM00000254_Start
CustomVM00000255_End
CustomVM00000255_Start
CustomVM00000256_End
CustomVM00000256_Start
CustomVM00000257_End
CustomVM00000257_Start
CustomVM00000258_End
CustomVM00000258_Start
CustomVM00000259_End
CustomVM00000259_Start
CustomVM00000260_End
CustomVM00000260_Start
CustomVM00000261_End
CustomVM00000261_Start
CustomVM00000262_End
CustomVM00000262_Start
CustomVM00000263_End
CustomVM00000263_Start
CustomVM00000264_End
CustomVM00000264_Start
CustomVM00000265_End
CustomVM00000265_Start
CustomVM00000266_End
CustomVM00000266_Start
CustomVM00000267_End
CustomVM00000267_Start
CustomVM00000268_End
CustomVM00000268_Start
CustomVM00000269_End
CustomVM00000269_Start
CustomVM00000270_End
CustomVM00000270_Start
CustomVM00000271_End
CustomVM00000271_Start
CustomVM00000272_End
CustomVM00000272_Start
CustomVM00000273_End
CustomVM00000273_Start
CustomVM00000274_End
CustomVM00000274_Start
CustomVM00000275_End
CustomVM00000275_Start
CustomVM00000276_End
CustomVM00000276_Start
CustomVM00000277_End
CustomVM00000277_Start
CustomVM00000278_End
CustomVM00000278_Start
CustomVM00000279_End
CustomVM00000279_Start
CustomVM00000280_End
CustomVM00000280_Start
CustomVM00000281_End
CustomVM00000281_Start
CustomVM00000282_End
CustomVM00000282_Start
CustomVM00000283_End
CustomVM00000283_Start
CustomVM00000284_End
CustomVM00000284_Start
CustomVM00000285_End
CustomVM00000285_Start
CustomVM00000286_End
CustomVM00000286_Start
CustomVM00000287_End
CustomVM00000287_Start
CustomVM00000288_End
CustomVM00000288_Start
CustomVM00000289_End
CustomVM00000289_Start
CustomVM00000290_End
CustomVM00000290_Start
CustomVM00000291_End
CustomVM00000291_Start
CustomVM00000292_End
CustomVM00000292_Start
CustomVM00000293_End
CustomVM00000293_Start
CustomVM00000294_End
CustomVM00000294_Start
CustomVM00000295_End
CustomVM00000295_Start
CustomVM00000296_End
CustomVM00000296_Start
CustomVM00000297_End
CustomVM00000297_Start
CustomVM00000298_End
CustomVM00000298_Start
CustomVM00000299_End
CustomVM00000299_Start
CustomVM00000300_End
CustomVM00000300_Start
CustomVM00000301_End
CustomVM00000301_Start
CustomVM00000302_End
CustomVM00000302_Start
CustomVM00000303_End
CustomVM00000303_Start
CustomVM00000304_End
CustomVM00000304_Start
CustomVM00000305_End
CustomVM00000305_Start
CustomVM00000306_End
CustomVM00000306_Start
CustomVM00000307_End
CustomVM00000307_Start
CustomVM00000308_End
CustomVM00000308_Start
CustomVM00000309_End
CustomVM00000309_Start
CustomVM00000310_End
CustomVM00000310_Start
CustomVM00000311_End
CustomVM00000311_Start
CustomVM00000312_End
CustomVM00000312_Start
CustomVM00000313_End
CustomVM00000313_Start
CustomVM00000314_End
CustomVM00000314_Start
CustomVM00000315_End
CustomVM00000315_Start
CustomVM00000316_End
CustomVM00000316_Start
CustomVM00000317_End
CustomVM00000317_Start
CustomVM00000318_End
CustomVM00000318_Start
CustomVM00000319_End
CustomVM00000319_Start
CustomVM00000320_End
CustomVM00000320_Start
CustomVM00000321_End
CustomVM00000321_Start
CustomVM00000322_End
CustomVM00000322_Start
CustomVM00000323_End
CustomVM00000323_Start
CustomVM00000324_End
CustomVM00000324_Start
CustomVM00000325_End
CustomVM00000325_Start
CustomVM00000326_End
CustomVM00000326_Start
CustomVM00000327_End
CustomVM00000327_Start
CustomVM00000328_End
CustomVM00000328_Start
CustomVM00000329_End
CustomVM00000329_Start
CustomVM00000330_End
CustomVM00000330_Start
CustomVM00000331_End
CustomVM00000331_Start
CustomVM00000332_End
CustomVM00000332_Start
CustomVM00000333_End
CustomVM00000333_Start
CustomVM00000334_End
CustomVM00000334_Start
CustomVM00000335_End
CustomVM00000335_Start
CustomVM00000336_End
CustomVM00000336_Start
CustomVM00000337_End
CustomVM00000337_Start
CustomVM00000338_End
CustomVM00000338_Start
CustomVM00000339_End
CustomVM00000339_Start
CustomVM00000340_End
CustomVM00000340_Start
CustomVM00000341_End
CustomVM00000341_Start
CustomVM00000342_End
CustomVM00000342_Start
CustomVM00000343_End
CustomVM00000343_Start
CustomVM00000344_End
CustomVM00000344_Start
CustomVM00000345_End
CustomVM00000345_Start
CustomVM00000346_End
CustomVM00000346_Start
CustomVM00000347_End
CustomVM00000347_Start

Sections

.text
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
anzu.dll
.dll windows:6 windows x64 arch:x64

1054328810b3c31a1c138b627a283240

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00 UTC

Not After

31/12/2028, 23:59 UTC

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00 UTC

Not After

21/03/2036, 23:59 UTC

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:0b:33:36:91:c7:e1:0c:2d:ef:11:43:8d:f0:7c:ac
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

21/06/2023, 00:00 UTC

Not After

20/06/2026, 23:59 UTC

Subject

SERIALNUMBER=515647808,CN=Anzu Virtual Reality ltd.,O=Anzu Virtual Reality ltd.,ST=Tel Aviv,C=IL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302494c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00 UTC

Not After

18/01/2038, 23:59 UTC

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00 UTC

Not After

02/08/2034, 23:59 UTC

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6c:3b:ca:42:58:87:b5:74:ca:09:78:f6:f8:a1:cf:ae:7a:a4:7a:b5:53:1c:fd:a8:a9:4e:57:27:08:47:1e:06
Signer

Actual PE Digest

6c:3b:ca:42:58:87:b5:74:ca:09:78:f6:f8:a1:cf:ae:7a:a4:7a:b5:53:1c:fd:a8:a9:4e:57:27:08:47:1e:06

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

accept
bind
closesocket
connect
ioctlsocket
getsockname
getsockopt
htonl
htons
listen
WSASetLastError
recv
inet_ntop
inet_pton
WSAWaitForMultipleEvents
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
__WSAFDIsSet
setsockopt
freeaddrinfo
getaddrinfo
WSAGetLastError
WSACleanup
WSAStartup
socket
send
select

opengl32

glGetError
glBindTexture
glTexSubImage2D
glTexImage2D

kernel32

GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
SetFilePointerEx
ExitProcess
GetModuleHandleExW
ExitThread
FileTimeToSystemTime
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
GetCurrentThreadId
FindClose
FindFirstFileExW
FindNextFileW
GetFullPathNameW
GetLastError
MultiByteToWideChar
Sleep
GetTickCount
GetTickCount64
GetVersionExA
GetCurrentThread
SetThreadPriority
FormatMessageA
CloseHandle
SetEvent
ResetEvent
CreateEventA
RaiseException
QueryPerformanceCounter
QueryPerformanceFrequency
WideCharToMultiByte
DuplicateHandle
SetLastError
ReleaseSemaphore
WaitForSingleObject
WaitForMultipleObjects
GetCurrentProcess
GetCurrentProcessId
GetThreadPriority
TerminateThread
SuspendThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetThreadContext
SetThreadContext
GetSystemTimeAsFileTime
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetProcessAffinityMask
GlobalAlloc
GlobalFree
lstrcmpW
CreateThread
GetModuleHandleA
CreateDirectoryW
GetFileSizeEx
GetFileAttributesA
GetShortPathNameW
SetFileAttributesA
GetTempPathA
OutputDebugStringA
DecodePointer
InitializeCriticalSectionEx
MoveFileExW
GetUserDefaultLocaleName
FlushFileBuffers
MapViewOfFile
CreateFileMappingW
GetSystemTime
SystemTimeToFileTime
GetProcessHeap
GetFileSize
LockFileEx
LocalFree
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
GetSystemInfo
HeapReAlloc
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetDiskFreeSpaceA
FormatMessageW
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
GetDiskFreeSpaceW
WriteFile
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
TryEnterCriticalSection
RegisterWaitForSingleObject
SetThreadAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
CreateEventW
InitializeCriticalSectionAndSpinCount
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
EncodePointer
RtlPcToFileHeader
UnregisterWaitEx
LoadLibraryW
RtlUnwindEx
SetFileTime
SystemTimeToTzSpecificLocalTime
SetStdHandle
GetCurrentDirectoryW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
VirtualFree
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
DeleteFileW
RtlUnwind
TzSpecificLocalTimeToSystemTime
RemoveDirectoryW
GetDriveTypeW
PeekNamedPipe
GetFileType
GetFileInformationByHandle
QueryDepthSList

user32

DestroyWindow
CreateWindowExA
RegisterClassExA
UnregisterClassA
PostQuitMessage
ShowWindow
PostThreadMessageA
GetMessageA
SetWindowLongPtrA
GetWindowLongPtrA
GetCursorPos
GetClientRect
IsWindowUnicode
IsWindow
PostMessageA
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
GetWindowRect
ReleaseDC
GetWindowDC
SetWindowPos
BringWindowToTop
UpdateWindow
SetForegroundWindow
BeginPaint
EndPaint
SetLayeredWindowAttributes
GetWindowPlacement
GetSystemMetrics
GetDC
GetWindowThreadProcessId
SetWinEventHook
UnhookWinEvent
DefWindowProcA

gdi32

GetDeviceCaps
StretchDIBits
SelectObject
GetDIBits
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

shell32

SHGetFolderPathW
ShellExecuteA

ole32

CoCreateInstance
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoUninitialize
CoInitializeEx
PropVariantClear

oleaut32

SysStringLen
SysAllocString
SysFreeString
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
VariantInit
VariantClear

urlmon

ObtainUserAgentString
CoInternetSetFeatureEnabled

Exports

Exports

Anzu_ApplicationActive
Anzu_ApplicationQuit
Anzu_CampaignMetricGet
Anzu_CampaignMetricGetS
Anzu_CampaignSync
Anzu_Debug
Anzu_Entrypoint
Anzu_Error
Anzu_GetMessages
Anzu_GetMessagesMalloced
Anzu_GetVersionFloat
Anzu_HandlesEntrypoint
Anzu_HashedMetricSetS
Anzu_Initialize
Anzu_InternalDebugging
Anzu_Log
Anzu_MessageUriSchemaListener
Anzu_MetricGet
Anzu_MetricGetS
Anzu_MetricKeyExists
Anzu_MetricSet
Anzu_MetricSetS
Anzu_RegisterLogCallback
Anzu_RegisterMessageCallback
Anzu_RegisterMessageEventCallback
Anzu_RegisterNetworkCallback
Anzu_RegisterTextureAuditColorCallback
Anzu_RegisterTextureImpressionCallback
Anzu_RegisterTextureInitCallback
Anzu_RegisterTexturePlacementProgressCallback
Anzu_RegisterTexturePlaybackCompleteCallback
Anzu_RegisterTexturePlaybackProgressCallback
Anzu_RegisterTextureUpdateCallback
Anzu_RegisterUriSchemaHook
Anzu_RequireCompatibleInterfaceVersion
Anzu_SetAudioSampleFormat
Anzu_SetCoppaRegulated
Anzu_SetDeveloperKey
Anzu_SetGDPRConsent
Anzu_SetKeystoreOverride
Anzu_SetLogLevel
Anzu_SystemMetricGet
Anzu_SystemMetricGetS
Anzu_SystemMetricSet
Anzu_SystemMetricSetS
Anzu_Uninitialize
Anzu_Warning
Anzu__Texture_CreateInstance
Anzu__Texture_CreateInstanceForTexture
Anzu__Texture_FillAudioBuffers
Anzu__Texture_Interact
Anzu__Texture_InteractXY
Anzu__Texture_NativeRenderer_AssignCustomHandler
Anzu__Texture_NativeRenderer_AssignCustomHandlerEx
Anzu__Texture_NativeRenderer_CanGenerateNativeTexture
Anzu__Texture_NativeRenderer_CreateNative_GetNativeResource
Anzu__Texture_NativeRenderer_CreateNative_PrepareTextureCreationParams
Anzu__Texture_NativeRenderer_CreateNative_PrepareTextureDeletionParams
Anzu__Texture_NativeRenderer_DoesSupportFormat
Anzu__Texture_NativeRenderer_GetCreatorCallback
Anzu__Texture_NativeRenderer_GetDestroyerCallback
Anzu__Texture_NativeRenderer_GetRenderCallback
Anzu__Texture_NativeRenderer_GetRenderID
Anzu__Texture_NativeRenderer_GetUpdaterCallback
Anzu__Texture_NativeRenderer_NativeFree
Anzu__Texture_NativeRenderer_NativeMemcpy
Anzu__Texture_NativeRenderer_SetExpectedFormat
Anzu__Texture_PausePlayback
Anzu__Texture_PlayFilename
Anzu__Texture_RemoveInstance
Anzu__Texture_ResetPermissions
Anzu__Texture_ResetTags
Anzu__Texture_ResumePlayback
Anzu__Texture_Resync
Anzu__Texture_SetMaximized
Anzu__Texture_SetVisibility
Anzu__Texture_SetVisibilityScore
Anzu__Texture_StopPlayback
Anzu__Texture_UpdateData
UnityPluginLoad
UnityPluginUnload

