wechat[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

wechat.zip
Size

270.3MB
MD5

07ee249681798ace54bf1fc2b650956d
SHA1

1194dfc76e79c0d306ec373a7436e72b749d5676
SHA256

fd546b36104ef4fd3a089bad1a91c0ec89abe71de6b79b46c1af085abcb4e32f
SHA512

3fe2476b61a7e5a904e2c47299c8eb5be2e00d33e6c2614367f14fbbe2728674961d34709f7af26367cffccaf928c12e1c7c7e9c1636c4a80c5f6b455a436b9b
SSDEEP

6291456:topQ9AE2jnxyMdP0oURgLk7wX5SSJTKCgLUlOjdj0a3C4sDYFj:GpW2jx3P0RU3Xk7CTlOjJtsDC

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack002/[3.9.11.25]/wcprobe.dll	vmprotect

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/FindProcDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsInstallAssist.dll
unpack007/$PLUGINSDIR/FindProcDLL.dll
unpack007/$PLUGINSDIR/System.dll
unpack007/$PLUGINSDIR/WeChatInstallDll.dll

Files

wechat.zip
.zip

Password: infected
04a668ea0d36cd8963acc2b9c0f0aff0c0a7c73f46127863ea1f90e942664171
.exe windows:4 windows x86 arch:x86

Password: infected

e221f4f7d36469d53810a4b5f9fc8966

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:76:f2:b4:af:2c:ed:86:33:6f:a5:d2:72:6a:93:da:52:84:da:68:c1:f6:8c:6d:05:5f:18:ca:1b:c2:b5:9e
Signer

Actual PE Digest

e9:76:f2:b4:af:2c:ed:86:33:6f:a5:d2:72:6a:93:da:52:84:da:68:c1:f6:8c:6d:05:5f:18:ca:1b:c2:b5:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathW
SetFileTime
CloseHandle
GetShortPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
GetFullPathNameW
CreateDirectoryW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
SetFileAttributesW
ExpandEnvironmentStringsW
SetErrorMode
LoadLibraryW
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
lstrcpyA
lstrcpyW
lstrcatW
GetSystemDirectoryW
GetVersion
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
lstrcmpW
WaitForSingleObject
GlobalFree
GlobalAlloc
LoadLibraryExW
GetExitCodeProcess
FreeLibrary
WritePrivateProfileStringW
GetCommandLineW
GetTempPathW
GetPrivateProfileStringW
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
WriteFile
lstrlenA
WideCharToMultiByte

user32

EndDialog
ScreenToClient
GetWindowRect
RegisterClassW
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
wsprintfW
CreateWindowExW
SystemParametersInfoW
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
GetDC
SetWindowLongW
LoadImageW
SendMessageTimeoutW
FindWindowExW
EmptyClipboard
OpenClipboard
TrackPopupMenu
EndPaint
ShowWindow
GetDlgItem
IsWindow
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

Password: infected

5ebb000a52998bb996312557ab4e30f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\BrowserProj\Tools\NSIS\FindProcU\Debug\FindProcDLL.pdb

Imports

psapi

GetModuleFileNameExW

kernel32

GetModuleFileNameA
SetEnvironmentVariableA
CloseHandle
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
lstrcpyW
RaiseException
HeapValidate
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
GetCurrentThread
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
DebugBreak
lstrlenA
LoadLibraryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RtlUnwind
VirtualQuery
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
InterlockedExchange
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW

Exports

Exports

FindProc

Sections

.textbss
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 384KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

Password: infected

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WeChatInstallDll.dll
.dll windows:6 windows x86 arch:x86

Password: infected

473a3a11d05364cd31aaa8cf3e6b4e86

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:a5:48:b1:ac:fb:1f:a3:11:e1:c5:78:df:d4:5a:d6:e2:25:30:b0:44:19:5a:1e:e7:b8:32:64:ce:34:bd:12
Signer

Actual PE Digest

8a:a5:48:b1:ac:fb:1f:a3:11:e1:c5:78:df:d4:5a:d6:e2:25:30:b0:44:19:5a:1e:e7:b8:32:64:ce:34:bd:12

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\WeChat\wechat-windows-dev\WeChatInstall\Release\WeChatInstallDll.pdb

Imports

ws2_32

getnameinfo
shutdown
gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError

kernel32

FreeLibrary
LockResource
FindResourceExW
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
VerSetConditionMask
VerifyVersionInfoW
GetNativeSystemInfo
GetModuleHandleA
GetSystemInfo
GetVersionExW
UnmapViewOfFile
GetSystemTime
GetTimeZoneInformation
GetSystemDirectoryW
GetPrivateProfileStringW
InitializeCriticalSectionEx
RaiseException
DecodePointer
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
WaitForSingleObject
Process32NextW
GetSystemDefaultUILanguage
lstrcmpiW
GetWindowsDirectoryW
CreateProcessW
GetProcessId
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
QueryPerformanceCounter
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
PeekNamedPipe
WaitForMultipleObjects
SetLastError
FormatMessageA
SystemTimeToFileTime
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SwitchToFiber
DeleteFiber
CreateFiber
GetModuleHandleExW
FormatMessageW
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
SwitchToThread
CreateThread
GetThreadId
CreateSemaphoreA
CreateEventA
ReleaseSemaphore
DuplicateHandle
SetEvent
LocalFree
CreateFileA
GetCurrentProcessId
CreateFileMappingA
GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
SetFilePointerEx
SetFileTime
DeviceIoControl
MoveFileExW
SetWaitableTimer
CreateWaitableTimerW
OpenEventA
WaitForMultipleObjectsEx
ResetEvent
Thread32First
Thread32Next
AreFileApisANSI
WriteConsoleW
FindFirstFileExW
FlushFileBuffers
SetStdHandle
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetDateFormatW
GetConsoleOutputCP
SetConsoleCtrlHandler
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
InitializeSListHead
GetStartupInfoW
CreateEventW
IsProcessorFeaturePresent
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
EncodePointer
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
lstrcpynW
lstrcpyW
DosDateTimeToFileTime
GetACP
MulDiv
SetEnvironmentVariableW
FreeEnvironmentStringsW
TerminateProcess
GetProcAddress
LoadLibraryW
GetCurrentProcess
SetUnhandledExceptionFilter
GetLocalTime
WideCharToMultiByte
SetFileAttributesW
SetEndOfFile
SetFilePointer
GetFileSize
DeleteFileW
WinExec
Sleep
GetShortPathNameW
CreateDirectoryW
RemoveDirectoryW
FindFirstFileA
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetTimeFormatW
GetLastError
ExitProcess
GetModuleHandleW
FreeResource
LoadResource
SizeofResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetEnvironmentStringsW
ReadFile
CloseHandle
WriteFile
CreateFileW
GetTickCount
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
MapViewOfFileEx

user32

GetClientRect
InvalidateRect
DefWindowProcW
GetCaretPos
SetWindowPos
NotifyWinEvent
CreateAcceleratorTableW
InvalidateRgn
ReleaseCapture
SetCapture
ValidateRect
GetGUIThreadInfo
EndPaint
BeginPaint
GetUpdateRect
GetClassInfoExW
LoadImageW
wvsprintfW
InflateRect
SetWindowLongW
SetLayeredWindowAttributes
MonitorFromRect
GetWindowPlacement
CharPrevW
SetRect
IsRectEmpty
GetSysColor
SetCaretPos
HideCaret
GetCursorPos
CreateCaret
GetWindow
GetParent
GetSystemMetrics
GetWindowRect
MoveWindow
GetDC
ReleaseDC
GetWindowLongW
EnableWindow
SetWindowTextW
SendMessageW
GetWindowTextW
GetWindowTextLengthW
KillTimer
SetTimer
OffsetRect
ShowWindow
PtInRect
GetFocus
SetCursor
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
IntersectRect
IsWindow
PostThreadMessageW
DrawTextW
PostMessageW
CreateWindowExW
IsIconic
IsZoomed
EqualRect
UpdateLayeredWindow
SetFocus
CharNextW
FillRect
ShowCaret
MessageBoxW
SetWindowRgn
GetUserObjectInformationW
GetProcessWindowStation
GetWindowThreadProcessId
FindWindowExW
CallWindowProcW
BringWindowToTop
SwitchToThisWindow
FindWindowW
ClientToScreen
DestroyWindow
GetKeyState
UnregisterClassW
RegisterClassW
wsprintfW
GetPropW
SetPropW
RegisterClassExW
MapWindowPoints
ScreenToClient

gdi32

GetClipBox
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
SetBkColor
ExtTextOutW
CreatePenIndirect
MoveToEx
LineTo
GetTextExtentPoint32W
TextOutW
GetCharABCWidthsW
SaveDC
RestoreDC
SetWindowOrgEx
GetTextMetricsW
GetObjectA
CreateFontIndirectW
SelectClipRgn
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
CreateCompatibleBitmap
SetDIBColorTable
CreateDIBSection
SetTextColor
SetBkMode
BitBlt
Rectangle
DeleteObject
RoundRect
GetStockObject
CreateSolidBrush
CreatePen
DeleteDC
GetObjectW
SelectObject
CreateCompatibleDC
GetDeviceCaps

advapi32

CryptReleaseContext
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom

shell32

SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetFolderPathW
ShellExecuteW

ole32

CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CLSIDFromProgID
CoInitialize
OleInitialize
OleUninitialize
CoInitializeEx
OleLockRunning
CLSIDFromString

oleaut32

SysStringLen
VariantInit
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
SysFreeString

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawString
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipGetImageHeight
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth

shlwapi

StrCmpW
PathFileExistsW

imm32

ImmNotifyIME
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

msimg32

AlphaBlend

bcrypt

BCryptGenRandom

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

crypt32

CertOpenStore
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore

comctl32

_TrackMouseEvent
ord17

oleacc

CreateStdAccessibleObject
LresultFromObject

wldap32

ord41
ord50
ord60
ord211
ord22
ord217
ord143
ord27
ord30
ord26
ord46
ord32
ord33
ord35
ord79
ord301
ord200

Exports

Exports

AlertBox
BrowseUrl
ConfirmBox
ConfirmBoxEx
DeElevateStartProcess
DeleteWeChatDir
ExitTBCIASkinEngine
FindAllProcAndKill
FindControl
GetAllProcessIdFromProcessName
GetChannelIdFromFileVersion
GetControlData
GetCurProcessId
GetFileNameFromPath
GetHexVerFromFileVersion
GetParameters
GetWeChatConfigPath
GetWeChatDataPath
InitTBCIAMessageBox
InitTBCIASkinEngine
InstPathIsEndWeChat
IsFileExisted
IsRegKeyExisted
IsWindowExisted
MMLogE
MMLogI
NotifyProcessDestroy
OnControlBindNSISScript
ReadFileOneLine
SelectFolderDialog
SetControlData
SetFireWallAllow
SetInstallMoreOptionVisible
SetLanguage
ShowLicense
ShowPage
StartInstall
StartUninstall
TBCIAKillTimer
TBCIASendMessage
TestCase
__ASSERT
cleanInstallDir
clearAppletLnk
getVersionDirsAndRename
isGeWin7
onError
pluginInstall
setAutoRun
setVersion
test