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 818KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sdkencryptedappticket64.dll
.dll windows:6 windows x64 arch:x64

e3ee85ca7aeaf6754b6a9430e1da90ad

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00 UTC

Not After

09/11/2031, 23:59 UTC

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00 UTC

Not After

15/01/2038, 12:00 UTC

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00 UTC

Not After

22/03/2037, 23:59 UTC

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00 UTC

Not After

28/04/2036, 23:59 UTC

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00 UTC

Not After

21/11/2033, 23:59 UTC

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:89:b3:bc:eb:44:09:89:0a:32:d7:19:76:b1:32:a4
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/10/2021, 00:00 UTC

Not After

09/10/2024, 23:59 UTC

Subject

CN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

17:be:19:74:c1:9e:c8:5b:6a:ea:b0:14:71:4c:9f:b9:b9:c3:a7:14:58:2e:72:be:c2:0e:db:1b:ac:26:2a:4a
Signer

Actual PE Digest

17:be:19:74:c1:9e:c8:5b:6a:ea:b0:14:71:4c:9f:b9:b9:c3:a7:14:58:2e:72:be:c2:0e:db:1b:ac:26:2a:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\steam_rel_client_win64\build\src\sdkencryptedappticketlib\win64\Release\sdkencryptedappticket64.pdb

Imports

kernel32

FindClose
FindNextFileW
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
InitOnceBeginInitialize
InitOnceComplete
GetStringTypeW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateFileW
GetFileType
GetConsoleMode
WriteFile
GetConsoleOutputCP
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
LCMapStringW
GetStdHandle
FlushFileBuffers
SetStdHandle
SetFilePointerEx
GetFileSizeEx
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
WriteConsoleW
HeapSize

Exports

Exports

SteamEncryptedAppTicket_BDecryptTicket
SteamEncryptedAppTicket_BGetAppDefinedValue
SteamEncryptedAppTicket_BIsLicenseBorrowed
SteamEncryptedAppTicket_BIsLicenseTemporary
SteamEncryptedAppTicket_BIsTicketForApp
SteamEncryptedAppTicket_BIsTicketSigned
SteamEncryptedAppTicket_BUserIsVacBanned
SteamEncryptedAppTicket_BUserOwnsAppInTicket
SteamEncryptedAppTicket_GetTicketAppID
SteamEncryptedAppTicket_GetTicketIssueTime
SteamEncryptedAppTicket_GetTicketSteamID
SteamEncryptedAppTicket_GetUserVariableData

Sections

.text
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
steam_api64.dll
.dll windows:6 windows x64 arch:x64

c69c22b5a3698527f0d3c9618c3affbd

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00 UTC

Not After

09/11/2031, 23:59 UTC

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00 UTC

Not After

15/01/2038, 12:00 UTC

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00 UTC

Not After

22/03/2037, 23:59 UTC

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00 UTC

Not After

28/04/2036, 23:59 UTC

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00 UTC

Not After

21/11/2033, 23:59 UTC

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:89:b3:bc:eb:44:09:89:0a:32:d7:19:76:b1:32:a4
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/10/2021, 00:00 UTC

Not After

09/10/2024, 23:59 UTC

Subject

CN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5c:1f:d1:46:04:c1:f9:4a:dc:5d:fa:1f:df:60:b9:c4:86:d7:70:1d:3b:31:62:62:b0:c9:e4:62:64:4c:a8:86
Signer

Actual PE Digest

5c:1f:d1:46:04:c1:f9:4a:dc:5d:fa:1f:df:60:b9:c4:86:d7:70:1d:3b:31:62:62:b0:c9:e4:62:64:4c:a8:86

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\steam_rel_client_win64\build\src\steam_api\win64\Release\steam_api64.pdb

Imports

kernel32

TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetCommandLineW
GetEnvironmentVariableA
SetEnvironmentVariableA
GetCurrentDirectoryW
GetFileAttributesW
GetFileAttributesExW
OutputDebugStringA
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetExitCodeProcess
OpenProcess
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
LoadLibraryExA
MultiByteToWideChar
WideCharToMultiByte
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetLastError
CloseHandle
GetProcAddress
SetEndOfFile
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
GetCurrentProcess
TerminateProcess
ExitProcess
HeapFree
HeapAlloc
GetStdHandle
GetFileType
LCMapStringW
ReadFile
GetConsoleMode
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
CreateFileW
HeapSize
HeapReAlloc

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_ISteamAppList_GetAppBuildId
SteamAPI_ISteamAppList_GetAppInstallDir
SteamAPI_ISteamAppList_GetAppName
SteamAPI_ISteamAppList_GetInstalledApps
SteamAPI_ISteamAppList_GetNumInstalledApps
SteamAPI_ISteamApps_BGetDLCDataByIndex
SteamAPI_ISteamApps_BIsAppInstalled
SteamAPI_ISteamApps_BIsCybercafe
SteamAPI_ISteamApps_BIsDlcInstalled
SteamAPI_ISteamApps_BIsLowViolence
SteamAPI_ISteamApps_BIsSubscribed
SteamAPI_ISteamApps_BIsSubscribedApp
SteamAPI_ISteamApps_BIsSubscribedFromFamilySharing
SteamAPI_ISteamApps_BIsSubscribedFromFreeWeekend
SteamAPI_ISteamApps_BIsTimedTrial
SteamAPI_ISteamApps_BIsVACBanned
SteamAPI_ISteamApps_GetAppBuildId
SteamAPI_ISteamApps_GetAppInstallDir
SteamAPI_ISteamApps_GetAppOwner
SteamAPI_ISteamApps_GetAvailableGameLanguages
SteamAPI_ISteamApps_GetCurrentBetaName
SteamAPI_ISteamApps_GetCurrentGameLanguage
SteamAPI_ISteamApps_GetDLCCount
SteamAPI_ISteamApps_GetDlcDownloadProgress
SteamAPI_ISteamApps_GetEarliestPurchaseUnixTime
SteamAPI_ISteamApps_GetFileDetails
SteamAPI_ISteamApps_GetInstalledDepots
SteamAPI_ISteamApps_GetLaunchCommandLine
SteamAPI_ISteamApps_GetLaunchQueryParam
SteamAPI_ISteamApps_InstallDLC
SteamAPI_ISteamApps_MarkContentCorrupt
SteamAPI_ISteamApps_RequestAllProofOfPurchaseKeys
SteamAPI_ISteamApps_RequestAppProofOfPurchaseKey
SteamAPI_ISteamApps_SetDlcContext
SteamAPI_ISteamApps_UninstallDLC
SteamAPI_ISteamClient_BReleaseSteamPipe
SteamAPI_ISteamClient_BShutdownIfAllPipesClosed
SteamAPI_ISteamClient_ConnectToGlobalUser
SteamAPI_ISteamClient_CreateLocalUser
SteamAPI_ISteamClient_CreateSteamPipe
SteamAPI_ISteamClient_GetIPCCallCount
SteamAPI_ISteamClient_GetISteamAppList
SteamAPI_ISteamClient_GetISteamApps
SteamAPI_ISteamClient_GetISteamController
SteamAPI_ISteamClient_GetISteamFriends
SteamAPI_ISteamClient_GetISteamGameSearch
SteamAPI_ISteamClient_GetISteamGameServer
SteamAPI_ISteamClient_GetISteamGameServerStats
SteamAPI_ISteamClient_GetISteamGenericInterface
SteamAPI_ISteamClient_GetISteamHTMLSurface
SteamAPI_ISteamClient_GetISteamHTTP
SteamAPI_ISteamClient_GetISteamInput
SteamAPI_ISteamClient_GetISteamInventory
SteamAPI_ISteamClient_GetISteamMatchmaking
SteamAPI_ISteamClient_GetISteamMatchmakingServers
SteamAPI_ISteamClient_GetISteamMusic
SteamAPI_ISteamClient_GetISteamMusicRemote
SteamAPI_ISteamClient_GetISteamNetworking
SteamAPI_ISteamClient_GetISteamParentalSettings
SteamAPI_ISteamClient_GetISteamParties
SteamAPI_ISteamClient_GetISteamRemotePlay
SteamAPI_ISteamClient_GetISteamRemoteStorage
SteamAPI_ISteamClient_GetISteamScreenshots
SteamAPI_ISteamClient_GetISteamUGC
SteamAPI_ISteamClient_GetISteamUser
SteamAPI_ISteamClient_GetISteamUserStats
SteamAPI_ISteamClient_GetISteamUtils
SteamAPI_ISteamClient_GetISteamVideo
SteamAPI_ISteamClient_ReleaseUser
SteamAPI_ISteamClient_SetLocalIPBinding
SteamAPI_ISteamClient_SetWarningMessageHook
SteamAPI_ISteamController_ActivateActionSet
SteamAPI_ISteamController_ActivateActionSetLayer
SteamAPI_ISteamController_DeactivateActionSetLayer
SteamAPI_ISteamController_DeactivateAllActionSetLayers
SteamAPI_ISteamController_GetActionOriginFromXboxOrigin
SteamAPI_ISteamController_GetActionSetHandle
SteamAPI_ISteamController_GetActiveActionSetLayers
SteamAPI_ISteamController_GetAnalogActionData
SteamAPI_ISteamController_GetAnalogActionHandle
SteamAPI_ISteamController_GetAnalogActionOrigins
SteamAPI_ISteamController_GetConnectedControllers
SteamAPI_ISteamController_GetControllerBindingRevision
SteamAPI_ISteamController_GetControllerForGamepadIndex
SteamAPI_ISteamController_GetCurrentActionSet
SteamAPI_ISteamController_GetDigitalActionData
SteamAPI_ISteamController_GetDigitalActionHandle
SteamAPI_ISteamController_GetDigitalActionOrigins
SteamAPI_ISteamController_GetGamepadIndexForController
SteamAPI_ISteamController_GetGlyphForActionOrigin
SteamAPI_ISteamController_GetGlyphForXboxOrigin
SteamAPI_ISteamController_GetInputTypeForHandle
SteamAPI_ISteamController_GetMotionData
SteamAPI_ISteamController_GetStringForActionOrigin
SteamAPI_ISteamController_GetStringForXboxOrigin
SteamAPI_ISteamController_Init
SteamAPI_ISteamController_RunFrame
SteamAPI_ISteamController_SetLEDColor
SteamAPI_ISteamController_ShowBindingPanel
SteamAPI_ISteamController_Shutdown
SteamAPI_ISteamController_StopAnalogActionMomentum
SteamAPI_ISteamController_TranslateActionOrigin
SteamAPI_ISteamController_TriggerHapticPulse
SteamAPI_ISteamController_TriggerRepeatedHapticPulse
SteamAPI_ISteamController_TriggerVibration
SteamAPI_ISteamFriends_ActivateGameOverlay
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialogConnectString
SteamAPI_ISteamFriends_ActivateGameOverlayRemotePlayTogetherInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayToStore
SteamAPI_ISteamFriends_ActivateGameOverlayToUser
SteamAPI_ISteamFriends_ActivateGameOverlayToWebPage
SteamAPI_ISteamFriends_BHasEquippedProfileItem
SteamAPI_ISteamFriends_ClearRichPresence
SteamAPI_ISteamFriends_CloseClanChatWindowInSteam
SteamAPI_ISteamFriends_DownloadClanActivityCounts
SteamAPI_ISteamFriends_EnumerateFollowingList
SteamAPI_ISteamFriends_GetChatMemberByIndex
SteamAPI_ISteamFriends_GetClanActivityCounts
SteamAPI_ISteamFriends_GetClanByIndex
SteamAPI_ISteamFriends_GetClanChatMemberCount
SteamAPI_ISteamFriends_GetClanChatMessage
SteamAPI_ISteamFriends_GetClanCount
SteamAPI_ISteamFriends_GetClanName
SteamAPI_ISteamFriends_GetClanOfficerByIndex
SteamAPI_ISteamFriends_GetClanOfficerCount
SteamAPI_ISteamFriends_GetClanOwner
SteamAPI_ISteamFriends_GetClanTag
SteamAPI_ISteamFriends_GetCoplayFriend
SteamAPI_ISteamFriends_GetCoplayFriendCount
SteamAPI_ISteamFriends_GetFollowerCount
SteamAPI_ISteamFriends_GetFriendByIndex
SteamAPI_ISteamFriends_GetFriendCoplayGame
SteamAPI_ISteamFriends_GetFriendCoplayTime
SteamAPI_ISteamFriends_GetFriendCount
SteamAPI_ISteamFriends_GetFriendCountFromSource
SteamAPI_ISteamFriends_GetFriendFromSourceByIndex
SteamAPI_ISteamFriends_GetFriendGamePlayed
SteamAPI_ISteamFriends_GetFriendMessage
SteamAPI_ISteamFriends_GetFriendPersonaName
SteamAPI_ISteamFriends_GetFriendPersonaNameHistory
SteamAPI_ISteamFriends_GetFriendPersonaState
SteamAPI_ISteamFriends_GetFriendRelationship
SteamAPI_ISteamFriends_GetFriendRichPresence
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyByIndex
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyCount
SteamAPI_ISteamFriends_GetFriendSteamLevel
SteamAPI_ISteamFriends_GetFriendsGroupCount
SteamAPI_ISteamFriends_GetFriendsGroupIDByIndex
SteamAPI_ISteamFriends_GetFriendsGroupMembersCount
SteamAPI_ISteamFriends_GetFriendsGroupMembersList
SteamAPI_ISteamFriends_GetFriendsGroupName
SteamAPI_ISteamFriends_GetLargeFriendAvatar
SteamAPI_ISteamFriends_GetMediumFriendAvatar
SteamAPI_ISteamFriends_GetNumChatsWithUnreadPriorityMessages
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_ISteamFriends_GetPersonaState
SteamAPI_ISteamFriends_GetPlayerNickname
SteamAPI_ISteamFriends_GetProfileItemPropertyString
SteamAPI_ISteamFriends_GetProfileItemPropertyUint
SteamAPI_ISteamFriends_GetSmallFriendAvatar
SteamAPI_ISteamFriends_GetUserRestrictions
SteamAPI_ISteamFriends_HasFriend
SteamAPI_ISteamFriends_InviteUserToGame
SteamAPI_ISteamFriends_IsClanChatAdmin
SteamAPI_ISteamFriends_IsClanChatWindowOpenInSteam
SteamAPI_ISteamFriends_IsClanOfficialGameGroup
SteamAPI_ISteamFriends_IsClanPublic
SteamAPI_ISteamFriends_IsFollowing
SteamAPI_ISteamFriends_IsUserInSource
SteamAPI_ISteamFriends_JoinClanChatRoom
SteamAPI_ISteamFriends_LeaveClanChatRoom
SteamAPI_ISteamFriends_OpenClanChatWindowInSteam
SteamAPI_ISteamFriends_RegisterProtocolInOverlayBrowser
SteamAPI_ISteamFriends_ReplyToFriendMessage
SteamAPI_ISteamFriends_RequestClanOfficerList
SteamAPI_ISteamFriends_RequestEquippedProfileItems
SteamAPI_ISteamFriends_RequestFriendRichPresence
SteamAPI_ISteamFriends_RequestUserInformation
SteamAPI_ISteamFriends_SendClanChatMessage
SteamAPI_ISteamFriends_SetInGameVoiceSpeaking
SteamAPI_ISteamFriends_SetListenForFriendsMessages
SteamAPI_ISteamFriends_SetPersonaName
SteamAPI_ISteamFriends_SetPlayedWith
SteamAPI_ISteamFriends_SetRichPresence
SteamAPI_ISteamGameSearch_AcceptGame
SteamAPI_ISteamGameSearch_AddGameSearchParams
SteamAPI_ISteamGameSearch_CancelRequestPlayersForGame
SteamAPI_ISteamGameSearch_DeclineGame
SteamAPI_ISteamGameSearch_EndGame
SteamAPI_ISteamGameSearch_EndGameSearch
SteamAPI_ISteamGameSearch_HostConfirmGameStart
SteamAPI_ISteamGameSearch_RequestPlayersForGame
SteamAPI_ISteamGameSearch_RetrieveConnectionDetails
SteamAPI_ISteamGameSearch_SearchForGameSolo
SteamAPI_ISteamGameSearch_SearchForGameWithLobby
SteamAPI_ISteamGameSearch_SetConnectionDetails
SteamAPI_ISteamGameSearch_SetGameHostParams
SteamAPI_ISteamGameSearch_SubmitPlayerResult
SteamAPI_ISteamGameServerStats_ClearUserAchievement
SteamAPI_ISteamGameServerStats_GetUserAchievement
SteamAPI_ISteamGameServerStats_GetUserStatFloat
SteamAPI_ISteamGameServerStats_GetUserStatInt32
SteamAPI_ISteamGameServerStats_RequestUserStats
SteamAPI_ISteamGameServerStats_SetUserAchievement
SteamAPI_ISteamGameServerStats_SetUserStatFloat
SteamAPI_ISteamGameServerStats_SetUserStatInt32
SteamAPI_ISteamGameServerStats_StoreUserStats
SteamAPI_ISteamGameServerStats_UpdateUserAvgRateStat
SteamAPI_ISteamGameServer_AssociateWithClan
SteamAPI_ISteamGameServer_BLoggedOn
SteamAPI_ISteamGameServer_BSecure
SteamAPI_ISteamGameServer_BUpdateUserData
SteamAPI_ISteamGameServer_BeginAuthSession
SteamAPI_ISteamGameServer_CancelAuthTicket
SteamAPI_ISteamGameServer_ClearAllKeyValues
SteamAPI_ISteamGameServer_ComputeNewPlayerCompatibility
SteamAPI_ISteamGameServer_CreateUnauthenticatedUserConnection
SteamAPI_ISteamGameServer_EndAuthSession
SteamAPI_ISteamGameServer_GetAuthSessionTicket
SteamAPI_ISteamGameServer_GetGameplayStats
SteamAPI_ISteamGameServer_GetNextOutgoingPacket
SteamAPI_ISteamGameServer_GetPublicIP
SteamAPI_ISteamGameServer_GetServerReputation
SteamAPI_ISteamGameServer_GetSteamID
SteamAPI_ISteamGameServer_HandleIncomingPacket
SteamAPI_ISteamGameServer_LogOff
SteamAPI_ISteamGameServer_LogOn
SteamAPI_ISteamGameServer_LogOnAnonymous
SteamAPI_ISteamGameServer_RequestUserGroupStatus
SteamAPI_ISteamGameServer_SendUserConnectAndAuthenticate_DEPRECATED
SteamAPI_ISteamGameServer_SendUserDisconnect_DEPRECATED
SteamAPI_ISteamGameServer_SetAdvertiseServerActive
SteamAPI_ISteamGameServer_SetBotPlayerCount
SteamAPI_ISteamGameServer_SetDedicatedServer
SteamAPI_ISteamGameServer_SetGameData
SteamAPI_ISteamGameServer_SetGameDescription
SteamAPI_ISteamGameServer_SetGameTags
SteamAPI_ISteamGameServer_SetKeyValue
SteamAPI_ISteamGameServer_SetMapName
SteamAPI_ISteamGameServer_SetMaxPlayerCount
SteamAPI_ISteamGameServer_SetModDir
SteamAPI_ISteamGameServer_SetPasswordProtected
SteamAPI_ISteamGameServer_SetProduct
SteamAPI_ISteamGameServer_SetRegion
SteamAPI_ISteamGameServer_SetServerName
SteamAPI_ISteamGameServer_SetSpectatorPort
SteamAPI_ISteamGameServer_SetSpectatorServerName
SteamAPI_ISteamGameServer_UserHasLicenseForApp
SteamAPI_ISteamGameServer_WasRestartRequested
SteamAPI_ISteamHTMLSurface_AddHeader
SteamAPI_ISteamHTMLSurface_AllowStartRequest