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 653KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsInstallAssist.dll
.dll windows:4 windows x86 arch:x86

Password: infected

98bd347be99c6ea9d34c4596ddd7ed77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

iphlpapi

IcmpCreateFile
IcmpSendEcho
IcmpCloseHandle

ws2_32

WSACleanup
inet_addr
WSAStartup

kernel32

FindResourceExW
GetLastError
MultiByteToWideChar
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
FlushInstructionCache
GetCurrentProcess
CloseHandle
CreateMutexW
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
SetLastError
GetThreadLocale
GlobalHandle
lstrlenA
LoadLibraryW
GetProcAddress
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
LCMapStringW
WideCharToMultiByte
LCMapStringA
FindResourceW
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
HeapCreate
GetCommandLineA
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
RaiseException
lstrlenW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
TlsFree
GetConsoleCP
GetConsoleMode

user32

SetDlgItemTextW
EndDialog
SetWindowContextHelpId
EnableMenuItem
SendDlgItemMessageW
EnableWindow
LoadBitmapW
UnregisterClassA
GetSystemMenu
GetActiveWindow
DialogBoxIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
CreateAcceleratorTableW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
IsWindow
SetFocus
GetFocus
GetWindow
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
DefWindowProcW
LoadImageW
SetWindowTextW
SendMessageW
FindWindowW
IsIconic
ShowWindow
SetForegroundWindow
CharNextW
GetWindowLongW
SetWindowLongW
MapDialogRect

gdi32

CreateBrushIndirect
GetStockObject
GetObjectW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetDeviceCaps
CreateSolidBrush

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

ole32

CLSIDFromString
StringFromGUID2
CoCreateInstance
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
SysAllocStringLen

shlwapi

SHGetValueW

Exports

Exports

AbortWarn
ActivateSetup
CheckBaiduIntranet
CheckRun
CleanUpPendingOperation
GetOriginalTn
GetTn
GetTnInfo
IsOldVersion
Report
SelectFordDialog
SetControlImage
SetLicense

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

Password: infected

e221f4f7d36469d53810a4b5f9fc8966

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:31:45:c4:19:84:8b:3b:e2:0c:f1:42:3b:76:b4:2e:57:51:cd:29:65:0e:0e:c3:21:e2:59:71:6b:b2:ea:2c
Signer

Actual PE Digest

12:31:45:c4:19:84:8b:3b:e2:0c:f1:42:3b:76:b4:2e:57:51:cd:29:65:0e:0e:c3:21:e2:59:71:6b:b2:ea:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathW
SetFileTime
CloseHandle
GetShortPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
GetFullPathNameW
CreateDirectoryW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
SetFileAttributesW
ExpandEnvironmentStringsW
SetErrorMode
LoadLibraryW
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
lstrcpyA
lstrcpyW
lstrcatW
GetSystemDirectoryW
GetVersion
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
lstrcmpW
WaitForSingleObject
GlobalFree
GlobalAlloc
LoadLibraryExW
GetExitCodeProcess
FreeLibrary
WritePrivateProfileStringW
GetCommandLineW
GetTempPathW
GetPrivateProfileStringW
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
WriteFile
lstrlenA
WideCharToMultiByte

user32

EndDialog
ScreenToClient
GetWindowRect
RegisterClassW
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
wsprintfW
CreateWindowExW
SystemParametersInfoW
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
GetDC
SetWindowLongW
LoadImageW
SendMessageTimeoutW
FindWindowExW
EmptyClipboard
OpenClipboard
TrackPopupMenu
EndPaint
ShowWindow
GetDlgItem
IsWindow
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

Password: infected

5ebb000a52998bb996312557ab4e30f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\BrowserProj\Tools\NSIS\FindProcU\Debug\FindProcDLL.pdb

Imports

psapi

GetModuleFileNameExW

kernel32

GetModuleFileNameA
SetEnvironmentVariableA
CloseHandle
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
lstrcpyW
RaiseException
HeapValidate
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
GetCurrentThread
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
DebugBreak
lstrlenA
LoadLibraryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RtlUnwind
VirtualQuery
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
InterlockedExchange
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW

Exports

Exports

FindProc

Sections

.textbss
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 384KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

Password: infected

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WeChatInstallDll.dll
.dll windows:6 windows x86 arch:x86

5995151564a62f9c309819723f006513

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\WeChat\wechat-windows-dev\WeChatInstall\Release\WeChatInstallDll.pdb

Imports

ws2_32

getnameinfo
shutdown
gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
__WSAFDIsSet
socket
WSAGetLastError

kernel32

FreeLibrary
LockResource
FindResourceExW
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
VerSetConditionMask
VerifyVersionInfoW
GetNativeSystemInfo
GetModuleHandleA
GetSystemInfo
GetVersionExW
UnmapViewOfFile
GetSystemTime
GetTimeZoneInformation
GetSystemDirectoryW
GetPrivateProfileStringW
InitializeCriticalSectionEx
RaiseException
DecodePointer
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
WaitForSingleObject
Process32NextW
GetSystemDefaultUILanguage
lstrcmpiW
GetWindowsDirectoryW
CreateProcessW
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
QueryPerformanceCounter
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
PeekNamedPipe
WaitForMultipleObjects
SetLastError
FormatMessageA
SystemTimeToFileTime
GetEnvironmentVariableW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SwitchToFiber
DeleteFiber
CreateFiber
GetModuleHandleExW
FormatMessageW
GetSystemTimeAsFileTime
ConvertFiberToThread
ConvertThreadToFiber
SwitchToThread
CreateThread
GetThreadId
CreateSemaphoreA
CreateEventA
ReleaseSemaphore
DuplicateHandle
SetEvent
LocalFree
CreateFileA
MapViewOfFileEx
GetCurrentProcessId
GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
SetFilePointerEx
SetFileTime
DeviceIoControl
MoveFileExW
SetWaitableTimer
CreateWaitableTimerW
OpenEventA
WaitForMultipleObjectsEx
ResetEvent
Thread32First
Thread32Next
AreFileApisANSI
WriteConsoleW
FindFirstFileExW
FlushFileBuffers
SetStdHandle
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetDateFormatW
GetConsoleOutputCP
SetConsoleCtrlHandler
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
InitializeSListHead
GetStartupInfoW
CreateEventW
IsProcessorFeaturePresent
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
EncodePointer
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
lstrcpynW
lstrcpyW
DosDateTimeToFileTime
GetACP
MulDiv
SetEnvironmentVariableW
FreeEnvironmentStringsW
TerminateProcess
GetProcAddress
LoadLibraryW
GetCurrentProcess
SetUnhandledExceptionFilter
GetLocalTime
WideCharToMultiByte
SetFileAttributesW
SetEndOfFile
SetFilePointer
GetFileSize
DeleteFileW
WinExec
Sleep
GetShortPathNameW
CreateDirectoryW
RemoveDirectoryW
FindFirstFileA
GetModuleFileNameW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetTimeFormatW
GetLastError
ExitProcess
GetModuleHandleW
FreeResource
LoadResource
SizeofResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
ReadFile
GetEnvironmentStringsW
CloseHandle
WriteFile
CreateFileW
GetTickCount
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
CreateFileMappingA

user32

GetClientRect
InvalidateRect
DefWindowProcW
GetCaretPos
SetWindowPos
NotifyWinEvent
CreateAcceleratorTableW
InvalidateRgn
ReleaseCapture
SetCapture
ValidateRect
GetGUIThreadInfo
EndPaint
BeginPaint
GetUpdateRect
GetClassInfoExW
LoadImageW
wvsprintfW
InflateRect
SetWindowLongW
SetLayeredWindowAttributes
MonitorFromRect
GetWindowPlacement
CharPrevW
SetRect
IsRectEmpty
GetSysColor
SetCaretPos
HideCaret
GetCursorPos
CreateCaret
GetWindow
GetParent
GetSystemMetrics
GetWindowRect
MoveWindow
GetDC
ReleaseDC
GetWindowLongW
EnableWindow
SetWindowTextW
SendMessageW
GetWindowTextW
GetWindowTextLengthW
KillTimer
SetTimer
OffsetRect
ShowWindow
PtInRect
GetFocus
SetCursor
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
IntersectRect
IsWindow
PostThreadMessageW
DrawTextW
PostMessageW
CreateWindowExW
IsIconic
IsZoomed
EqualRect
UpdateLayeredWindow
SetFocus
CharNextW
FillRect
ShowCaret
MessageBoxW
SetWindowRgn
GetUserObjectInformationW
GetProcessWindowStation
GetWindowThreadProcessId
FindWindowExW
CallWindowProcW
BringWindowToTop
SwitchToThisWindow
FindWindowW
ClientToScreen
DestroyWindow
GetKeyState
UnregisterClassW
RegisterClassW
wsprintfW
GetPropW
SetPropW
RegisterClassExW
MapWindowPoints
ScreenToClient

gdi32

GetClipBox
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
SetBkColor
ExtTextOutW
CreatePenIndirect
MoveToEx
LineTo
GetTextExtentPoint32W
TextOutW
GetCharABCWidthsW
SaveDC
RestoreDC
SetWindowOrgEx
GetTextMetricsW
GetObjectA
CreateFontIndirectW
SelectClipRgn
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
CreateCompatibleBitmap
SetDIBColorTable
CreateDIBSection
SetTextColor
SetBkMode
BitBlt
Rectangle
DeleteObject
RoundRect
GetStockObject
CreateSolidBrush
CreatePen
DeleteDC
GetObjectW
SelectObject
CreateCompatibleDC
GetDeviceCaps

advapi32

CryptDestroyKey
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
DuplicateTokenEx
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom

shell32

SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetFolderPathW
ShellExecuteW

ole32

CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CLSIDFromProgID
CoInitialize
OleInitialize
OleUninitialize
CoInitializeEx
OleLockRunning
CLSIDFromString

oleaut32

SysStringLen
VariantInit
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
SysFreeString

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawString
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipGetImageHeight
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipCloneBrush
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth

shlwapi

StrCmpW
PathFileExistsW

imm32

ImmNotifyIME
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

msimg32

AlphaBlend

bcrypt

BCryptGenRandom

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

crypt32

CertOpenStore
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore

comctl32

_TrackMouseEvent
ord17

oleacc

CreateStdAccessibleObject
LresultFromObject

wldap32

ord41
ord50
ord60
ord211
ord22
ord217
ord143
ord27
ord30
ord26
ord46
ord32
ord33
ord35
ord79
ord301
ord200