SteamAPI_ISteamHTMLSurface_CopyToClipboard
SteamAPI_ISteamHTMLSurface_CreateBrowser
SteamAPI_ISteamHTMLSurface_ExecuteJavascript
SteamAPI_ISteamHTMLSurface_FileLoadDialogResponse
SteamAPI_ISteamHTMLSurface_Find
SteamAPI_ISteamHTMLSurface_GetLinkAtPosition
SteamAPI_ISteamHTMLSurface_GoBack
SteamAPI_ISteamHTMLSurface_GoForward
SteamAPI_ISteamHTMLSurface_Init
SteamAPI_ISteamHTMLSurface_JSDialogResponse
SteamAPI_ISteamHTMLSurface_KeyChar
SteamAPI_ISteamHTMLSurface_KeyDown
SteamAPI_ISteamHTMLSurface_KeyUp
SteamAPI_ISteamHTMLSurface_LoadURL
SteamAPI_ISteamHTMLSurface_MouseDoubleClick
SteamAPI_ISteamHTMLSurface_MouseDown
SteamAPI_ISteamHTMLSurface_MouseMove
SteamAPI_ISteamHTMLSurface_MouseUp
SteamAPI_ISteamHTMLSurface_MouseWheel
SteamAPI_ISteamHTMLSurface_OpenDeveloperTools
SteamAPI_ISteamHTMLSurface_PasteFromClipboard
SteamAPI_ISteamHTMLSurface_Reload
SteamAPI_ISteamHTMLSurface_RemoveBrowser
SteamAPI_ISteamHTMLSurface_SetBackgroundMode
SteamAPI_ISteamHTMLSurface_SetCookie
SteamAPI_ISteamHTMLSurface_SetDPIScalingFactor
SteamAPI_ISteamHTMLSurface_SetHorizontalScroll
SteamAPI_ISteamHTMLSurface_SetKeyFocus
SteamAPI_ISteamHTMLSurface_SetPageScaleFactor
SteamAPI_ISteamHTMLSurface_SetSize
SteamAPI_ISteamHTMLSurface_SetVerticalScroll
SteamAPI_ISteamHTMLSurface_Shutdown
SteamAPI_ISteamHTMLSurface_StopFind
SteamAPI_ISteamHTMLSurface_StopLoad
SteamAPI_ISteamHTMLSurface_ViewSource
SteamAPI_ISteamHTTP_CreateCookieContainer
SteamAPI_ISteamHTTP_CreateHTTPRequest
SteamAPI_ISteamHTTP_DeferHTTPRequest
SteamAPI_ISteamHTTP_GetHTTPDownloadProgressPct
SteamAPI_ISteamHTTP_GetHTTPRequestWasTimedOut
SteamAPI_ISteamHTTP_GetHTTPResponseBodyData
SteamAPI_ISteamHTTP_GetHTTPResponseBodySize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderSize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderValue
SteamAPI_ISteamHTTP_GetHTTPStreamingResponseBodyData
SteamAPI_ISteamHTTP_PrioritizeHTTPRequest
SteamAPI_ISteamHTTP_ReleaseCookieContainer
SteamAPI_ISteamHTTP_ReleaseHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequestAndStreamResponse
SteamAPI_ISteamHTTP_SetCookie
SteamAPI_ISteamHTTP_SetHTTPRequestAbsoluteTimeoutMS
SteamAPI_ISteamHTTP_SetHTTPRequestContextValue
SteamAPI_ISteamHTTP_SetHTTPRequestCookieContainer
SteamAPI_ISteamHTTP_SetHTTPRequestGetOrPostParameter
SteamAPI_ISteamHTTP_SetHTTPRequestHeaderValue
SteamAPI_ISteamHTTP_SetHTTPRequestNetworkActivityTimeout
SteamAPI_ISteamHTTP_SetHTTPRequestRawPostBody
SteamAPI_ISteamHTTP_SetHTTPRequestRequiresVerifiedCertificate
SteamAPI_ISteamHTTP_SetHTTPRequestUserAgentInfo
SteamAPI_ISteamInput_ActivateActionSet
SteamAPI_ISteamInput_ActivateActionSetLayer
SteamAPI_ISteamInput_BNewDataAvailable
SteamAPI_ISteamInput_BWaitForData
SteamAPI_ISteamInput_DeactivateActionSetLayer
SteamAPI_ISteamInput_DeactivateAllActionSetLayers
SteamAPI_ISteamInput_EnableActionEventCallbacks
SteamAPI_ISteamInput_EnableDeviceCallbacks
SteamAPI_ISteamInput_GetActionOriginFromXboxOrigin
SteamAPI_ISteamInput_GetActionSetHandle
SteamAPI_ISteamInput_GetActiveActionSetLayers
SteamAPI_ISteamInput_GetAnalogActionData
SteamAPI_ISteamInput_GetAnalogActionHandle
SteamAPI_ISteamInput_GetAnalogActionOrigins
SteamAPI_ISteamInput_GetConnectedControllers
SteamAPI_ISteamInput_GetControllerForGamepadIndex
SteamAPI_ISteamInput_GetCurrentActionSet
SteamAPI_ISteamInput_GetDeviceBindingRevision
SteamAPI_ISteamInput_GetDigitalActionData
SteamAPI_ISteamInput_GetDigitalActionHandle
SteamAPI_ISteamInput_GetDigitalActionOrigins
SteamAPI_ISteamInput_GetGamepadIndexForController
SteamAPI_ISteamInput_GetGlyphForActionOrigin_Legacy
SteamAPI_ISteamInput_GetGlyphForXboxOrigin
SteamAPI_ISteamInput_GetGlyphPNGForActionOrigin
SteamAPI_ISteamInput_GetGlyphSVGForActionOrigin
SteamAPI_ISteamInput_GetInputTypeForHandle
SteamAPI_ISteamInput_GetMotionData
SteamAPI_ISteamInput_GetRemotePlaySessionID
SteamAPI_ISteamInput_GetSessionInputConfigurationSettings
SteamAPI_ISteamInput_GetStringForActionOrigin
SteamAPI_ISteamInput_GetStringForAnalogActionName
SteamAPI_ISteamInput_GetStringForDigitalActionName
SteamAPI_ISteamInput_GetStringForXboxOrigin
SteamAPI_ISteamInput_Init
SteamAPI_ISteamInput_Legacy_TriggerHapticPulse
SteamAPI_ISteamInput_Legacy_TriggerRepeatedHapticPulse
SteamAPI_ISteamInput_RunFrame
SteamAPI_ISteamInput_SetDualSenseTriggerEffect
SteamAPI_ISteamInput_SetInputActionManifestFilePath
SteamAPI_ISteamInput_SetLEDColor
SteamAPI_ISteamInput_ShowBindingPanel
SteamAPI_ISteamInput_Shutdown
SteamAPI_ISteamInput_StopAnalogActionMomentum
SteamAPI_ISteamInput_TranslateActionOrigin
SteamAPI_ISteamInput_TriggerSimpleHapticEvent
SteamAPI_ISteamInput_TriggerVibration
SteamAPI_ISteamInput_TriggerVibrationExtended
SteamAPI_ISteamInventory_AddPromoItem
SteamAPI_ISteamInventory_AddPromoItems
SteamAPI_ISteamInventory_CheckResultSteamID
SteamAPI_ISteamInventory_ConsumeItem
SteamAPI_ISteamInventory_DeserializeResult
SteamAPI_ISteamInventory_DestroyResult
SteamAPI_ISteamInventory_ExchangeItems
SteamAPI_ISteamInventory_GenerateItems
SteamAPI_ISteamInventory_GetAllItems
SteamAPI_ISteamInventory_GetEligiblePromoItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionProperty
SteamAPI_ISteamInventory_GetItemPrice
SteamAPI_ISteamInventory_GetItemsByID
SteamAPI_ISteamInventory_GetItemsWithPrices
SteamAPI_ISteamInventory_GetNumItemsWithPrices
SteamAPI_ISteamInventory_GetResultItemProperty
SteamAPI_ISteamInventory_GetResultItems
SteamAPI_ISteamInventory_GetResultStatus
SteamAPI_ISteamInventory_GetResultTimestamp
SteamAPI_ISteamInventory_GrantPromoItems
SteamAPI_ISteamInventory_InspectItem
SteamAPI_ISteamInventory_LoadItemDefinitions
SteamAPI_ISteamInventory_RemoveProperty
SteamAPI_ISteamInventory_RequestEligiblePromoItemDefinitionsIDs
SteamAPI_ISteamInventory_RequestPrices
SteamAPI_ISteamInventory_SendItemDropHeartbeat
SteamAPI_ISteamInventory_SerializeResult
SteamAPI_ISteamInventory_SetPropertyBool
SteamAPI_ISteamInventory_SetPropertyFloat
SteamAPI_ISteamInventory_SetPropertyInt64
SteamAPI_ISteamInventory_SetPropertyString
SteamAPI_ISteamInventory_StartPurchase
SteamAPI_ISteamInventory_StartUpdateProperties
SteamAPI_ISteamInventory_SubmitUpdateProperties
SteamAPI_ISteamInventory_TradeItems
SteamAPI_ISteamInventory_TransferItemQuantity
SteamAPI_ISteamInventory_TriggerItemDrop
SteamAPI_ISteamMatchmakingPingResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingPingResponse_ServerResponded
SteamAPI_ISteamMatchmakingPlayersResponse_AddPlayerToList
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersFailedToRespond
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesFailedToRespond
SteamAPI_ISteamMatchmakingRulesResponse_RulesRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesResponded
SteamAPI_ISteamMatchmakingServerListResponse_RefreshComplete
SteamAPI_ISteamMatchmakingServerListResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingServerListResponse_ServerResponded
SteamAPI_ISteamMatchmakingServers_CancelQuery
SteamAPI_ISteamMatchmakingServers_CancelServerQuery
SteamAPI_ISteamMatchmakingServers_GetServerCount
SteamAPI_ISteamMatchmakingServers_GetServerDetails
SteamAPI_ISteamMatchmakingServers_IsRefreshing
SteamAPI_ISteamMatchmakingServers_PingServer
SteamAPI_ISteamMatchmakingServers_PlayerDetails
SteamAPI_ISteamMatchmakingServers_RefreshQuery
SteamAPI_ISteamMatchmakingServers_RefreshServer
SteamAPI_ISteamMatchmakingServers_ReleaseRequest
SteamAPI_ISteamMatchmakingServers_RequestFavoritesServerList
SteamAPI_ISteamMatchmakingServers_RequestFriendsServerList
SteamAPI_ISteamMatchmakingServers_RequestHistoryServerList
SteamAPI_ISteamMatchmakingServers_RequestInternetServerList
SteamAPI_ISteamMatchmakingServers_RequestLANServerList
SteamAPI_ISteamMatchmakingServers_RequestSpectatorServerList
SteamAPI_ISteamMatchmakingServers_ServerRules
SteamAPI_ISteamMatchmaking_AddFavoriteGame
SteamAPI_ISteamMatchmaking_AddRequestLobbyListCompatibleMembersFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListDistanceFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListFilterSlotsAvailable
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNearValueFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNumericalFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListResultCountFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListStringFilter
SteamAPI_ISteamMatchmaking_CreateLobby
SteamAPI_ISteamMatchmaking_DeleteLobbyData
SteamAPI_ISteamMatchmaking_GetFavoriteGame
SteamAPI_ISteamMatchmaking_GetFavoriteGameCount
SteamAPI_ISteamMatchmaking_GetLobbyByIndex
SteamAPI_ISteamMatchmaking_GetLobbyChatEntry
SteamAPI_ISteamMatchmaking_GetLobbyData
SteamAPI_ISteamMatchmaking_GetLobbyDataByIndex
SteamAPI_ISteamMatchmaking_GetLobbyDataCount
SteamAPI_ISteamMatchmaking_GetLobbyGameServer
SteamAPI_ISteamMatchmaking_GetLobbyMemberByIndex
SteamAPI_ISteamMatchmaking_GetLobbyMemberData
SteamAPI_ISteamMatchmaking_GetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_GetLobbyOwner
SteamAPI_ISteamMatchmaking_GetNumLobbyMembers
SteamAPI_ISteamMatchmaking_InviteUserToLobby
SteamAPI_ISteamMatchmaking_JoinLobby
SteamAPI_ISteamMatchmaking_LeaveLobby
SteamAPI_ISteamMatchmaking_RemoveFavoriteGame
SteamAPI_ISteamMatchmaking_RequestLobbyData
SteamAPI_ISteamMatchmaking_RequestLobbyList
SteamAPI_ISteamMatchmaking_SendLobbyChatMsg
SteamAPI_ISteamMatchmaking_SetLinkedLobby
SteamAPI_ISteamMatchmaking_SetLobbyData
SteamAPI_ISteamMatchmaking_SetLobbyGameServer
SteamAPI_ISteamMatchmaking_SetLobbyJoinable
SteamAPI_ISteamMatchmaking_SetLobbyMemberData
SteamAPI_ISteamMatchmaking_SetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_SetLobbyOwner
SteamAPI_ISteamMatchmaking_SetLobbyType
SteamAPI_ISteamMusicRemote_BActivationSuccess
SteamAPI_ISteamMusicRemote_BIsCurrentMusicRemote
SteamAPI_ISteamMusicRemote_CurrentEntryDidChange
SteamAPI_ISteamMusicRemote_CurrentEntryIsAvailable
SteamAPI_ISteamMusicRemote_CurrentEntryWillChange
SteamAPI_ISteamMusicRemote_DeregisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_EnableLooped
SteamAPI_ISteamMusicRemote_EnablePlayNext
SteamAPI_ISteamMusicRemote_EnablePlayPrevious
SteamAPI_ISteamMusicRemote_EnablePlaylists
SteamAPI_ISteamMusicRemote_EnableQueue
SteamAPI_ISteamMusicRemote_EnableShuffled
SteamAPI_ISteamMusicRemote_PlaylistDidChange
SteamAPI_ISteamMusicRemote_PlaylistWillChange
SteamAPI_ISteamMusicRemote_QueueDidChange
SteamAPI_ISteamMusicRemote_QueueWillChange
SteamAPI_ISteamMusicRemote_RegisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_ResetPlaylistEntries
SteamAPI_ISteamMusicRemote_ResetQueueEntries
SteamAPI_ISteamMusicRemote_SetCurrentPlaylistEntry
SteamAPI_ISteamMusicRemote_SetCurrentQueueEntry
SteamAPI_ISteamMusicRemote_SetDisplayName
SteamAPI_ISteamMusicRemote_SetPNGIcon_64x64
SteamAPI_ISteamMusicRemote_SetPlaylistEntry
SteamAPI_ISteamMusicRemote_SetQueueEntry
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryCoverArt
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryElapsedSeconds
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryText
SteamAPI_ISteamMusicRemote_UpdateLooped
SteamAPI_ISteamMusicRemote_UpdatePlaybackStatus
SteamAPI_ISteamMusicRemote_UpdateShuffled

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ubiservices.dll
.dll windows:6 windows x64 arch:x64

e89ec276be430c2ab3bfecf0d0f1eedf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Softwares\ubiservices_win2017.Final.21.236205\_projects\win64Dll_2015\Debug\ubiservices.pdb

Imports

kernel32

LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GlobalAlloc
GlobalFree
SetThreadAffinityMask
GetUserPreferredUILanguages
GetLocaleInfoEx
GetLastError
RaiseException
CloseHandle
OutputDebugStringA
CreateFileA
GetEnvironmentVariableA
SetEnvironmentVariableW
SetEnvironmentVariableA
EnterCriticalSection
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetEndOfFile
SetFileAttributesW
GetFileAttributesExW
SetStdHandle
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
FlushFileBuffers
SetFilePointerEx
GetTimeZoneInformation
HeapQueryInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
GetConsoleCP
InitializeCriticalSection
QueryPerformanceFrequency
FreeEnvironmentStringsW
QueryPerformanceCounter
ReadConsoleW
SetConsoleMode
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetConsoleMode
SetConsoleCtrlHandler
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
CreateFileW
SetLastError
FormatMessageA
GetTickCount64
InitializeCriticalSectionEx
SleepEx
WaitForSingleObjectEx
ExpandEnvironmentStringsA
VerSetConditionMask
VerifyVersionInfoA
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
FindClose
FindFirstFileW
FindNextFileW
WideCharToMultiByte
GetSystemTime
SystemTimeToFileTime
GetTickCount
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
LoadLibraryW
FlushConsoleInputBuffer
FormatMessageW
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
RtlUnwindEx
RtlPcToFileHeader
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
HeapSize
HeapValidate
GetSystemInfo
GetModuleFileNameA
GetModuleHandleExW
OutputDebugStringW
WriteConsoleW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
ReadFile
RtlCaptureContext

wsock32

accept
getsockopt
bind
closesocket
inet_ntoa
getsockname
__WSAFDIsSet
connect
getservbyname
shutdown
getpeername
WSASetLastError
WSACleanup
WSAStartup
WSAGetLastError
gethostname
gethostbyname
socket
setsockopt
sendto
send
select
recvfrom
recv
ntohs
ntohl
listen
inet_addr
ioctlsocket
htons
htonl

ws2_32

getnameinfo
getaddrinfo
freeaddrinfo
WSAIoctl

iphlpapi

GetBestInterface
GetIfEntry
GetAdaptersAddresses

dbghelp

UnDecorateSymbolName
StackWalk64
SymSetOptions
SymGetOptions
SymCleanup
SymFunctionTableAccess64
SymGetModuleInfo64
SymGetModuleBase64
SymGetLineFromAddr64
SymInitialize
SymGetSymFromAddr64
MiniDumpWriteDump