Exports

Exports

AlertBox
BrowseUrl
ConfirmBox
ConfirmBoxEx
DeElevateStartProcess
DeleteWeChatDir
ExitTBCIASkinEngine
FindAllProcAndKill
FindControl
GetAllProcessIdFromProcessName
GetChannelIdFromFileVersion
GetControlData
GetCurProcessId
GetFileNameFromPath
GetHexVerFromFileVersion
GetParameters
GetWeChatConfigPath
GetWeChatDataPath
InitTBCIAMessageBox
InitTBCIASkinEngine
InstPathIsEndWeChat
IsFileExisted
IsRegKeyExisted
IsWindowExisted
MMLogE
MMLogI
NotifyProcessDestroy
OnControlBindNSISScript
ReadFileOneLine
SelectFolderDialog
SetControlData
SetFireWallAllow
SetInstallMoreOptionVisible
SetLanguage
ShowLicense
ShowPage
StartInstall
StartUninstall
TBCIAKillTimer
TBCIASendMessage
TestCase
__ASSERT
cleanInstallDir
clearAppletLnk
getVersionDirsAndRename
isGeWin7
onError
pluginInstall
setAutoRun
setVersion
test

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WeChat.exe
.exe windows:6 windows x64 arch:x64

a68203879d867040380668ec7a879e5c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:56:2a:34:37:fc:23:39:08:d0:73:b6:69:55:6e:96:c4:3a:75:b9:ea:9a:9c:cc:9e:76:ef:9f:4d:db:89:5c
Signer

Actual PE Digest

9e:56:2a:34:37:fc:23:39:08:d0:73:b6:69:55:6e:96:c4:3a:75:b9:ea:9a:9c:cc:9e:76:ef:9f:4d:db:89:5c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Tools\agent\workspace\MicroMsgWindowsV3911\out\x64\Release\bin\WeChat.pdb

Imports

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryExW
FindFirstFileW
FindNextFileW
GetCurrentProcess
GetShortPathNameW
TerminateProcess
GetModuleFileNameW
FindClose
LocalAlloc
GetFileAttributesW
GetPrivateProfileStringW
Sleep
GetLastError
GetProcAddress
LoadLibraryW
LocalFree
FreeLibrary
SetDllDirectoryW
LoadLibraryExA
VirtualQuery
VirtualProtect
WriteConsoleW
CreateFileW
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetSystemInfo
GetModuleHandleA
CloseHandle
GetVersionExW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetCurrentThreadId
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
QueryPerformanceCounter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetFileType
LCMapStringW

user32

GetSystemMetrics
MessageBoxW
FindWindowW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW

ole32

CoTaskMemFree

gdiplus

GdiplusShutdown
GdipGetGenericFontFamilySansSerif
GdiplusStartup

shlwapi

PathFileExistsW
PathRemoveFileSpecW

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WechatAppLauncher.exe
.exe windows:5 windows x86 arch:x86

373e31b0791057247a341163861d6fe2

Code Sign

01:ea:62:e4:43:cb:22:50:c8:70:ff:6b:b1:3b:a9:8e
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14/01/2020, 00:00

Not After

20/01/2021, 12:00

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:6e:de:36:46:25:fc:c0:ef:95:5e:52:d2:f2:d2:b2
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2020, 00:00

Not After

20/01/2021, 12:00

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a2:fa:e5:26:b4:1a:c9:27:84:77:86:bc:1e:95:43:15:1e:b4:fe:29:d9:26:5d:74:ab:d7:6f:71:eb:20:53:dd
Signer

Actual PE Digest

a2:fa:e5:26:b4:1a:c9:27:84:77:86:bc:1e:95:43:15:1e:b4:fe:29:d9:26:5d:74:ab:d7:6f:71:eb:20:53:dd

Digest Algorithm

sha256

PE Digest Matches

true

18:1e:8c:c4:b0:c8:22:3b:a2:20:bf:21:3b:d7:94:ea:07:1c:55:4f
Signer

Actual PE Digest

18:1e:8c:c4:b0:c8:22:3b:a2:20:bf:21:3b:d7:94:ea:07:1c:55:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\work\MicroMsgWindows-svn\tools\WechatAppLauncher\Release\WechatAppLauncher.pdb

Imports

kernel32

WideCharToMultiByte
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetProcAddress
EncodePointer
RaiseException
GetLastError
RtlUnwind
FreeLibrary
LoadLibraryExW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
HeapAlloc
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
MultiByteToWideChar
ExitProcess
GetACP
GetFileType
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
CloseHandle
WaitForSingleObjectEx
CreateThread
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetProcessHeap
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
CreateFileW

user32

BringWindowToTop
FindWindowW
SendMessageW

shell32

ShellExecuteW

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/ConfSdk.dll
.dll windows:6 windows x64 arch:x64

7b38250c5cabfd0f887d43dabc713461

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:33:49:f9:4f:36:e2:4a:42:34:2f:8a:f2:b4:5c:49:ad:51:74:7e:e1:94:4f:f5:14:88:e4:92:3f:62:09:6f
Signer

Actual PE Digest

7e:33:49:f9:4f:36:e2:4a:42:34:2f:8a:f2:b4:5c:49:ad:51:74:7e:e1:94:4f:f5:14:88:e4:92:3f:62:09:6f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Tools\agent\workspace\Voip_Release\SDK\Win32\Release\x64\ConfSdk.pdb

Imports

voipengine

?SetLogWriter@ILogWriter@@SAHPEAVIChannelLogWriter@@H@Z
CreateChannelInstance
?MMTGetIPv4Int@MMTinyLib@@YAIPEBD@Z
?UnSetLogWriter@ILogWriter@@SAHPEAVIChannelLogWriter@@@Z
CreateEngineInstance
DestroyEngineInstance
MMTWriteLog

kernel32

InitializeCriticalSectionAndSpinCount
WriteConsoleW
CreateFileW
HeapSize
SetStdHandle
GetCurrentThreadId
GetCurrentProcessId
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
Sleep
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
WideCharToMultiByte
CloseHandle
WaitForSingleObjectEx
GetExitCodeThread
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapReAlloc
HeapFree
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

ws2_32

htonl

ilink2

GetContextNoSTL
GetLogManagerNoSTL

Exports

Exports

??0IChannelLogWriter@@QEAA@$$QEAV0@@Z
??0IChannelLogWriter@@QEAA@AEBV0@@Z
??0IChannelLogWriter@@QEAA@XZ
??4IChannelLogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4IChannelLogWriter@@QEAAAEAV0@AEBV0@@Z
??4ILogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4ILogWriter@@QEAAAEAV0@AEBV0@@Z
??_7IChannelLogWriter@@6B@
GetWXConfService

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/RadiumWMPF.bin
.zip
[3.9.11.25]/SDL License.txt
[3.9.11.25]/SPEEX LICENSE.txt
[3.9.11.25]/SQLCipher LICENSE.txt
[3.9.11.25]/Skia LICENSE.txt
[3.9.11.25]/ThumbPlayer.bin
.zip
[3.9.11.25]/Uninstall.exe
.exe windows:4 windows x86 arch:x86

e221f4f7d36469d53810a4b5f9fc8966

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:31:45:c4:19:84:8b:3b:e2:0c:f1:42:3b:76:b4:2e:57:51:cd:29:65:0e:0e:c3:21:e2:59:71:6b:b2:ea:2c
Signer

Actual PE Digest

12:31:45:c4:19:84:8b:3b:e2:0c:f1:42:3b:76:b4:2e:57:51:cd:29:65:0e:0e:c3:21:e2:59:71:6b:b2:ea:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathW
SetFileTime
CloseHandle
GetShortPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
GetFullPathNameW
CreateDirectoryW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
SetFileAttributesW
ExpandEnvironmentStringsW
SetErrorMode
LoadLibraryW
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
lstrcpyA
lstrcpyW
lstrcatW
GetSystemDirectoryW
GetVersion
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
lstrcmpW
WaitForSingleObject
GlobalFree
GlobalAlloc
LoadLibraryExW
GetExitCodeProcess
FreeLibrary
WritePrivateProfileStringW
GetCommandLineW
GetTempPathW
GetPrivateProfileStringW
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
WriteFile
lstrlenA
WideCharToMultiByte

user32

EndDialog
ScreenToClient
GetWindowRect
RegisterClassW
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
wsprintfW
CreateWindowExW
SystemParametersInfoW
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
GetDC
SetWindowLongW
LoadImageW
SendMessageTimeoutW
FindWindowExW
EmptyClipboard
OpenClipboard
TrackPopupMenu
EndPaint
ShowWindow
GetDlgItem
IsWindow
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[3.9.11.25]/VoipEngine.dll
.dll windows:6 windows x64 arch:x64

b1764933ac74d0e6f29c291f25dd98c6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:fa:15:42:44:c1:de:f9:b2:cc:6f:9c:e3:64:d6:a5:a1:a4:11:7e:14:0c:07:59:1a:f6:1b:a4:d8:5e:ac:52
Signer

Actual PE Digest

b5:fa:15:42:44:c1:de:f9:b2:cc:6f:9c:e3:64:d6:a5:a1:a4:11:7e:14:0c:07:59:1a:f6:1b:a4:d8:5e:ac:52

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Tools\agent\workspace\Voip_Release\Win32\output\x64\Release\VoipEngine.pdb

Imports

ws2_32

__WSAFDIsSet
inet_ntoa
getpeername
WSASocketW
getsockname
send
connect
recvfrom
recv
sendto
setsockopt
getsockopt
ioctlsocket
closesocket
bind
htonl
getaddrinfo
inet_addr
ntohs
ntohl
htons
WSAGetLastError
select
freeaddrinfo

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetLocalTime
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
Sleep
QueryPerformanceFrequency
CloseHandle
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
FormatMessageA
WideCharToMultiByte
InitOnceBeginInitialize
InitOnceComplete
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetProcAddress
LocalFree
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
RtlUnwind
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStdHandle
GetFileType
GlobalFree
HeapAlloc
HeapFree
GetCurrentThread
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
HeapReAlloc
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
OutputDebugStringW
HeapSize
FlushFileBuffers
GetTimeZoneInformation
SetStdHandle
ReadFile
ReadConsoleW
CreateFileW
SetEndOfFile
GetSystemInfo
SetWaitableTimer
GetModuleHandleA
CreateWaitableTimerW
SystemTimeToFileTime
CreateEventA
OpenEventA
GetTickCount
WaitForMultipleObjectsEx
ReleaseSemaphore
SetEvent
ResetEvent
GlobalAlloc
DeleteFileW
MoveFileExW
FormatMessageW
LoadLibraryW
CreateEventW
SetThreadPriority
CreateSemaphoreA
WaitForSingleObject
GetProcessAffinityMask
QueryPerformanceCounter
GetThreadId
DuplicateHandle
TlsGetValue
WriteConsoleW