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

advapi32

DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom

Exports

Exports

??0?$NotificationSource@UAuthenticationNotification@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@UAuthenticationNotification@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@UAuthenticationNotification@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@UEventNotification@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@UEventNotification@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@UEventNotification@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@USecondaryStoreNotification@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@USecondaryStoreNotification@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@USecondaryStoreNotification@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@UStateNotification@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@UStateNotification@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@UStateNotification@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@VClubNotification@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@VClubNotification@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@VClubNotification@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@VNotificationCustom@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@VNotificationCustom@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@VNotificationCustom@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0?$NotificationSource@VNotificationUbiServices@ubiservices@@@ubiservices@@AEAA@XZ
??0?$NotificationSource@VNotificationUbiServices@ubiservices@@@ubiservices@@AEAA@_K@Z
??0?$NotificationSource@VNotificationUbiServices@ubiservices@@@ubiservices@@QEAA@AEBV01@@Z
??0AccountIssue@ubiservices@@QEAA@$$QEAU01@@Z
??0AccountIssue@ubiservices@@QEAA@AEBU01@@Z
??0AccountIssue@ubiservices@@QEAA@XZ
??0ActionUnit@ubiservices@@QEAA@$$QEAU01@@Z
??0ActionUnit@ubiservices@@QEAA@AEBU01@@Z
??0ActionUnit@ubiservices@@QEAA@XZ
??0ActionXp@ubiservices@@QEAA@$$QEAU01@@Z
??0ActionXp@ubiservices@@QEAA@AEBU01@@Z
??0ActionXp@ubiservices@@QEAA@XZ
??0ApplicationClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0ApplicationInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0ApplicationInfo@ubiservices@@QEAA@AEBU01@@Z
??0ApplicationInfo@ubiservices@@QEAA@XZ
??0ApplicationUsedInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0ApplicationUsedInfo@ubiservices@@QEAA@AEBU01@@Z
??0ApplicationUsedInfo@ubiservices@@QEAA@XZ
??0ArrayHeader@ubiservices@@QEAA@II@Z
??0AsyncResultBase@ubiservices@@QEAA@AEBV01@@Z
??0AsyncResultBase@ubiservices@@QEAA@PEBD@Z
??0AuthenticationClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0AuthenticationNotification@ubiservices@@QEAA@$$QEAU01@@Z
??0AuthenticationNotification@ubiservices@@QEAA@AEBU01@@Z
??0AuthenticationNotification@ubiservices@@QEAA@W4Enum@AuthenticationNotificationType@1@@Z
??0AuthenticationNotification@ubiservices@@QEAA@XZ
??0BadgeInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0BadgeInfo@ubiservices@@QEAA@AEBU01@@Z
??0BadgeInfo@ubiservices@@QEAA@XZ
??0ChallengeDetails@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeDetails@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeDetails@ubiservices@@QEAA@XZ
??0ChallengeDetailsCommunity@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeDetailsCommunity@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeDetailsCommunity@ubiservices@@QEAA@XZ
??0ChallengeDetailsProfile@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeDetailsProfile@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeDetailsProfile@ubiservices@@QEAA@XZ
??0ChallengeInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeInfo@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeInfo@ubiservices@@QEAA@XZ
??0ChallengeInfoCommunity@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeInfoCommunity@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeInfoCommunity@ubiservices@@QEAA@XZ
??0ChallengeInfoProfile@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengeInfoProfile@ubiservices@@QEAA@AEBU01@@Z
??0ChallengeInfoProfile@ubiservices@@QEAA@XZ
??0ChallengePool@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengePool@ubiservices@@QEAA@AEBU01@@Z
??0ChallengePool@ubiservices@@QEAA@XZ
??0ChallengePoolCommunity@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengePoolCommunity@ubiservices@@QEAA@AEBU01@@Z
??0ChallengePoolCommunity@ubiservices@@QEAA@XZ
??0ChallengePoolProfile@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengePoolProfile@ubiservices@@QEAA@AEBU01@@Z
??0ChallengePoolProfile@ubiservices@@QEAA@XZ
??0ChallengePoolsBundled@ubiservices@@QEAA@$$QEAU01@@Z
??0ChallengePoolsBundled@ubiservices@@QEAA@AEBU01@@Z
??0ChallengePoolsBundled@ubiservices@@QEAA@XZ
??0ClockServer@ubiservices@@AEAA@XZ
??0ClockSystem@ubiservices@@QEAA@AEBV?$TimePoint@VClockSystem@ubiservices@@V?$Duration@_KV?$Ratio@$00$0DLJKMKAA@@ubiservices@@@2@@1@@Z
??0ClubClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0ClubNotification@ubiservices@@AEAA@W4Enum@ClubNotificationType@1@@Z
??0ClubNotification@ubiservices@@AEAA@XZ
??0ClubNotification@ubiservices@@QEAA@$$QEAV01@@Z
??0ClubNotification@ubiservices@@QEAA@AEBV01@@Z
??0CompressedItemsAll@ubiservices@@QEAA@$$QEAU01@@Z
??0CompressedItemsAll@ubiservices@@QEAA@AEBU01@@Z
??0CompressedItemsAll@ubiservices@@QEAA@XZ
??0ConditionInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0ConditionInfo@ubiservices@@QEAA@AEBU01@@Z
??0ConditionInfo@ubiservices@@QEAA@XZ
??0ConfigurationClient@ubiservices@@AEAA@AEAVFacadeInternal@1@AEBVApplicationId@1@@Z
??0ConnectionInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0ConnectionInfo@ubiservices@@QEAA@AEBU01@@Z
??0ConnectionInfo@ubiservices@@QEAA@XZ
??0ConnectionInfoOwn@ubiservices@@QEAA@$$QEAU01@@Z
??0ConnectionInfoOwn@ubiservices@@QEAA@AEBU01@@Z
??0ConnectionInfoOwn@ubiservices@@QEAA@XZ
??0ConsumableInfo@ubiservices@@QEAA@AEBU01@@Z
??0ConsumableInfo@ubiservices@@QEAA@XZ
??0CredentialsExternalToken@ubiservices@@QEAA@$$QEAU01@@Z
??0CredentialsExternalToken@ubiservices@@QEAA@AEBU01@@Z
??0CredentialsExternalToken@ubiservices@@QEAA@AEBVString@1@W4Enum@CredentialsType@1@@Z
??0Date@ubiservices@@QEAA@GEE@Z
??0Date@ubiservices@@QEAA@XZ
??0DateTime@ubiservices@@QEAA@AEBUDate@1@AEBUTime@1@@Z
??0DateTime@ubiservices@@QEAA@AEBUtm@@@Z
??0DateTime@ubiservices@@QEAA@GEEEEE@Z
??0DateTime@ubiservices@@QEAA@XZ
??0DynamicPopulationCustomDataMultiValues@ubiservices@@QEAA@$$QEAU01@@Z
??0DynamicPopulationCustomDataMultiValues@ubiservices@@QEAA@AEBU01@@Z
??0DynamicPopulationCustomDataMultiValues@ubiservices@@QEAA@AEBVString@1@AEBV?$Vector@VString@ubiservices@@@1@@Z
??0DynamicPopulationCustomDataRange@ubiservices@@QEAA@$$QEAU01@@Z
??0DynamicPopulationCustomDataRange@ubiservices@@QEAA@AEBU01@@Z
??0DynamicPopulationCustomDataRange@ubiservices@@QEAA@AEBVString@1@H@Z
??0DynamicPopulationCustomDataSingleValue@ubiservices@@QEAA@$$QEAU01@@Z
??0DynamicPopulationCustomDataSingleValue@ubiservices@@QEAA@AEBU01@@Z
??0DynamicPopulationCustomDataSingleValue@ubiservices@@QEAA@AEBVString@1@0@Z
??0DynamicPopulationCustomParams@ubiservices@@QEAA@$$QEAV01@@Z
??0DynamicPopulationCustomParams@ubiservices@@QEAA@AEBV01@@Z
??0DynamicPopulationCustomParams@ubiservices@@QEAA@AEBVSpaceId@1@@Z
??0EntityClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0EntityCreation@ubiservices@@QEAA@$$QEAU01@@Z
??0EntityCreation@ubiservices@@QEAA@AEBU01@@Z
??0EntityCreation@ubiservices@@QEAA@AEBVString@1@00AEBV?$Vector@VString@ubiservices@@@1@AEBVSpaceId@1@@Z
??0EntityProfile@ubiservices@@AEAA@AEBVString@1@00AEBV?$Vector@VString@ubiservices@@@1@AEBVSpaceId@1@@Z
??0EntityProfile@ubiservices@@QEAA@AEBV01@@Z
??0EntityProfile@ubiservices@@QEAA@XZ
??0EntitySpace@ubiservices@@AEAA@AEBVString@1@00AEBV?$Vector@VString@ubiservices@@@1@AEBVSpaceId@1@@Z
??0EntitySpace@ubiservices@@QEAA@AEBV01@@Z
??0EntitySpace@ubiservices@@QEAA@XZ
??0EntityStreamContext@ubiservices@@QEAA@$$QEAV01@@Z
??0EntityStreamContext@ubiservices@@QEAA@AEBV01@@Z
??0EntityStreamContext@ubiservices@@QEAA@XZ
??0ErrorDetails@ubiservices@@QEAA@$$QEAU01@@Z
??0ErrorDetails@ubiservices@@QEAA@AEBU01@@Z
??0ErrorDetails@ubiservices@@QEAA@IAEBVString@1@QEBDI@Z
??0ErrorDetails@ubiservices@@QEAA@XZ
??0EventClient@ubiservices@@IEAA@AEAVFacadeInternal@1@@Z
??0EventInfoBase@ubiservices@@IEAA@W4Enum@EventType@1@AEBVString@1@1@Z
??0EventInfoBase@ubiservices@@IEAA@W4Enum@EventType@1@AEBVString@1@AEBVJson@1@@Z
??0EventInfoBase@ubiservices@@IEAA@XZ
??0EventInfoBase@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoContextStart@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoContextStart@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoContextStart@ubiservices@@QEAA@AEBVString@1@00@Z
??0EventInfoContextStart@ubiservices@@QEAA@AEBVString@1@0AEBVJson@1@@Z
??0EventInfoContextStop@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoContextStop@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoContextStop@ubiservices@@QEAA@AEBVString@1@00@Z
??0EventInfoContextStop@ubiservices@@QEAA@AEBVString@1@0AEBVJson@1@@Z
??0EventInfoCustom@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoCustom@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoCustom@ubiservices@@QEAA@AEBVString@1@0@Z
??0EventInfoCustom@ubiservices@@QEAA@AEBVString@1@AEBVJson@1@@Z
??0EventInfoGameLocalization@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoGameLocalization@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoGameLocalization@ubiservices@@QEAA@AEBVString@1@0W4Enum@SubtitlesActivation@1@00@Z
??0EventInfoGameLocalization@ubiservices@@QEAA@AEBVString@1@0W4Enum@SubtitlesActivation@1@0AEBVJson@1@@Z
??0EventInfoPlayerAchievement@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerAchievement@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerAchievement@ubiservices@@QEAA@IAEBVJson@1@@Z
??0EventInfoPlayerAchievement@ubiservices@@QEAA@IAEBVString@1@@Z
??0EventInfoPlayerNewsAction@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerNewsAction@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerNewsAction@ubiservices@@QEAA@AEBVString@1@000@Z
??0EventInfoPlayerNewsAction@ubiservices@@QEAA@AEBVString@1@00AEBVJson@1@@Z
??0EventInfoPlayerNewsImpression@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerNewsImpression@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerNewsImpression@ubiservices@@QEAA@AEBVString@1@0I0@Z
??0EventInfoPlayerNewsImpression@ubiservices@@QEAA@AEBVString@1@0IAEBVJson@1@@Z
??0EventInfoPlayerPlayTime@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerPlayTime@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerPlayTime@ubiservices@@QEAA@HH@Z
??0EventInfoPlayerPosition@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerPosition@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerPosition@ubiservices@@QEAA@AEBVJson@1@@Z
??0EventInfoPlayerPosition@ubiservices@@QEAA@AEBVString@1@@Z
??0EventInfoPlayerProgression@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoPlayerProgression@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoPlayerProgression@ubiservices@@QEAA@AEBVString@1@00@Z
??0EventInfoPlayerProgression@ubiservices@@QEAA@AEBVString@1@0AEBVJson@1@@Z
??0EventInfoService@ubiservices@@QEAA@$$QEAV01@@Z
??0EventInfoService@ubiservices@@QEAA@AEBV01@@Z
??0EventInfoService@ubiservices@@QEAA@AEBVString@1@0@Z
??0EventInfoService@ubiservices@@QEAA@AEBVString@1@AEBVJson@1@@Z
??0EventLog@ubiservices@@QEAA@XZ
??0EventTypeInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0EventTypeInfo@ubiservices@@QEAA@AEBU01@@Z
??0EventTypeInfo@ubiservices@@QEAA@W4Enum@EventType@1@AEBVString@1@@Z
??0EventsParms@SessionConfig@ubiservices@@QEAA@$$QEAU012@@Z
??0EventsParms@SessionConfig@ubiservices@@QEAA@AEBU012@@Z
??0EventsParms@SessionConfig@ubiservices@@QEAA@AEBVJson@2@AEBVString@2@@Z
??0ExpirationDetail@ubiservices@@QEAA@XZ
??0Facade@ubiservices@@QEAA@XZ
??0FeatureSwitch@ubiservices@@QEAA@$$QEAV01@@Z
??0FeatureSwitch@ubiservices@@QEAA@AEBV01@@Z
??0FeatureSwitch@ubiservices@@QEAA@XZ
??0FriendClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0FriendInfo@ubiservices@@QEAA@$$QEAV01@@Z
??0FriendInfo@ubiservices@@QEAA@AEBV01@@Z
??0FriendInfo@ubiservices@@QEAA@XZ
??0FriendInfoClub@ubiservices@@QEAA@$$QEAU01@@Z
??0FriendInfoClub@ubiservices@@QEAA@AEBU01@@Z
??0FriendInfoClub@ubiservices@@QEAA@AEBUProfileInfo@1@W4Relationship@01@@Z
??0FriendInfoClub@ubiservices@@QEAA@XZ
??0FriendInfoConsole@ubiservices@@QEAA@$$QEAU01@@Z
??0FriendInfoConsole@ubiservices@@QEAA@AEBU01@@Z
??0FriendInfoConsole@ubiservices@@QEAA@XZ
??0FriendInfoFacebook@ubiservices@@QEAA@$$QEAU01@@Z
??0FriendInfoFacebook@ubiservices@@QEAA@AEBU01@@Z
??0FriendInfoFacebook@ubiservices@@QEAA@XZ
??0GameConfig@ubiservices@@QEAA@$$QEAU01@@Z
??0GameConfig@ubiservices@@QEAA@AEBU01@@Z
??0GameConfig@ubiservices@@QEAA@AEBVApplicationId@1@AEBVString@1@1AEBVJson@1@W4Enum@Environment@1@AEBUGameConfigConsole@1@1AEBV?$Vector@UEventTypeInfo@ubiservices@@@1@@Z
??0Guid@ubiservices@@QEAA@$$QEAV01@@Z
??0Guid@ubiservices@@QEAA@AEBUGuidBinary@1@@Z
??0Guid@ubiservices@@QEAA@AEBV01@@Z
??0Guid@ubiservices@@QEAA@AEBVString@1@@Z
??0Guid@ubiservices@@QEAA@XZ
??0HighResolutionChrono@ubiservices@@QEAA@_K@Z
??0HttpBuffer@ubiservices@@QEAA@PEAEI@Z
??0HttpBuffer@ubiservices@@QEAA@XZ
??0HttpClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0HttpClientImpl@ubiservices@@QEAA@AEAVFacadeInternal@1@@Z
??0HttpConfig@ubiservices@@QEAA@$$QEAU01@@Z
??0HttpConfig@ubiservices@@QEAA@AEBU01@@Z
??0HttpConfig@ubiservices@@QEAA@XZ
??0HttpDelete@ubiservices@@QEAA@AEBV01@@Z
??0HttpDelete@ubiservices@@QEAA@AEBVString@1@0@Z
??0HttpDelete@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@0@Z
??0HttpDelete@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@@Z
??0HttpGet@ubiservices@@QEAA@AEBV01@@Z
??0HttpGet@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@@Z
??0HttpHead@ubiservices@@QEAA@AEBV01@@Z
??0HttpHead@ubiservices@@QEAA@AEBVString@1@@Z
??0HttpHead@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@@Z
??0HttpHeader@ubiservices@@QEAA@$$QEAV01@@Z
??0HttpHeader@ubiservices@@QEAA@AEBV01@@Z
??0HttpHeader@ubiservices@@QEAA@XZ
??0HttpPost@ubiservices@@QEAA@AEBV01@@Z
??0HttpPost@ubiservices@@QEAA@AEBVString@1@0@Z