advapi32

SystemFunction036

iphlpapi

GetIpAddrTable
GetIpForwardTable
GetAdaptersAddresses
GetBestRoute

user32

GetSystemMetrics

ole32

CoCreateGuid

Exports

Exports

??0IChannelLogWriter@@QEAA@$$QEAV0@@Z
??0IChannelLogWriter@@QEAA@AEBV0@@Z
??0IChannelLogWriter@@QEAA@XZ
??0IMultiTalkMgr@MultiTalk@@QEAA@PEAVIMVQQEngine@@@Z
??0IMultiTalkObserver@MultiTalk@@QEAA@$$QEAV01@@Z
??0IMultiTalkObserver@MultiTalk@@QEAA@AEBV01@@Z
??0IMultiTalkObserver@MultiTalk@@QEAA@XZ
??1IMultiTalkMgr@MultiTalk@@QEAA@XZ
??4CVoipEngine@@QEAAAEAV0@$$QEAV0@@Z
??4CVoipEngine@@QEAAAEAV0@AEBV0@@Z
??4IChannelLogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4IChannelLogWriter@@QEAAAEAV0@AEBV0@@Z
??4ILogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4ILogWriter@@QEAAAEAV0@AEBV0@@Z
??4IMultiTalkMgr@MultiTalk@@QEAAAEAV01@AEBV01@@Z
??4IMultiTalkObserver@MultiTalk@@QEAAAEAV01@$$QEAV01@@Z
??4IMultiTalkObserver@MultiTalk@@QEAAAEAV01@AEBV01@@Z
??_7IChannelLogWriter@@6B@
??_7IMultiTalkObserver@MultiTalk@@6B@
?ClipImg@IMultiTalkMgr@MultiTalk@@QEAAHPEAEHHPEBEHHHH@Z
?Close@IMultiTalkMgr@MultiTalk@@QEAAHXZ
?DisableLogWriter@ILogWriter@@SAXXZ
?EnableLogWriter@ILogWriter@@SAXXZ
?GetAudioData@IMultiTalkMgr@MultiTalk@@QEAAHPEAEG@Z
?GetAudioFormat@IMultiTalkMgr@MultiTalk@@QEAAHPEAH0@Z
?GetChannelBytes@IMultiTalkMgr@MultiTalk@@QEAAXAEAH0@Z
?GetInviteInfo@IMultiTalkMgr@MultiTalk@@QEAAXPEAPEAXPEAH@Z
?GetPolicyValue@IMultiTalkMgr@MultiTalk@@SAHW4MultiTalkGeneralPolicy@2@PEAIH@Z
?GetScreenData@IMultiTalkMgr@MultiTalk@@QEAAHPEAEPEAH1111@Z
?GetVideoData@IMultiTalkMgr@MultiTalk@@QEAAHPEAH0000@Z
?GetVoiceActivity@IMultiTalkMgr@MultiTalk@@QEAAHH@Z
?MMTGetIPv4Int@MMTinyLib@@YAIPEBD@Z
?MMTSetLogLevel@MMTinyLib@@YAXH@Z
?MMTSetLogWriter@MMTinyLib@@YAXP6AXHPEBDH00H@Z@Z
?MMTWriteLog@MMTinyLib@@YAXHPEBDH00ZZ
?OnMemberChanged@IMultiTalkMgr@MultiTalk@@QEAAXAEBV?$vector@HV?$allocator@H@std@@@std@@@Z
?OnNetworkChange@IMultiTalkMgr@MultiTalk@@QEAAXH@Z
?Open@IMultiTalkMgr@MultiTalk@@QEAAHPEAVIMultiTalkObserver@2@III_KPEAUSvrAddrArray_MP@2@IAEBV?$vector@HV?$allocator@H@std@@@std@@PEAEH_NH2HHH4PEAIHHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@6@@Z
?Redirect@IMultiTalkMgr@MultiTalk@@QEAAHPEAUSvrAddrArray_MP@2@0H@Z
?SendAudio@IMultiTalkMgr@MultiTalk@@QEAAHPEAEG@Z
?SendScreen@IMultiTalkMgr@MultiTalk@@QEAAHPEAEHPEAX@Z
?SendScreen@IMultiTalkMgr@MultiTalk@@QEAAHPEAX@Z
?SendVideo@IMultiTalkMgr@MultiTalk@@QEAAHHPEAEHPEAX@Z
?SendVideo@IMultiTalkMgr@MultiTalk@@QEAAHPEAX@Z
?SetAVEncryptType@IMultiTalkMgr@MultiTalk@@QEAAXHH@Z
?SetAppCmd@IMultiTalkMgr@MultiTalk@@QEAAHHPEAEH@Z
?SetEngintInfo@IMultiTalkMgr@MultiTalk@@QEAAXPEAXH@Z
?SetLogWriter@ILogWriter@@SAHPEAVIChannelLogWriter@@H@Z
?SetSpeakerStatus@IMultiTalkMgr@MultiTalk@@QEAAXH@Z
?TransScreen@IMultiTalkMgr@MultiTalk@@QEAAHPEAEPEAX01@Z
?TransVideo@IMultiTalkMgr@MultiTalk@@QEAAHPEAEHPEAX0PEAH2@Z
?UnSetLogWriter@ILogWriter@@SAHPEAVIChannelLogWriter@@@Z
?__autoclassinit2@IMultiTalkMgr@MultiTalk@@QEAAX_K@Z
?getEngineInfo@IMultiTalkMgr@MultiTalk@@QEAAPEAUMVQQEngineInfo@@XZ
?getTotalBytes@IMultiTalkMgr@MultiTalk@@QEAAHXZ
CreateChannelInstance
CreateEngineInstance
DestroyEngineInstance
MMTWriteLog
SKP_Silk_SDK_Decode
SKP_Silk_SDK_Get_Decoder_Size
SKP_Silk_SDK_InitDecoder
__ASSERT
decode_buffer
getEngineGitVersion
getWxGFInfo
get_option
get_version
init
isWxGF
rewind_buffer
uninit
wxam2pic
wxam2picSeq
wxam2picshuffle
wxpc2jpg

Sections

.text
Size: 11.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 519KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChat.exe
.exe windows:6 windows x64 arch:x64

a68203879d867040380668ec7a879e5c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:56:2a:34:37:fc:23:39:08:d0:73:b6:69:55:6e:96:c4:3a:75:b9:ea:9a:9c:cc:9e:76:ef:9f:4d:db:89:5c
Signer

Actual PE Digest

9e:56:2a:34:37:fc:23:39:08:d0:73:b6:69:55:6e:96:c4:3a:75:b9:ea:9a:9c:cc:9e:76:ef:9f:4d:db:89:5c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Tools\agent\workspace\MicroMsgWindowsV3911\out\x64\Release\bin\WeChat.pdb

Imports

kernel32

VerSetConditionMask
VerifyVersionInfoW
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryExW
FindFirstFileW
FindNextFileW
GetCurrentProcess
GetShortPathNameW
TerminateProcess
GetModuleFileNameW
FindClose
LocalAlloc
GetFileAttributesW
GetPrivateProfileStringW
Sleep
GetLastError
GetProcAddress
LoadLibraryW
LocalFree
FreeLibrary
SetDllDirectoryW
LoadLibraryExA
VirtualQuery
VirtualProtect
WriteConsoleW
CreateFileW
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetSystemInfo
GetModuleHandleA
CloseHandle
GetVersionExW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetCurrentThreadId
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
QueryPerformanceCounter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetFileType
LCMapStringW

user32

GetSystemMetrics
MessageBoxW
FindWindowW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHCreateDirectoryExW
ShellExecuteW

ole32

CoTaskMemFree

gdiplus

GdiplusShutdown
GdipGetGenericFontFamilySansSerif
GdiplusStartup

shlwapi

PathFileExistsW
PathRemoveFileSpecW

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 418KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChatExt.exe
.exe windows:5 windows x86 arch:x86

17de35bd7cf43148433d7f0082ed6b61

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:4c:a9:0a:d0:eb:66:6a:62:b3:a4:27:da:32:fa:7f:07:f0:07:f0:64:35:dc:e3:35:37:a2:74:be:68:06:ee
Signer

Actual PE Digest

f9:4c:a9:0a:d0:eb:66:6a:62:b3:a4:27:da:32:fa:7f:07:f0:07:f0:64:35:dc:e3:35:37:a2:74:be:68:06:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\MicroMsg\trunk\MicroMsgWindows\tools\WeChatExt\Release\WeChatExt.pdb

Imports

kernel32

DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
CloseHandle
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
CreateDirectoryW
GetVersionExW
GetModuleFileNameW
GetTimeZoneInformation
GetSystemInfo
GetShortPathNameW
GetWindowsDirectoryW
DeleteFileW
FindNextFileW
CreateMutexW
CreateProcessW
OpenMutexW
GetProcessId
ReleaseMutex
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
WriteConsoleW
GetLocalTime
FindClose
EnterCriticalSection
GetLastError
FlushFileBuffers
CreateFileW
LeaveCriticalSection
InitializeCriticalSection
WriteFile
SetFilePointer
FindFirstFileW
SetStdHandle
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
GetCurrentProcessId
QueryPerformanceCounter
SetFilePointerEx
GetFileType
GetConsoleMode
GetConsoleCP
GetProcessHeap
GetStdHandle
GetOEMCP
GetACP
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
GetStringTypeW
GetSystemTimeAsFileTime
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
HeapAlloc
GetCommandLineW
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage

user32

GetSystemMetrics

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

shlwapi

PathFileExistsW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChatOCR.bin
.zip
[3.9.11.25]/WeChatResource.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:5e:cf:5f:be:ec:cd:c3:18:e5:2d:b2:6a:b5:0d:39:e5:ff:cd:ee:8d:94:ab:62:3f:e0:2f:96:16:f3:a2:ce
Signer

Actual PE Digest

de:5e:cf:5f:be:ec:cd:c3:18:e5:2d:b2:6a:b5:0d:39:e5:ff:cd:ee:8d:94:ab:62:3f:e0:2f:96:16:f3:a2:ce

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Tools\agent\workspace\MicroMsgWindowsV3911\out\x64\Release\bin\WeChatResource.pdb

Sections

.rdata
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34.7MB - Virtual size: 34.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChatSpt.exe
.exe windows:6 windows x64 arch:x64

38d9a6485a5894cf8e8ce314dc9255be

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:df:c7:ac:9a:19:a9:15:a7:6f:e4:75:bd:0b:a8:14:fd:57:12:4a:42:6f:4f:04:3d:64:a4:4c:2c:64:2f:4f
Signer

Actual PE Digest

93:df:c7:ac:9a:19:a9:15:a7:6f:e4:75:bd:0b:a8:14:fd:57:12:4a:42:6f:4f:04:3d:64:a4:4c:2c:64:2f:4f

Digest Algorithm

sha256

PE Digest Matches

true

8f:86:ea:5b:94:da:63:24:2d:94:98:9c:3f:de:57:93:32:2f:75:2b
Signer

Actual PE Digest

8f:86:ea:5b:94:da:63:24:2d:94:98:9c:3f:de:57:93:32:2f:75:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\wechat_third_party\wechat-subproject\WeChatSpt\x64\Release\WeChatSpt.pdb

Imports

kernel32

CloseHandle
GetLocalTime
DeleteCriticalSection
FlushFileBuffers
ReadFile
GetModuleFileNameW
SetEndOfFile
GetTempPathW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetFileSize
FindFirstFileExW
UnmapViewOfFile
MultiByteToWideChar
LoadLibraryW
GetProcAddress
WideCharToMultiByte
CreateFileMappingW
MapViewOfFile
CreateDirectoryW
GetCurrentProcess
GetShortPathNameW
GetLastError
GetTimeZoneInformation
CreateMutexW
ReleaseMutex
OpenFileMappingW
GetSystemDirectoryW
OpenProcess
GetModuleHandleW
OpenMutexW
LoadLibraryExW
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
GetCurrentThreadId
CreateFileW
FindClose
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
OutputDebugStringA
WriteFile
FindNextFileW
EnterCriticalSection
FindFirstFileW
IsValidCodePage
ReadConsoleW
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
RtlUnwind
LCMapStringW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
DecodePointer
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
ExitProcess
GetModuleHandleExW
GetStdHandle
HeapFree
HeapAlloc
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW

user32

EnumChildWindows
GetWindowPlacement
GetDesktopWindow
EnumDisplayMonitors
GetWindow
GetWindowRect
IsWindowVisible
GetMonitorInfoW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHCreateDirectoryExW

shlwapi

PathFileExistsW
PathRemoveFileSpecW

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChatUpdate.bin
.zip
[3.9.11.25]/WeChatUpdate.exe
.exe windows:6 windows x86 arch:x86

fcb7832b325a76914e1d1ba6d1c28afc

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d9:68:6c:f7:88:c5:45:16:20:a9:ea:43:26:3c:02:cc:55:55:6d:41:bb:a2:5e:0d:f3:aa:6e:9e:d0:0c:28:26
Signer

Actual PE Digest

d9:68:6c:f7:88:c5:45:16:20:a9:ea:43:26:3c:02:cc:55:55:6d:41:bb:a2:5e:0d:f3:aa:6e:9e:d0:0c:28:26

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Tools\agent\workspace\WeChatUpdate\WechatUpdate\Release\WeChatUpdate.pdb

Imports

kernel32

GetSystemTimeAsFileTime
WriteConsoleW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetThreadId
CreateSemaphoreA
CreateEventA
GetModuleHandleA
WaitForSingleObjectEx
ReleaseSemaphore
SetEvent
LocalFree
FormatMessageA
CreateFileA
SetEndOfFile
SetLastError
MapViewOfFileEx
UnmapViewOfFile
CreateFileMappingA
GetEnvironmentVariableW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileTime
GetFullPathNameW
SetFilePointerEx
DeviceIoControl
MoveFileExW
SetWaitableTimer
CreateWaitableTimerW
OpenEventA
WaitForMultipleObjectsEx
ResetEvent
Thread32First
Thread32Next
AreFileApisANSI
GetFileSizeEx
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
FreeLibrary
GetWindowsDirectoryW
GetSystemInfo
DeleteFileW
GetTimeZoneInformation
SetFileAttributesW
GetSystemDirectoryW
GetVersionExW
CopyFileW
GetFileAttributesW
FindClose
RemoveDirectoryW
FindNextFileW
WritePrivateProfileStringW
FindFirstFileW
GetFileInformationByHandle
GetProcAddress
LoadLibraryW
GetLogicalDriveStringsW
lstrlenW
QueryDosDeviceW
TerminateThread
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleFileNameW
GetSystemDefaultUILanguage
GlobalUnlock
GetModuleHandleW
GlobalLock
GlobalFree
GlobalAlloc
FreeResource
GetTickCount
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
ReleaseMutex
CreateMutexW
TerminateProcess
GetPrivateProfileStringW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSize
CreateThread
ReadConsoleA
SetConsoleMode
LoadLibraryA
ConvertFiberToThread
DeleteFiber
WaitForSingleObject
GetTempPathW
DosDateTimeToFileTime
GetFileType
SystemTimeToFileTime
GetCurrentDirectoryW
CloseHandle
DuplicateHandle
CreateFileW
SetFilePointer
WriteFile
GetCurrentProcess
ReadFile
CreateDirectoryW
FindResourceW
LoadResource
FindResourceExW
LockResource
SizeofResource
WideCharToMultiByte
GetLocalTime
Sleep
MultiByteToWideChar
GetCurrentThreadId
GetShortPathNameW
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetConsoleCtrlHandler
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
RtlUnwind
MulDiv
GetACP
ExitProcess
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateEventW
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
EncodePointer
FileTimeToSystemTime
HeapSize
InitializeCriticalSectionEx
HeapFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetExitCodeThread
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock

user32

GetWindowThreadProcessId
PostMessageW
SendMessageW
GetDC
TranslateAcceleratorW
LoadStringW
GetUserObjectInformationW
GetProcessWindowStation
CreateAcceleratorTableW
InvalidateRgn
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
GetCaretPos
IsWindow
SwitchToThisWindow
GetSysColor
SetCaretPos
HideCaret
ShowCaret
CreateCaret
CharPrevW
PostQuitMessage
MoveWindow
GetWindowRect
FillRect
DrawTextW
ReleaseDC
TranslateMessage
SetFocus
PostThreadMessageA
DispatchMessageW
ShowWindow
GetSystemMetrics
GetWindow
GetMessageW
GetCursorPos
IsIconic
PtInRect
KillTimer
UpdateLayeredWindow
IsZoomed
GetClientRect
SetWindowLongW
SetCursor
LoadCursorW
ClientToScreen
SetTimer
CreateWindowExW
SetWindowRgn
EqualRect
GetWindowLongW
DestroyWindow
SetWindowPos
BringWindowToTop
FindWindowW
UnregisterClassW
EnableWindow
IntersectRect
SetRect
wsprintfW
DefWindowProcW
MessageBoxW
GetPropW
RegisterClassExW
LoadAcceleratorsW
GetKeyState
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
InvalidateRect
MapWindowPoints
ScreenToClient
GetFocus
SetCapture
ReleaseCapture
GetParent
GetMonitorInfoW
MonitorFromWindow
SetLayeredWindowAttributes
LoadImageW
RegisterClassW
GetClassInfoExW
CallWindowProcW
OffsetRect
InflateRect
wvsprintfW
CharNextW
SetPropW

gdi32

SetWindowOrgEx
GetTextMetricsW
CreateRoundRectRgn
RestoreDC
GetClipBox
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
SetBkColor
ExtTextOutW
CreatePenIndirect
MoveToEx
LineTo
SetBkMode
GetObjectA
SetTextColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
GetDeviceCaps
SaveDC
CreateFontIndirectW
RoundRect
CreateSolidBrush
DeleteObject
GetObjectW
Rectangle
CreatePen
DeleteDC
GetStockObject
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
CreateDIBSection
SetDIBColorTable
CreateRectRgnIndirect
BitBlt
CombineRgn
SelectClipRgn

advapi32

DeregisterEventSource
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
DuplicateTokenEx
RegQueryValueExW
GetTokenInformation
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegisterEventSourceW
CryptSignHashW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptEnumProvidersW
CryptExportKey

shell32

SHCreateDirectoryExW
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CLSIDFromProgID
CLSIDFromString
OleLockRunning
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree

gdiplus

GdiplusShutdown
GdipBitmapUnlockBits
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipAlloc
GdiplusStartup
GdipCreateBitmapFromStream
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipCreateFromHDC
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDrawString
GdipSetTextRenderingHint
GdipCreateLineBrushI
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette

shlwapi

PathRemoveFileSpecW
PathFileExistsW

dbghelp

MiniDumpWriteDump

msimg32

AlphaBlend

userenv

GetAllUsersProfileDirectoryW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

_TrackMouseEvent
ord17

ws2_32

closesocket
WSASetLastError
send
recv
WSAGetLastError
WSACleanup

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmNotifyIME

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenStore

bcrypt

BCryptGenRandom

Exports

Exports

__ASSERT

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 523KB - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeChatUtility.bin
.zip
[3.9.11.25]/WeChatWin.dll
.dll windows:6 windows x64 arch:x64

14d83a8d8356ffbf1f76ef70c57615b7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:11:dc:42:f0:aa:ca:ba:f5:e8:93:96:4e:b1:d7:e1:2d:49:ad:81:3a:cb:3d:18:42:c1:e8:b6:f7:85:ae:b9
Signer

Actual PE Digest

74:11:dc:42:f0:aa:ca:ba:f5:e8:93:96:4e:b1:d7:e1:2d:49:ad:81:3a:cb:3d:18:42:c1:e8:b6:f7:85:ae:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