??0HttpPost@ubiservices@@QEAA@AEBVString@1@AEBV?$Vector@E@1@@Z
??0HttpPost@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@0@Z
??0HttpPost@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@AEBV?$Vector@E@1@@Z
??0HttpProxyConfig@ubiservices@@QEAA@$$QEAU01@@Z
??0HttpProxyConfig@ubiservices@@QEAA@AEBU01@@Z
??0HttpProxyConfig@ubiservices@@QEAA@AEBVString@1@I00@Z
??0HttpPut@ubiservices@@QEAA@AEBV01@@Z
??0HttpPut@ubiservices@@QEAA@AEBVString@1@0@Z
??0HttpPut@ubiservices@@QEAA@AEBVString@1@AEBV?$Vector@E@1@@Z
??0HttpPut@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@0@Z
??0HttpPut@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@AEBV?$Vector@E@1@@Z
??0HttpRequest@ubiservices@@IEAA@AEBV01@@Z
??0HttpRequest@ubiservices@@IEAA@AEBVString@1@@Z
??0HttpRequest@ubiservices@@IEAA@AEBVString@1@AEBVHttpHeader@1@0@Z
??0HttpRequest@ubiservices@@IEAA@AEBVString@1@AEBVHttpHeader@1@@Z
??0HttpRequest@ubiservices@@IEAA@AEBVString@1@AEBVHttpHeader@1@AEBV?$Vector@E@1@@Z
??0HttpResponse@ubiservices@@QEAA@AEBV01@@Z
??0HttpResponse@ubiservices@@QEAA@IAEBVHttpHeader@1@AEBV?$SmartPtr@VHttpEntity@ubiservices@@@1@I@Z
??0HttpResponse@ubiservices@@QEAA@IAEBVHttpHeader@1@AEBVString@1@@Z
??0HttpResponse@ubiservices@@QEAA@XZ
??0HttpRetryConfig@ubiservices@@QEAA@IAEBURetryParam@01@AEBUTimeoutParam@01@@Z
??0HttpStatistics@ubiservices@@QEAA@AEBV01@@Z
??0HttpStatistics@ubiservices@@QEAA@AEBVTrafficStatistics@1@@Z
??0HttpStreamContext@ubiservices@@QEAA@AEBV01@@Z
??0HttpStreamContext@ubiservices@@QEAA@AEBVHttpBuffer@1@@Z
??0HttpStreamContext@ubiservices@@QEAA@XZ
??0HttpStreamGet@ubiservices@@QEAA@AEBV01@@Z
??0HttpStreamGet@ubiservices@@QEAA@AEBVString@1@AEBVHttpHeader@1@AEBVHttpStreamContext@1@@Z
??0HttpStreamGet@ubiservices@@QEAA@AEBVString@1@AEBVHttpStreamContext@1@@Z
??0HttpStreamNotification@ubiservices@@QEAA@$$QEAU01@@Z
??0HttpStreamNotification@ubiservices@@QEAA@AEBU01@@Z
??0HttpStreamNotification@ubiservices@@QEAA@W4Code@01@@Z
??0HttpStreamNotification@ubiservices@@QEAA@XZ
??0HttpStreamPost@ubiservices@@QEAA@AEBV01@@Z
??0HttpStreamPost@ubiservices@@QEAA@AEBVString@1@IAEBVHttpHeader@1@AEBVHttpStreamContext@1@@Z
??0HttpStreamPost@ubiservices@@QEAA@AEBVString@1@IAEBVHttpStreamContext@1@@Z
??0HttpStreamPut@ubiservices@@QEAA@AEBV01@@Z
??0HttpStreamPut@ubiservices@@QEAA@AEBVString@1@IAEBVHttpHeader@1@AEBVHttpStreamContext@1@@Z
??0HttpStreamPut@ubiservices@@QEAA@AEBVString@1@IAEBVHttpStreamContext@1@@Z
??0InstancesManager@ubiservices@@AEAA@AEBUGameConfig@1@AEBUSystemConfig@1@@Z
??0InventoryElement@ubiservices@@QEAA@$$QEAU01@@Z
??0InventoryElement@ubiservices@@QEAA@AEBU01@@Z
??0InventoryElement@ubiservices@@QEAA@XZ
??0Json@ubiservices@@AEAA@AEBV?$SmartPtr@UCjsonRoot@Json@ubiservices@@@1@PEAUcJSON@1@@Z
??0Json@ubiservices@@QEAA@AEBV01@@Z
??0Json@ubiservices@@QEAA@AEBVString@1@@Z
??0Json@ubiservices@@QEAA@PEBD@Z
??0JsonNodesPool@ubiservices@@QEAA@II@Z
??0JsonWriter@ubiservices@@AEAA@AEBVJson@1@AEBVString@1@PEAUcJSON@1@@Z
??0JsonWriter@ubiservices@@AEAA@AEBVJson@1@PEBDPEAUcJSON@1@@Z
??0JsonWriter@ubiservices@@QEAA@AEBV01@@Z
??0JsonWriter@ubiservices@@QEAA@AEBVJson@1@@Z
??0JsonWriter@ubiservices@@QEAA@AEBVString@1@@Z
??0JsonWriter@ubiservices@@QEAA@W4Enum@JsonWriterType@1@@Z
??0LeaderboardClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0LeaderboardInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0LeaderboardInfo@ubiservices@@QEAA@AEBU01@@Z
??0LeaderboardInfo@ubiservices@@QEAA@XZ
??0LeaderboardPrediction@ubiservices@@QEAA@$$QEAU01@@Z
??0LeaderboardPrediction@ubiservices@@QEAA@AEBU01@@Z
??0LeaderboardPrediction@ubiservices@@QEAA@XZ
??0LegalOptIns@ubiservices@@QEAA@$$QEAU01@@Z
??0LegalOptIns@ubiservices@@QEAA@AEBU01@@Z
??0LegalOptIns@ubiservices@@QEAA@XZ
??0LegalOptInsKey@ubiservices@@QEAA@$$QEAU01@@Z
??0LegalOptInsKey@ubiservices@@QEAA@AEBU01@@Z
??0LegalOptInsKey@ubiservices@@QEAA@AEBVString@1@00@Z
??0LegalOptInsKey@ubiservices@@QEAA@XZ
??0Log@ubiservices@@IEAA@XZ
??0LogDevice@ubiservices@@IEAA@XZ
??0LogDeviceConsole@ubiservices@@QEAA@XZ
??0LogDeviceDebugOutput@ubiservices@@QEAA@XZ
??0LogDeviceEal@ubiservices@@QEAA@XZ
??0MobileExtensionClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0MutexPrimitive@ubiservices@@QEAA@XZ
??0NewsClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0NewsInfo@ubiservices@@QEAA@$$QEAU01@@Z
??0NewsInfo@ubiservices@@QEAA@AEBU01@@Z
??0NewsInfo@ubiservices@@QEAA@XZ
??0NewsLink@ubiservices@@QEAA@$$QEAU01@@Z
??0NewsLink@ubiservices@@QEAA@AEBU01@@Z
??0NewsLink@ubiservices@@QEAA@XZ
??0NotificationActionsUnitReached@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationActionsUnitReached@ubiservices@@QEAA@AEBU01@@Z
??0NotificationActionsUnitReached@ubiservices@@QEAA@XZ
??0NotificationActionsXpReached@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationActionsXpReached@ubiservices@@QEAA@AEBU01@@Z
??0NotificationActionsXpReached@ubiservices@@QEAA@XZ
??0NotificationBadgeAcquired@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationBadgeAcquired@ubiservices@@QEAA@AEBU01@@Z
??0NotificationBadgeAcquired@ubiservices@@QEAA@XZ
??0NotificationChallengeBanked@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationChallengeBanked@ubiservices@@QEAA@AEBU01@@Z
??0NotificationChallengeBanked@ubiservices@@QEAA@XZ
??0NotificationChallengeCompleted@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationChallengeCompleted@ubiservices@@QEAA@AEBU01@@Z
??0NotificationChallengeCompleted@ubiservices@@QEAA@XZ
??0NotificationChallengeParticipationStarted@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationChallengeParticipationStarted@ubiservices@@QEAA@AEBU01@@Z
??0NotificationChallengeParticipationStarted@ubiservices@@QEAA@XZ
??0NotificationChallengeThresholdReached@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationChallengeThresholdReached@ubiservices@@QEAA@AEBU01@@Z
??0NotificationChallengeThresholdReached@ubiservices@@QEAA@XZ
??0NotificationClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0NotificationConditionsReached@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationConditionsReached@ubiservices@@QEAA@AEBU01@@Z
??0NotificationConditionsReached@ubiservices@@QEAA@XZ
??0NotificationCustom@ubiservices@@AEAA@XZ
??0NotificationCustom@ubiservices@@QEAA@$$QEAV01@@Z
??0NotificationCustom@ubiservices@@QEAA@AEBV01@@Z
??0NotificationDetailsMaintenance@ubiservices@@QEAA@XZ
??0NotificationOutgoing@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationOutgoing@ubiservices@@QEAA@AEBU01@@Z
??0NotificationOutgoing@ubiservices@@QEAA@AEBVString@1@0AEBVSpaceId@1@@Z
??0NotificationParams@SessionConfig@ubiservices@@QEAA@$$QEAU012@@Z
??0NotificationParams@SessionConfig@ubiservices@@QEAA@AEBU012@@Z
??0NotificationParams@SessionConfig@ubiservices@@QEAA@AEBV?$Vector@VString@ubiservices@@@2@AEBVString@2@AEBV?$Vector@VSpaceId@ubiservices@@@2@@Z
??0NotificationRewardPurchased@ubiservices@@QEAA@$$QEAU01@@Z
??0NotificationRewardPurchased@ubiservices@@QEAA@AEBU01@@Z
??0NotificationRewardPurchased@ubiservices@@QEAA@XZ
??0NotificationSourceStatus@ubiservices@@QEAA@W4Enum@StatusType@01@@Z
??0NotificationUbiServices@ubiservices@@AEAA@W4Enum@NotificationUbiServicesType@1@@Z
??0NotificationUbiServices@ubiservices@@AEAA@XZ
??0NotificationUbiServices@ubiservices@@QEAA@$$QEAV01@@Z
??0NotificationUbiServices@ubiservices@@QEAA@AEBV01@@Z
??0OfferDynamicItemsGroup@ubiservices@@QEAA@$$QEAU01@@Z
??0OfferDynamicItemsGroup@ubiservices@@QEAA@AEBU01@@Z
??0OfferDynamicItemsGroup@ubiservices@@QEAA@XZ
??0OfferElement@ubiservices@@QEAA@$$QEAU01@@Z
??0OfferElement@ubiservices@@QEAA@AEBU01@@Z
??0OfferElement@ubiservices@@QEAA@XZ
??0OfferPossibleItem@ubiservices@@QEAA@$$QEAU01@@Z
??0OfferPossibleItem@ubiservices@@QEAA@AEBU01@@Z
??0OfferPossibleItem@ubiservices@@QEAA@XZ
??0OfferSpace@ubiservices@@QEAA@$$QEAU01@@Z
??0OfferSpace@ubiservices@@QEAA@AEBU01@@Z
??0OfferSpace@ubiservices@@QEAA@XZ
??0OutputFormat@ubiservices@@QEAA@AEBV01@@Z
??0OutputFormat@ubiservices@@QEAA@XZ
??0PlayerCredentials@ubiservices@@AEAA@XZ
??0PlayerCredentials@ubiservices@@IEAA@W4Enum@SilentLogin@01@@Z
??0PlayerCredentials@ubiservices@@QEAA@$$QEAV01@@Z
??0PlayerCredentials@ubiservices@@QEAA@AEBV01@@Z
??0PlayerCredentials@ubiservices@@QEAA@AEBVString@1@0W4Enum@RememberMe@1@@Z
??0PlayerCredentials@ubiservices@@QEAA@AEBVString@1@W4Enum@CredentialsType@1@@Z
??0PlayerCredentialsBase@ubiservices@@IEAA@XZ
??0PlayerCredentialsBase@ubiservices@@QEAA@$$QEAV01@@Z
??0PlayerCredentialsBase@ubiservices@@QEAA@AEBV01@@Z
??0PlayerCredentialsSilent@ubiservices@@QEAA@$$QEAV01@@Z
??0PlayerCredentialsSilent@ubiservices@@QEAA@AEBV01@@Z
??0PlayerCredentialsSilent@ubiservices@@QEAA@XZ
??0PopulationInfo@ubiservices@@QEAA@$$QEAV01@@Z
??0PopulationInfo@ubiservices@@QEAA@AEBV01@@Z
??0PopulationInfo@ubiservices@@QEAA@XZ
??0PrimaryStoreClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0PrimaryStoreInventoryItem@ubiservices@@QEAA@$$QEAU01@@Z
??0PrimaryStoreInventoryItem@ubiservices@@QEAA@AEBU01@@Z
??0PrimaryStoreInventoryItem@ubiservices@@QEAA@AEBVString@1@W4Enum@InventoryItemState@01@@Z
??0PrimaryStoreInventoryItem@ubiservices@@QEAA@AEBVString@1@W4Enum@InventoryItemState@01@H@Z
??0PrimaryStoreInventoryItem@ubiservices@@QEAA@XZ
??0PrimaryStoreItem@ubiservices@@QEAA@$$QEAU01@@Z
??0PrimaryStoreItem@ubiservices@@QEAA@AEBU01@@Z
??0PrimaryStoreItem@ubiservices@@QEAA@XZ
??0PrimaryStoreItemAvailability@ubiservices@@QEAA@$$QEAU01@@Z
??0PrimaryStoreItemAvailability@ubiservices@@QEAA@AEBU01@@Z
??0PrimaryStoreItemAvailability@ubiservices@@QEAA@XZ
??0PrimaryStoreParams@SessionConfig@ubiservices@@QEAA@$$QEAU012@@Z
??0PrimaryStoreParams@SessionConfig@ubiservices@@QEAA@AEBU012@@Z
??0PrimaryStoreParams@SessionConfig@ubiservices@@QEAA@AEBV?$Vector@UPrimaryStoreInventoryItem@ubiservices@@@2@@Z
??0ProfileClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0ProfileInfo@ubiservices@@QEAA@AEBU01@@Z
??0ProfileInfo@ubiservices@@QEAA@XZ
??0ProfileInfoExternal@ubiservices@@QEAA@$$QEAU01@@Z
??0ProfileInfoExternal@ubiservices@@QEAA@AEBU01@@Z
??0ProfileInfoExternal@ubiservices@@QEAA@XZ
??0RefCountedObject@ubiservices@@QEAA@AEBV01@@Z
??0RefCountedObject@ubiservices@@QEAA@XZ
??0RemoteLog@ubiservices@@QEAA@AEBVString@1@@Z
??0RemoteLog@ubiservices@@QEAA@XZ
??0RemoteLogClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0ResultRange@ubiservices@@QEAA@II@Z
??0RewardInfo@ubiservices@@QEAA@AEBU01@@Z
??0RewardInfo@ubiservices@@QEAA@XZ
??0SearchFilter@EntityClient@ubiservices@@QEAA@$$QEAU012@@Z
??0SearchFilter@EntityClient@ubiservices@@QEAA@AEBU012@@Z
??0SearchFilter@EntityClient@ubiservices@@QEAA@XZ
??0SearchFilterItem@SecondaryStoreClient@ubiservices@@QEAA@$$QEAU012@@Z
??0SearchFilterItem@SecondaryStoreClient@ubiservices@@QEAA@AEBU012@@Z
??0SearchFilterItem@SecondaryStoreClient@ubiservices@@QEAA@XZ
??0SearchFilterOfferSpace@SecondaryStoreClient@ubiservices@@QEAA@$$QEAU012@@Z
??0SearchFilterOfferSpace@SecondaryStoreClient@ubiservices@@QEAA@AEBU012@@Z
??0SearchFilterOfferSpace@SecondaryStoreClient@ubiservices@@QEAA@I@Z
??0SecondaryStoreClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0SecondaryStoreNotification@ubiservices@@QEAA@$$QEAU01@@Z
??0SecondaryStoreNotification@ubiservices@@QEAA@AEBU01@@Z
??0SecondaryStoreNotification@ubiservices@@QEAA@W4Enum@SecondaryStoreNotificationType@1@AEBVString@1@@Z
??0SecondaryStoreNotification@ubiservices@@QEAA@XZ
??0SessionConfig@ubiservices@@QEAA@$$QEAU01@@Z
??0SessionConfig@ubiservices@@QEAA@AEBU01@@Z
??0SessionConfig@ubiservices@@QEAA@AEBUEventsParms@01@AEBUNotificationParams@01@AEBVDynamicPopulationCustomParams@1@AEBUPrimaryStoreParams@01@@Z
??0SessionInfo@ubiservices@@AEAA@AEBVPlayerCredentials@1@@Z
??0SessionInfo@ubiservices@@AEAA@_N@Z
??0SessionInfo@ubiservices@@QEAA@$$QEAV01@@Z
??0SessionInfo@ubiservices@@QEAA@AEBV01@@Z
??0SessionInfo@ubiservices@@QEAA@XZ
??0SocialFeedClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0StatCardCommunityFields@ubiservices@@QEAA@$$QEAU01@@Z
??0StatCardCommunityFields@ubiservices@@QEAA@AEBU01@@Z
??0StatCardCommunityFields@ubiservices@@QEAA@XZ
??0StatCardProfileFields@ubiservices@@QEAA@$$QEAU01@@Z
??0StatCardProfileFields@ubiservices@@QEAA@AEBU01@@Z
??0StatCardProfileFields@ubiservices@@QEAA@XZ
??0StatCardsCommunity@ubiservices@@QEAA@$$QEAU01@@Z
??0StatCardsCommunity@ubiservices@@QEAA@AEBU01@@Z
??0StatCardsCommunity@ubiservices@@QEAA@XZ
??0StatCardsProfiles@ubiservices@@QEAA@$$QEAU01@@Z
??0StatCardsProfiles@ubiservices@@QEAA@AEBU01@@Z
??0StatCardsProfiles@ubiservices@@QEAA@XZ
??0StatCommunityFields@ubiservices@@QEAA@$$QEAU01@@Z
??0StatCommunityFields@ubiservices@@QEAA@AEBU01@@Z
??0StatCommunityFields@ubiservices@@QEAA@XZ
??0StatProfileFields@ubiservices@@QEAA@$$QEAU01@@Z
??0StatProfileFields@ubiservices@@QEAA@AEBU01@@Z
??0StatProfileFields@ubiservices@@QEAA@XZ
??0StatsClient@ubiservices@@AEAA@AEAVFacadeInternal@1@@Z
??0StatsCommunity@ubiservices@@QEAA@$$QEAU01@@Z
??0StatsCommunity@ubiservices@@QEAA@AEBU01@@Z
??0StatsCommunity@ubiservices@@QEAA@XZ
??0StatsInfoProfile@ubiservices@@QEAA@$$QEAU01@@Z
??0StatsInfoProfile@ubiservices@@QEAA@AEBU01@@Z
??0StatsInfoProfile@ubiservices@@QEAA@XZ
??0StatsProfiles@ubiservices@@QEAA@$$QEAU01@@Z
??0StatsProfiles@ubiservices@@QEAA@AEBU01@@Z
??0StatsProfiles@ubiservices@@QEAA@XZ
??0StoreItem@ubiservices@@QEAA@$$QEAU01@@Z
??0StoreItem@ubiservices@@QEAA@AEBU01@@Z
??0StoreItem@ubiservices@@QEAA@XZ
??0StoreItemsMapping@ubiservices@@QEAA@$$QEAU01@@Z
??0StoreItemsMapping@ubiservices@@QEAA@AEBU01@@Z
??0StoreItemsMapping@ubiservices@@QEAA@XZ
??0String@ubiservices@@QEAA@AEBV01@@Z
??0String@ubiservices@@QEAA@AEBV?$BasicString@D@1@@Z
??0String@ubiservices@@QEAA@AEBV?$BasicString@_W@1@@Z
??0String@ubiservices@@QEAA@PEBD@Z
??0String@ubiservices@@QEAA@PEBD_K@Z
??0String@ubiservices@@QEAA@PEB_W@Z
??0String@ubiservices@@QEAA@PEB_W_K@Z
??0String@ubiservices@@QEAA@XZ
??0StringStream@ubiservices@@QEAA@PEBD@Z
??0StringStream@ubiservices@@QEAA@PEB_W@Z
??0StringStream@ubiservices@@QEAA@XZ
??0SystemCheckFunctor@ubiservices@@QEAA@$$QEAV01@@Z
??0SystemCheckFunctor@ubiservices@@QEAA@AEBV01@@Z
??0SystemCheckFunctor@ubiservices@@QEAA@Q6AXPEBD0I@Z00I@Z
??0SystemConfig@ubiservices@@QEAA@$$QEAU01@@Z
??0SystemConfig@ubiservices@@QEAA@AEBU01@@Z
??0SystemConfig@ubiservices@@QEAA@AEBUThreadingConfig@1@AEBUHttpConfig@1@@Z
??0TextBuffer@ubiservices@@QEAA@AEBVString@1@@Z