d3d11

D3D11CreateDevice

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

usp10

ScriptItemize
ScriptShape
ScriptFreeCache

ilink2

GetContextNoSTL
GetLogManagerNoSTL

libffmpeg

av_get_token
av_strtok
av_strcasecmp
avio_open_dyn_buf
av_opt_set_from_string
av_opt_set_dict2
av_opt_eval_int
av_opt_next
avio_close
avio_r8
avfilter_graph_send_command
avfilter_register_all
avfilter_link_get_channels
av_usleep
av_gettime_relative
av_bprint_finalize
av_bprintf
av_bprint_init
av_strlcat
av_asprintf
swr_get_class
avio_w8
avio_check
avio_find_protocol_name
avfilter_inout_free
avfilter_get_class
av_bsf_alloc
av_bsf_get_by_name
av_strlcpy
av_get_pix_fmt_name
av_parse_ratio
av_parse_video_size
av_parse_video_rate
av_get_pix_fmt
avcodec_find_best_pix_fmt_of_2
avfilter_init_str
avfilter_graph_alloc_filter
avfilter_graph_set_auto_convert
avfilter_graph_parse2
av_guess_frame_rate
av_strstart
av_fifo_alloc
avformat_query_codec
av_filename_number_test
av_guess_codec
av_program_add_stream_index
av_new_program
avformat_alloc_context
av_format_set_data_codec
av_format_set_subtitle_codec
avio_read
av_pix_fmt_desc_get
av_fifo_realloc2
av_fifo_generic_write
av_fifo_generic_read
av_get_exact_bits_per_sample
avcodec_parameters_alloc
av_format_set_video_codec
av_codec_set_chroma_intra_matrix
av_codec_set_lowres
av_codec_get_lowres
av_dict_copy
av_dict_parse_string
av_dict_set_int
av_get_channel_layout_nb_channels
av_get_channel_layout
av_get_sample_fmt
av_fopen_utf8
av_reallocp_array
av_strtod
av_parse_time
av_get_known_color_name
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_get_bits_per_pixel
av_display_rotation_get
av_bprint_chars
swresample_configuration
swresample_version
swr_alloc
avfilter_graph_queue_command
avfilter_graph_request_oldest
av_buffersrc_get_nb_failed_requests
av_buffersrc_add_frame_flags
av_buffersink_set_frame_size
av_buffersink_get_frame_rate
av_expr_parse
av_expr_eval
av_expr_free
avutil_version
avutil_configuration
av_mallocz_array
av_calloc
av_strdup
av_max_alloc
av_log_format_line
av_log_get_flags
av_lockmgr_register
av_log_set_level
av_get_sample_fmt_string
av_get_cpu_flags
av_force_cpu_flags
av_parse_cpu_caps
av_get_channel_name
av_get_channel_description
av_get_standard_channel_layout
av_codec_next
avcodec_version
avio_enum_protocols
avformat_version
avformat_configuration
av_iformat_next
av_oformat_next
avformat_get_class
av_stream_get_side_data
av_find_input_format
av_guess_format
avformat_match_stream_specifier
avfilter_version
avfilter_configuration
avfilter_pad_count
avfilter_pad_get_name
av_register_all
avformat_network_init
avfilter_graph_free
av_free_packet
av_strerror
av_format_set_audio_codec
av_stream_get_recommended_encoder_configuration
avcodec_get_context_defaults3
av_buffersrc_parameters_alloc
avcodec_configuration
avcodec_get_class
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
av_bsf_next
av_codec_is_encoder
av_codec_is_decoder
avcodec_descriptor_next
av_buffersrc_parameters_set
av_strlcatf
avcodec_descriptor_get_by_name
avio_close_dyn_buf
avfilter_pad_get_type
avfilter_next
av_opt_show2
av_opt_get_key_value
av_opt_child_class_next
av_opt_set
swscale_version
swscale_configuration
sws_isSupportedInput
sws_isSupportedOutput
sws_alloc_context
sws_get_class
av_log_default_callback
av_fifo_space
av_fifo_size
av_fifo_freep
av_opt_set_int
av_opt_find
av_opt_eval_flags
av_opt_set_dict
av_stream_get_codec_timebase
avformat_transfer_internal_stream_timing_info
av_sdp_create
av_dump_format
av_codec_get_tag2
av_codec_get_id
av_pkt_dump_log2
av_stream_get_end_pts
av_stream_get_parser
avio_open2
avio_flush
avio_printf
avio_size
avio_seek
avio_write
avcodec_descriptor_get
avcodec_get_name
av_bsf_free
av_bsf_receive_packet
av_bsf_send_packet
av_bsf_init
av_get_audio_frame_duration
avcodec_encode_subtitle
av_parser_close
av_parser_change
av_parser_init
avcodec_receive_packet
avcodec_send_frame
avcodec_receive_frame
avcodec_send_packet
avcodec_decode_subtitle2
avcodec_default_get_buffer2
av_packet_rescale_ts
av_packet_move_ref
av_packet_split_side_data
av_packet_get_side_data
av_packet_new_side_data
av_copy_packet_side_data
av_init_packet
avsubtitle_free
avcodec_parameters_to_context
avcodec_parameters_from_context
avcodec_parameters_copy
avcodec_parameters_free
avcodec_free_context
avcodec_alloc_context3
avcodec_register_all
av_codec_set_pkt_timebase
av_frame_get_buffer
av_frame_ref
av_frame_get_decode_error_flags
av_frame_get_channels
av_frame_get_pkt_duration
av_dict_free
av_get_channel_layout_string
av_buffer_unref
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_get_sample_fmt_name
av_log_set_flags
av_log_get_level
av_rescale_delta
av_compare_ts
av_rescale
av_find_nearest_q_idx
av_add_q
av_mul_q
av_reduce
av_freep
av_realloc_array
av_realloc_f
av_malloc_array
av_mallocz
av_log2
av_get_picture_type_char
av_get_media_type_string
av_default_item_name
av_write_trailer
av_interleaved_write_frame
avformat_write_header
avformat_alloc_output_context2
avformat_new_stream
avformat_free_context
avio_closep
avio_open
av_packet_unref
avcodec_copy_context
av_dict_set
av_log_set_callback
av_rescale_q_rnd
av_rescale_q
avfilter_graph_config
avfilter_link
av_buffersink_params_alloc
avfilter_graph_create_filter
avfilter_graph_alloc
avfilter_get_by_name
av_buffersink_get_frame_flags
av_buffersrc_add_frame
av_log
av_find_best_stream
avformat_seek_file
avio_feof
av_read_frame
avcodec_flush_buffers
av_seek_frame
av_frame_unref
av_get_default_channel_layout
av_free
av_malloc
av_get_bytes_per_sample
av_frame_get_best_effort_timestamp
sws_scale
avcodec_decode_video2
sws_getContext
avpicture_fill
avpicture_get_size
av_frame_alloc
av_dict_get
avcodec_open2
avcodec_find_decoder
avformat_close_input
avcodec_close
sws_freeContext
swr_free
av_frame_free
avformat_find_stream_info
avformat_open_input

kernel32

SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceBeginInitialize
InitOnceComplete
IsProcessorFeaturePresent
RtlPcToFileHeader
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
LoadLibraryExA
EncodePointer
LCMapStringEx
CloseThreadpoolWork
GetStringTypeW
GetFileInformationByHandleEx
FindNextFileA
FindFirstFileExA
GetFileAttributesExA
FlsFree
FlsSetValue
FlsGetValue
CompareStringEx
GetCPInfo
InitializeSListHead
UnhandledExceptionFilter
GetStartupInfoW
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
InterlockedPushEntrySList
InterlockedFlushSList
FlsAlloc
GetTempPathA
DeleteFileA
VirtualProtect
AreFileApisANSI
MapViewOfFileEx
CreateWaitableTimerW
SetWaitableTimer
WaitForMultipleObjectsEx
OpenEventA
GetFullPathNameW
SwitchToThread
SetDllDirectoryA
GetModuleFileNameA
SetConsoleCtrlHandler
LockFileEx
UnlockFileEx
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetACP
GetLocaleInfoEx
InitializeSRWLock
InitOnceExecuteOnce
LoadLibraryA
CreateEventA
ExitProcess
DosDateTimeToFileTime
HeapCreate
GetDiskFreeSpaceW
VirtualUnlock
GetFullPathNameA
HeapValidate
GetDiskFreeSpaceA
GetFileAttributesA
HeapCompact
VirtualLock
SetErrorMode
GetStringTypeExW
LCMapStringA
GetStringTypeExA
RtlUnwindEx
RtlUnwind
ExitThread
GetConsoleOutputCP
SetStdHandle
WriteConsoleW
GetConsoleCP
GetDateFormatW
CompareStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetNumberOfConsoleInputEvents
ReadConsoleInputW
PeekConsoleInputA
lstrcmpA
ReleaseSemaphore
CreateSemaphoreA
FindFirstFileExW
FlushFileBuffers
UnlockFile
GetTickCount
GetModuleHandleW
SetEvent
CloseHandle
WaitForSingleObject
CreateEventW
GetProcAddress
GetLastError
GetModuleFileNameW
GlobalMemoryStatusEx
PulseEvent
CreateFileW
GetFileInformationByHandle
FindFirstFileW
FindNextFileW
FindClose
CreateHardLinkW
GetExitCodeThread
Sleep
CreateThread
GetFileAttributesW
MulDiv
GlobalLock
GlobalUnlock
GlobalSize
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
lstrlenW
lstrcatW
GetTempPathW
GetSystemDirectoryW
GlobalAlloc
ReadFile
GlobalFree
GetLocalTime
MultiByteToWideChar
WriteFile
GetCurrentProcessId
FreeLibrary
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
FreeResource
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
lstrcmpW
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
OpenProcess
K32GetModuleFileNameExW
CreateMutexW
ReleaseMutex
GetSystemPowerStatus
OpenThread
GetCurrentThread
GetTickCount64
GetSystemInfo
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetProcessHandleCount
GetCurrentProcess
VirtualQuery
CreateToolhelp32Snapshot
LockFile
Process32NextW
WritePrivateProfileStringW
GetPrivateProfileStringW
OpenMutexW
GetVersionExW
QueryPerformanceFrequency
QueryPerformanceCounter
K32GetProcessMemoryInfo
K32GetPerformanceInfo
K32QueryWorkingSet
GetProcessTimes
InitializeCriticalSectionEx
RaiseException
DecodePointer
WideCharToMultiByte
GlobalHandle
CompareFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetTimeFormatW
GetLogicalDriveStringsW
QueryDosDeviceW
DuplicateHandle
TerminateThread
GetShortPathNameW
MoveFileW
GetLongPathNameW
DeleteFileW
SetFileAttributesW
GetFileSizeEx
SetFilePointer
SetFilePointerEx
SetEndOfFile
GetFileSize
GetFileAttributesExW
RemoveDirectoryW
CopyFileW
GetDiskFreeSpaceExW
GetFileTime
GetCurrentDirectoryW
SetCurrentDirectoryW
FindFirstFileNameW
FindNextFileNameW
GetVolumeInformationW
RtlCaptureContext
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
GetNativeSystemInfo
GetModuleHandleA
GetComputerNameW
GetDriveTypeW
SetLastError
TlsAlloc
TlsGetValue
LocalFree
TlsFree
TlsSetValue
LocalAlloc
GetSystemTime
SystemTimeToFileTime
CreateProcessW
TerminateProcess
GetExitCodeProcess
SetThreadExecutionState
GetWindowsDirectoryW
GetProcessId
GetSystemDefaultUILanguage
GetUserDefaultLCID
LoadLibraryExW
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
CreateFileA
DeviceIoControl
FormatMessageW
QueryFullProcessImageNameW
GetModuleHandleExW
K32GetProcessImageFileNameW
RtlLookupFunctionEntry
RtlVirtualUnwind
GetThreadContext
CreateFileMappingA
SetThreadPriority
ResetEvent
WaitForMultipleObjects
FileTimeToSystemTime
GetProcessIoCounters
SuspendThread
ResumeThread
K32GetModuleInformation
K32EnumProcessModules
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetEnvironmentVariableA
GetSystemTimeAsFileTime
SleepEx
MoveFileExW
GetStdHandle
PeekNamedPipe
GetFileType
WaitForSingleObjectEx
OutputDebugStringA
FormatMessageA
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCommandLineW
SetHandleInformation
AssignProcessToJobObject
CreatePipe
GetThreadPriority
GetThreadId
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
CreateDirectoryW
FlushViewOfFile
GetModuleHandleExA
ReleaseSRWLockShared
AcquireSRWLockShared
SetFileTime
Process32FirstW