Sections

.text
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 686KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vc_redist.x64.exe
.exe windows:5 windows x86 arch:x86

8e2588a9cf43886de3449dfff03137b6

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32 UTC

Not After

20/06/2016, 17:32 UTC

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42 UTC

Not After

04/09/2016, 17:42 UTC

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19 UTC

Not After

31/08/2020, 22:29 UTC

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53 UTC

Not After

03/04/2021, 13:03 UTC

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:11 UTC

Not After

01/01/2016, 18:11 UTC

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59 UTC

Not After

08/07/2026, 21:09 UTC

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:c4:15:a1:23:fa:49:fb:dc:05:86:1f:21:48:b0:49:3b:d5:1d:dc:c6:72:35:17:aa:75:ea:bc:63:fa:76:f8
Signer

Actual PE Digest

6b:c4:15:a1:23:fa:49:fb:dc:05:86:1f:21:48:b0:49:3b:d5:1d:dc:c6:72:35:17:aa:75:ea:bc:63:fa:76:f8

Digest Algorithm

sha256

PE Digest Matches

true

57:19:7f:e6:ec:8b:ea:59:58:33:9f:f6:88:06:04:41:78:e0:04:94
Signer

Actual PE Digest

57:19:7f:e6:ec:8b:ea:59:58:33:9f:f6:88:06:04:41:78:e0:04:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix37\build\ship\x86\burn.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromResource
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc

advapi32

QueryServiceConfigW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
GetUserNameW
InitiateSystemShutdownExW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
DecryptFileW
ChangeServiceConfigW
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegSetValueExW
SetEntriesInAclA
SetSecurityDescriptorGroup
RegOpenKeyExW
GetTokenInformation
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
LookupAccountNameW
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

user32

GetMessageW
PeekMessageW
PostMessageW
IsWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
MsgWaitForMultipleObjects
WaitForInputIdle
LoadCursorW
BeginPaint
EndPaint
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
ReleaseDC
MessageBoxW
PostThreadMessageW
RegisterClassW
CreateWindowExW

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdi32

GetDeviceCaps
CreateDCW

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
StringFromGUID2
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCurrentProcess
InitializeCriticalSection
TlsFree
DeleteCriticalSection
CloseHandle
TlsGetValue
Sleep
GetLastError
ReleaseMutex
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetVersionExW
GetModuleHandleW
ReadFile
SetFilePointerEx
CreateFileW
GetCurrentProcessId
GetProcessId
WriteFile
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
CompareStringW
LocalFree
CreateNamedPipeW
WaitForSingleObject
OpenProcess
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetComputerNameW
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
HeapAlloc
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
InterlockedExchange
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
HeapSetInformation
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetEndOfFile
ResetEvent
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
DeleteFileW
GetThreadLocale
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GlobalAlloc
IsProcessorFeaturePresent
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
EncodePointer
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GlobalFree
MoveFileExW
CopyFileW
GetFileSizeEx
GetModuleHandleA
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
LCMapStringW
MultiByteToWideChar
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetLocalTime
UnmapViewOfFile
IsDebuggerPresent
DuplicateHandle
HeapFree
FormatMessageW
GetTempFileNameW
GetWindowsDirectoryW
CompareStringA
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
DecodePointer
ExitProcess
SetUnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
GetFullPathNameW
CreateDirectoryW
GetProcessHeap

cabinet

ord22
ord20
ord23

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

msi

ord88
ord17
ord125
ord116
ord115
ord118
ord8
ord171
ord205
ord45
ord137
ord141
ord238
ord190
ord169
ord90
ord173
ord111
ord70

rpcrt4

UuidCreate

wininet

InternetCloseHandle
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW
InternetConnectW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vc_redist.x86.exe
.exe windows:5 windows x86 arch:x86

8e2588a9cf43886de3449dfff03137b6

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32 UTC

Not After

20/06/2016, 17:32 UTC

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42 UTC

Not After

04/09/2016, 17:42 UTC

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19 UTC

Not After

31/08/2020, 22:29 UTC

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53 UTC

Not After

03/04/2021, 13:03 UTC

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:11 UTC

Not After

01/01/2016, 18:11 UTC

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59 UTC

Not After

08/07/2026, 21:09 UTC

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ab:06:cb:ec:52:d7:a1:69:63:80:49:01:2e:f8:86:a1:5e:87:65:11:a6:e9:90:cd:1f:7b:f7:ad:25:14:e8:b4
Signer

Actual PE Digest

ab:06:cb:ec:52:d7:a1:69:63:80:49:01:2e:f8:86:a1:5e:87:65:11:a6:e9:90:cd:1f:7b:f7:ad:25:14:e8:b4

Digest Algorithm

sha256

PE Digest Matches

true

df:f2:e7:17:7c:35:2e:2a:10:e7:c1:35:9e:a2:41:d0:98:70:74:d6
Signer

Actual PE Digest

df:f2:e7:17:7c:35:2e:2a:10:e7:c1:35:9e:a2:41:d0:98:70:74:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix37\build\ship\x86\burn.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromResource
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc

advapi32

QueryServiceConfigW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
GetUserNameW
InitiateSystemShutdownExW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
DecryptFileW
ChangeServiceConfigW
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegSetValueExW
SetEntriesInAclA
SetSecurityDescriptorGroup
RegOpenKeyExW
GetTokenInformation
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
LookupAccountNameW
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

user32

GetMessageW
PeekMessageW
PostMessageW
IsWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
MsgWaitForMultipleObjects
WaitForInputIdle
LoadCursorW
BeginPaint
EndPaint
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
ReleaseDC
MessageBoxW
PostThreadMessageW
RegisterClassW
CreateWindowExW

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdi32

GetDeviceCaps
CreateDCW

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
StringFromGUID2
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCurrentProcess
InitializeCriticalSection
TlsFree
DeleteCriticalSection
CloseHandle
TlsGetValue
Sleep
GetLastError
ReleaseMutex
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetVersionExW
GetModuleHandleW
ReadFile
SetFilePointerEx
CreateFileW
GetCurrentProcessId
GetProcessId
WriteFile
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
CompareStringW
LocalFree
CreateNamedPipeW
WaitForSingleObject
OpenProcess
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetComputerNameW
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
HeapAlloc
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
InterlockedExchange
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
HeapSetInformation
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetEndOfFile
ResetEvent
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
DeleteFileW
GetThreadLocale
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GlobalAlloc
IsProcessorFeaturePresent
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
EncodePointer
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GlobalFree
MoveFileExW
CopyFileW
GetFileSizeEx
GetModuleHandleA
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
LCMapStringW
MultiByteToWideChar
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetLocalTime
UnmapViewOfFile
IsDebuggerPresent
DuplicateHandle
HeapFree
FormatMessageW
GetTempFileNameW
GetWindowsDirectoryW
CompareStringA
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
DecodePointer
ExitProcess
SetUnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
GetFullPathNameW
CreateDirectoryW
GetProcessHeap

cabinet

ord22
ord20
ord23

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

msi

ord88
ord17
ord125
ord116
ord115
ord118
ord8
ord171
ord205
ord45
ord137
ord141
ord238
ord190
ord169
ord90
ord173
ord111
ord70

rpcrt4

UuidCreate

wininet

InternetCloseHandle
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW
InternetConnectW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlibwapi.dll
.dll windows:4 windows x64 arch:x64

2ad53bea1f66fb1ef61d05c891663d87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
SetFilePointer
WriteFile
ReadFile
GetLastError
CloseHandle
Sleep
DisableThreadLibraryCalls

msvcrt

free
malloc
strerror
fflush
_errno
fopen
fread
fprintf
sprintf
fwrite
ftell
fseek
fclose
clearerr
_fdopen
rand
srand
time
_initterm
fputc
_vsnprintf
memset
memcpy

Exports

Exports

adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
fill_win32_filefunc
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetFilePos
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFilePos
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzOpenCurrentFile3
unzOpenCurrentFilePassword
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipCloseFileInZipRaw
zipOpen
zipOpen2
zipOpenNewFileInZip
zipOpenNewFileInZip2
zipOpenNewFileInZip3
zipWriteInFileInZip
zlibCompileFlags
zlibVersion

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b78ecf47c0a3e24a6f4af114e2d1f5de

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

0a:0b:aa:56:7d:6e:3c:d3:eb:ba:3e:8b:7d:7d:87:f1Certificate

Extended Key Usages

Key Usages

df:f1:02:75:48:b7:d4:49:59:21:aa:5d:9a:26:8c:b4:9c:ec:ab:0f:41:c6:57:80:9c:f5:56:7b:4b:23:42:f0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 105KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 37KB - Virtual size: 36KB

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 851B

.data Size: 512B - Virtual size: 104B

.reloc Size: 1024B - Virtual size: 608B

857adc0c7299ad317b37f8e938f1816a

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

0a:0b:aa:56:7d:6e:3c:d3:eb:ba:3e:8b:7d:7d:87:f1
Certificate

df:f1:02:75:48:b7:d4:49:59:21:aa:5d:9a:26:8c:b4:9c:ec:ab:0f:41:c6:57:80:9c:f5:56:7b:4b:23:42:f0
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 105KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 37KB - Virtual size: 36KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 608B

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

0a:0b:aa:56:7d:6e:3c:d3:eb:ba:3e:8b:7d:7d:87:f1
Certificate

c2:ee:5b:0d:6a:96:0d:12:6f:89:bb:19:d1:21:2a:53:7f:93:97:34:3f:3b:fe:20:38:0a:97:66:f3:d8:45:c7
Signer

.text
Size: - Virtual size: 32.1MB

.rdata
Size: - Virtual size: 8.2MB

.data
Size: - Virtual size: 4.1MB

.pdata
Size: - Virtual size: 1.6MB

_RDATA
Size: - Virtual size: 396B

.xps0
Size: - Virtual size: 19.1MB

.xps1
Size: 512B - Virtual size: 360B

.xps2
Size: 39.8MB - Virtual size: 39.8MB

.rsrc
Size: 32KB - Virtual size: 32KB

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

64:57:97:41:81:d1:09:95:4f:1c:10:95:8c:65:4e:63
Certificate

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69
Signer

fd:fc:a5:9c:26:46:a2:32:31:18:e7:5a:8e:d5:a1:9e:7b:aa:3e:9a:73:d5:fb:f8:fb:62:d6:fa:25:41:82:69
Signer

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 5KB

.didat
Size: 512B - Virtual size: 44B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 5KB - Virtual size: 5KB