user32

EnableWindow
GetSystemMetrics
MonitorFromPoint
GetMonitorInfoW
SetFocus
GetForegroundWindow
FlashWindowEx
GetFocus
MonitorFromWindow
PostMessageW
GetClassNameW
GetCursorPos
ScreenToClient
GetDoubleClickTime
IsWindow
GetClipboardFormatNameW
ReleaseCapture
MapWindowPoints
GetIconInfo
DestroyIcon
CharNextW
WindowFromPoint
GetActiveWindow
SendInput
SetCursorPos
SystemParametersInfoW
GetWindow
GetParent
OpenClipboard
EmptyClipboard
RegisterClipboardFormatW
CloseClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
MoveWindow
LoadImageW
FindWindowW
ShowWindow
wsprintfW
MonitorFromRect
GetWindowLongW
SetWindowLongW
GetClientRect
GetDesktopWindow
IsWindowEnabled
GetWindowTextW
ClientToScreen
EnumWindows
SwitchToThisWindow
InvalidateRect
GetCaretPos
GetWindowTextA
GetClassNameA
GetPropW
SetPropW
DefWindowProcW
UnregisterClassW
RegisterClassExW
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageW
GetKeyState
SetForegroundWindow
FindWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
EqualRect
SetWindowRgn
mouse_event
GetLastInputInfo
RegisterClassW
SetWindowLongPtrW
AttachThreadInput
EnumDisplayMonitors
GetSysColor
SetActiveWindow
GetShellWindow
GetAncestor
GetLastActivePopup
EnumChildWindows
GetWindowDC
PrintWindow
BeginPaint
FillRect
EndPaint
IsHungAppWindow
FindWindowA
FindWindowExA
InflateRect
SetWindowTextW
GetWindowTextLengthW
DrawTextW
GetAsyncKeyState
GetClassInfoExW
CallWindowProcW
IsRectEmpty
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
LoadCursorFromFileW
SetClassLongPtrW
GetCursorInfo
CopyIcon
DrawIconEx
LoadIconW
OffsetRect
MessageBoxW
GetGuiResources
GetQueueStatus
MsgWaitForMultipleObjectsEx
PeekMessageW
SystemParametersInfoA
GetProcessWindowStation
GetUserObjectInformationW
InvalidateRgn
ShowCaret
HideCaret
CreateCaret
SetCaretPos
SetRectEmpty
DrawIcon
CreateAcceleratorTableW
NotifyWinEvent
LoadStringW
LoadStringA
IntersectRect
LoadCursorW
SetCursor
PtInRect
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsZoomed
IsIconic
KillTimer
GetWindowRect
IsWindowVisible
UpdateLayeredWindow
SetWindowPos
SendMessageW
SetTimer
SendMessageTimeoutW
DestroyWindow
ReleaseDC
GetDC
CreateWindowExW
PostQuitMessage
BringWindowToTop
UnionRect
wvsprintfW
SetWindowPlacement
GetUpdateRect
EnumDisplaySettingsW
GetWindowLongPtrW
ValidateRect
SetCapture
GetMessageExtraInfo
SetLayeredWindowAttributes
UpdateWindow
GetWindowThreadProcessId
GetWindowPlacement

gdi32

GetCurrentObject
GetDeviceCaps
DeleteObject
SetWorldTransform
SetGraphicsMode
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
GdiFlush
CreateFontIndirectW
CreateFontIndirectA
GetTextMetricsA
GetOutlineTextMetricsA
GetTextExtentPointI
GetGlyphOutlineW
GetTextFaceA
GetFontUnicodeRanges
GetGlyphIndicesW
GetFontData
GetCharABCWidthsA
EnumFontFamiliesExA
RemoveFontMemResourceEx
AddFontMemResourceEx
CreateSolidBrush
CreatePenIndirect
SaveDC
RestoreDC
ExtSelectClipRgn
SelectClipRgn
SetBkColor
GetTextExtentPointW
GetTextColor
TextOutW
GetTextMetricsW
MoveToEx
LineTo
RoundRect
SetViewportOrgEx
SetWindowOrgEx
PatBlt
RectInRegion
CreatePen
CreateDIBitmap
GetStockObject
SetStretchBltMode
SetDIBitsToDevice
CreateRectRgn
SetBkMode
SetTextColor
SetDIBColorTable
CreateCompatibleBitmap
CreateRectRgnIndirect
CombineRgn
CreateDCA
SelectPalette
RealizePalette
GetDIBits
Rectangle
GetWorldTransform
GetClipBox
GetClipRgn
CreateRoundRectRgn
BitBlt
StretchBlt
CreateBitmap
StretchDIBits
CreatePolygonRgn
PtInRegion
CreateEllipticRgn
SetTextAlign
GetObjectW
ExtTextOutW

comdlg32

GetOpenFileNameW
ChooseColorW
GetSaveFileNameW
CommDlgExtendedError

advapi32

CryptAcquireContextW
CryptGenRandom
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetCurrentHwProfileW
OpenProcessToken
GetTokenInformation
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
CryptReleaseContext
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
SystemFunction036
OpenTraceW
RegEnumKeyExW
CreateProcessAsUserW
ControlTraceW
StartTraceW
ProcessTrace
RegCreateKeyW

shell32

SHGetKnownFolderPath
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
ExtractIconExW
SHAppBarMessage
SHGetPropertyStoreForWindow
FindExecutableW
SHCreateDirectoryExW
SHFileOperationW
SHCreateItemFromParsingName
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
Shell_NotifyIconW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoCreateInstance
OleUninitialize
OleInitialize
OleLockRunning
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
PropVariantClear
CoInitialize
CoSetProxyBlanket
CoInitializeSecurity
CoCreateFreeThreadedMarshaler
RevokeDragDrop
RegisterDragDrop
CoTaskMemAlloc
CreateStreamOnHGlobal
DoDragDrop
OleSetContainedObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReleaseStgMedium
CoUninitialize
CoInitializeEx
CoCreateGuid

oleaut32

SetErrorInfo
VariantTimeToSystemTime
SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
VariantInit
SafeArrayCreateVector
SysAllocString
SysFreeString
VariantClear
GetErrorInfo
SystemTimeToVariantTime
SysStringLen
SafeArrayAccessData

gdiplus

GdipDrawImageRect
GdipTranslateMatrix
GdipRotateMatrix
GdipGetMatrixElements
GdipAlloc
GdipFree
GdipCreateMatrix2
GdipDeleteMatrix
GdipSetMatrixElements
GdipDrawEllipseI
GdipFillEllipse
GdipDrawArcI
GdipDrawLineI
GdipGetPenLineJoin
GdipSetPenLineCap197819
GdipSetPenLineJoin
GdipDrawRectangleI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipRemovePropertyItem
GdipImageRotateFlip
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipSaveImageToFile
GdipSaveImageToStream
GdipGetImageThumbnail
GdipCreateBitmapFromFileICM
GdipDrawImageI
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipLoadImageFromFile
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipLoadImageFromStream
GdipSetSmoothingMode
GdipCreatePen1
GdipDrawEllipse
GdipGetImageEncodersSize
GdipDeletePen
GdipDrawArc
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFillPolygonI
GdipDrawImageRectRectI
GdipCreateMatrix
GdipSetWorldTransform
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipSetPenColor
GdipBitmapLockBits
GdipCreateBitmapFromGdiDib
GdipGetImageGraphicsContext
GdipFillRectangleI

shlwapi

PathIsDirectoryW
StrCmpW
SHCreateStreamOnFileEx
AssocQueryStringW
AssocQueryStringA
PathRemoveFileSpecW
PathCombineW
StrCatW
PathFindExtensionW
StrStrIW
PathFileExistsW

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow

ws2_32

WSAEnumNetworkEvents
getsockopt
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSASetEvent
WSASetLastError
WSAIoctl
__WSAFDIsSet
connect
WSACloseEvent
ioctlsocket
gethostname
WSAGetLastError
WSASocketW
accept
getsockname
WSACreateEvent
inet_ntoa
gethostbyname
inet_addr
htonl
ntohl
WSACleanup
listen
send
recv
getpeername
getnameinfo
freeaddrinfo
bind
getaddrinfo
shutdown
select
inet_ntop
ntohs
sendto
htons
closesocket
setsockopt
recvfrom
WSAStartup
socket

urlmon

URLDownloadToFileW

crypt32

CertOpenStore
CertOpenSystemStoreW
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertGetEnhancedKeyUsage
CertFindCertificateInStore
CertGetIntendedKeyUsage

msimg32

AlphaBlend

psapi

GetProcessMemoryInfo

winhttp

WinHttpOpen
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpCloseHandle

winmm

mixerClose
waveOutMessage
timeSetEvent
timeKillEvent
waveInGetDevCapsW
waveOutUnprepareHeader
waveOutGetVolume
waveOutSetVolume
waveOutGetDevCapsW
waveOutClose
waveOutReset
waveOutOpen
waveInClose
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutGetNumDevs
PlaySoundW
timeGetTime
timeBeginPeriod
waveInPrepareHeader
mixerSetControlDetails
waveInMessage
waveInGetNumDevs
waveInUnprepareHeader
timeEndPeriod
waveInAddBuffer
waveInStart
waveInReset
waveInStop
mixerGetDevCapsW
mixerOpen
mixerGetLineInfoW
mixerGetLineControlsW
waveOutRestart
mixerGetControlDetailsW
waveInOpen

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
GetAllUsersProfileDirectoryW

iphlpapi

NotifyAddrChange
GetIpForwardTable
GetIpAddrTable
GetAdaptersInfo
GetAdaptersAddresses
GetExtendedTcpTable
GetTcpTable
GetNetworkParams

bcrypt

BCryptGenRandom

comctl32

_TrackMouseEvent
ord17

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetGetConnectedState

imagehlp

SymFromAddr
SymSetOptions
SymInitialize
SymGetLineFromAddr64

oleacc

LresultFromObject
CreateStdAccessibleObject

dbghelp

SymSetSearchPathW
SymGetSearchPathW

wldap32

ord41
ord14
ord147
ord79
ord27
ord26
ord216
ord46
ord117
ord301
ord219
ord133
ord208
ord167
ord142
ord127
ord145

dxgi

CreateDXGIFactory1

andromeda

quic_destroy_breaker
quic_create_breaker
quic_strerror
quic_lasterror
quic_is_connect_confirmed
quic_is_0rtt_connected
quic_is_breaked
quic_getownerfd
quic_createstream
quic_close
quic_recv
quic_set_certverify_callback
quic_logger_forward
quic_set_logger_level
quic_poll
quic_block_send
??0HttpCronetContextBuilder@@QEAA@XZ
??1HttpCronetContextBuilder@@UEAA@XZ
?Build@HttpCronetContextBuilder@@QEAAXAEBUHttpParams@1@@Z
?AddHostMap@HttpCronetContextBuilder@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AEBH@Z
?NotifyEffectiveConnectionTypeChanged@HttpCronetContextBuilder@@UEAAXH@Z
?NotifyOnRTTObservation@HttpCronetContextBuilder@@UEAAXHHHH@Z
?NotifyOnRTTOrThroughputEstimatesComputed@HttpCronetContextBuilder@@UEAAXHHH@Z
?NotifyOnThroughputObservation@HttpCronetContextBuilder@@UEAAXHHH@Z
quic_disable_0rtt
quic_overlap_connect
quic_getpeername
quic_getsockname
quic_send
quic_get_connectinfo
quic_stream_error
quic_hybird_poll
quic_wakeup_breaker
quic_getcsid

Exports

Exports

??0IChannelLogWriter@@QEAA@$$QEAV0@@Z
??0IChannelLogWriter@@QEAA@AEBV0@@Z
??0IChannelLogWriter@@QEAA@XZ
??4IChannelLogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4IChannelLogWriter@@QEAAAEAV0@AEBV0@@Z
??4ILogWriter@@QEAAAEAV0@$$QEAV0@@Z
??4ILogWriter@@QEAAAEAV0@AEBV0@@Z
??_7IChannelLogWriter@@6B@
GetHandleVerifier
ShouldDoUpdate
SignWith3Des
StartWechat
TlsGetData
TlsStoreData
VerifyDllReport
WechatLog
__ASSERT

Sections

.text
Size: 70.3MB - Virtual size: 70.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15.4MB - Virtual size: 15.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IPPDATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.G2?
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 683KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[3.9.11.25]/WeUIResource.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:ca:d6:97:eb:6a:e2:76:20:31:be:69:cf:45:6e:f3:8a:cf:be:32:ca:26:85:d1:6d:93:21:f4:c1:bc:3e:4c
Signer

Actual PE Digest

20:ca:d6:97:eb:6a:e2:76:20:31:be:69:cf:45:6e:f3:8a:cf:be:32:ca:26:85:d1:6d:93:21:f4:c1:bc:3e:4c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Tools\agent\workspace\MicroMsgWindowsV3911\WeUIEngine\Release\x64\WeUIResource.pdb

Sections

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[3.9.11.25]/WechatAppLauncher.exe
.exe windows:5 windows x86 arch:x86

373e31b0791057247a341163861d6fe2

Code Sign

01:ea:62:e4:43:cb:22:50:c8:70:ff:6b:b1:3b:a9:8e
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14/01/2020, 00:00

Not After

20/01/2021, 12:00

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:6e:de:36:46:25:fc:c0:ef:95:5e:52:d2:f2:d2:b2
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2020, 00:00

Not After

20/01/2021, 12:00

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a2:fa:e5:26:b4:1a:c9:27:84:77:86:bc:1e:95:43:15:1e:b4:fe:29:d9:26:5d:74:ab:d7:6f:71:eb:20:53:dd
Signer

Actual PE Digest

a2:fa:e5:26:b4:1a:c9:27:84:77:86:bc:1e:95:43:15:1e:b4:fe:29:d9:26:5d:74:ab:d7:6f:71:eb:20:53:dd

Digest Algorithm

sha256

PE Digest Matches

true

18:1e:8c:c4:b0:c8:22:3b:a2:20:bf:21:3b:d7:94:ea:07:1c:55:4f
Signer

Actual PE Digest

18:1e:8c:c4:b0:c8:22:3b:a2:20:bf:21:3b:d7:94:ea:07:1c:55:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\work\MicroMsgWindows-svn\tools\WechatAppLauncher\Release\WechatAppLauncher.pdb

Imports

kernel32

WideCharToMultiByte
DecodePointer
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetProcAddress
EncodePointer
RaiseException
GetLastError
RtlUnwind
FreeLibrary
LoadLibraryExW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExW
HeapAlloc
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
MultiByteToWideChar
ExitProcess
GetACP
GetFileType
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
CloseHandle
WaitForSingleObjectEx
CreateThread
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetProcessHeap
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
CreateFileW

user32

BringWindowToTop
FindWindowW
SendMessageW

shell32

ShellExecuteW

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WechatCodec.exe
.exe windows:6 windows x64 arch:x64

0a23d8ef83bde42d9de27c20b558a673

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:b1:6c:09:80:d1:0a:ef:6f:ae:2b:57:6a:74:11:f9:16:06:75:ff:1e:45:1b:7f:3c:49:fe:8d:88:04:00:54
Signer

Actual PE Digest

ad:b1:6c:09:80:d1:0a:ef:6f:ae:2b:57:6a:74:11:f9:16:06:75:ff:1e:45:1b:7f:3c:49:fe:8d:88:04:00:54

Digest Algorithm

sha256

PE Digest Matches

true

2f:6a:62:f5:a8:77:0b:9b:c5:00:23:a4:c4:23:b9:2b:5a:a4:d0:b4
Signer

Actual PE Digest

2f:6a:62:f5:a8:77:0b:9b:c5:00:23:a4:c4:23:b9:2b:5a:a4:d0:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\wechat-windows-dev\out\x64\Release\bin\WechatCodec.pdb

Imports

kernel32

GetLastError
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
WideCharToMultiByte
MapViewOfFile
OutputDebugStringA
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObject
GetFileSizeEx
CreateFileMappingA
ReadFile
FindClose
FindNextFileW
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
MultiByteToWideChar
InitOnceExecuteOnce
CreateFileW
LoadLibraryW
GetProcAddress
GetModuleHandleW
FindResourceW
LoadResource
LockResource
GetModuleHandleA
GetModuleHandleExA
GetModuleFileNameW
GetLocaleInfoEx
GetACP
CreateFileA
CreateFileMappingW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapSize
UnmapViewOfFile
OpenFileMappingW
InitializeCriticalSectionEx
HeapFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
WaitForSingleObjectEx
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
GetFileType
FlushFileBuffers
SetStdHandle
GetStdHandle
WriteFile
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
SetEndOfFile

user32

PostMessageW
SystemParametersInfoW

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/WetypeInstaller.exe
.exe windows:6 windows x64 arch:x64

7a00c2529869d8bc5993444f150e9989

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:94:4b:02:2e:86:95:46:f7:a9:44:d3:f7:ad:08:68:65:10:83:3c:01:b4:f2:d0:61:46:d9:cf:23:2f:c3:e5
Signer

Actual PE Digest

2e:94:4b:02:2e:86:95:46:f7:a9:44:d3:f7:ad:08:68:65:10:83:3c:01:b4:f2:d0:61:46:d9:cf:23:2f:c3:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\code\WeChatPinYin\wxkb\01_mozc\WetypeUpdate\WetypeInstaller\x64\Release\WetypeInstaller.pdb

Imports

ws2_32

WSAIoctl
__WSAFDIsSet
select
htonl
getpeername
ntohs
getsockopt
getsockname
WSAWaitForMultipleEvents
accept
bind
closesocket
setsockopt
htons
listen
WSACreateEvent
getaddrinfo
WSAStartup
WSAEventSelect
socket
connect
WSAResetEvent
WSACloseEvent
WSASetLastError
send
WSACleanup
inet_pton
inet_ntop
recv
WSAEnumNetworkEvents
freeaddrinfo
ioctlsocket
WSAGetLastError

msimg32

AlphaBlend

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertOpenSystemStoreW
CertOpenStore

ktmw32

CreateTransaction
CommitTransaction

kernel32

TerminateProcess
FindClose
UnmapViewOfFile
CreateFileA
TlsAlloc
QueryPerformanceFrequency
CreateFileMappingA
GetCurrentProcessId
TlsGetValue
TlsFree
CreateEventA
MapViewOfFile
QueryPerformanceCounter
GetModuleHandleA
CreateDirectoryW
SetFilePointer
DuplicateHandle
GetFileType
DosDateTimeToFileTime
OutputDebugStringA
GetModuleHandleExW
SetLastError
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
SwitchToFiber
DeleteFiber
CreateFiber
FormatMessageW
ConvertFiberToThread
ConvertThreadToFiber
RtlVirtualUnwind
LoadLibraryA
FindFirstFileW
FindNextFileW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
MoveFileExW
WaitForSingleObjectEx
CompareFileTime
GetEnvironmentVariableA
SleepEx
VerSetConditionMask
VerifyVersionInfoW
SwitchToThread
GetThreadId
CreateSemaphoreA
ReleaseSemaphore
LocalFree
FormatMessageA
SetEndOfFile
GetSystemInfo
MapViewOfFileEx
DeleteFileW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
RemoveDirectoryW
SetFileAttributesW
SetFilePointerEx
WriteFile
SetWaitableTimer
GetLogicalProcessorInformation
CreateWaitableTimerW
OpenEventA
WaitForMultipleObjectsEx
AreFileApisANSI
OpenProcess
OpenEventW
CancelIo
ReleaseMutex
GetOverlappedResult
GetNamedPipeServerProcessId
WaitNamedPipeW
SetFileCompletionNotificationModes
CreateProcessW
QueryInformationJobObject
SetInformationJobObject
AssignProcessToJobObject
CreateJobObjectW
LocalAlloc
GetSystemTimes
GetProcessTimes
GetShortPathNameW
K32GetProcessImageFileNameW
MoveFileW
GetFileAttributesTransactedW
SetFileAttributesTransactedW
MoveFileTransactedW
ProcessIdToSessionId
GetFinalPathNameByHandleW
LoadLibraryExW
GetExitCodeThread
CreateFileMappingW
InitializeSRWLock
WakeConditionVariable
InitializeConditionVariable
SleepConditionVariableSRW
GetStdHandle
TlsSetValue
VirtualAlloc
GetFileSizeEx
SetConsoleCtrlHandler
IsDebuggerPresent
OutputDebugStringW
WakeAllConditionVariable
SleepConditionVariableCS
GetStringTypeW
FindFirstFileExW
CreateHardLinkW
GetFileInformationByHandleEx
GetLocaleInfoEx
InitOnceComplete
RtlUnwind
InitOnceBeginInitialize
EncodePointer
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
ReadFile
GetFileSize
CreateFileW
GetVersionExW
ExitProcess
GetCurrentDirectoryW
GetModuleFileNameW
FindResourceExW
LockResource
MulDiv
GetACP
FreeLibrary
GetProcAddress
LoadLibraryW
CreateMutexW
GlobalUnlock
GlobalLock
FindResourceW
LoadResource
GlobalFree
GlobalAlloc
FreeResource
SizeofResource
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
WideCharToMultiByte
GetUserDefaultLCID
GetTimeZoneInformation
GetSystemDirectoryW
WaitForSingleObject
GetCurrentProcess
CreateThread
TerminateThread
ResetEvent
CloseHandle
GetCurrentThread
SetEvent
Sleep
CreateEventW
ResumeThread
WaitForMultipleObjects
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
GetSystemTime
SystemTimeToFileTime
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
GetLocalTime
HeapAlloc
RaiseException
HeapReAlloc
GetDiskFreeSpaceExW
GetLastError
MultiByteToWideChar
HeapSize
GetCurrentThreadId
InitializeCriticalSectionEx
HeapFree
LCMapStringEx
CompareStringEx
GetCPInfo
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
RtlUnwindEx
InterlockedPushEntrySList
RtlPcToFileHeader
ExitThread
FreeLibraryAndExitThread
FlushFileBuffers
GetDriveTypeW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetStdHandle
GetConsoleOutputCP
SetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
DeviceIoControl

user32

GetWindowLongPtrW
GetClassInfoExW
LoadImageW
SetWindowLongPtrW
GetClassNameW
GetWindowPlacement
SetLayeredWindowAttributes
MonitorFromWindow
CharNextW
ReleaseCapture
SetCapture
DispatchMessageW
TranslateMessage
GetMessageW
MapWindowPoints
SetActiveWindow
GetWindow
GetActiveWindow
GetFocus
ValidateRect
GetCaretPos
GetGUIThreadInfo
InvalidateRect
FillRect
IsRectEmpty
EndPaint
BeginPaint
GetUpdateRect
MoveWindow
CallWindowProcW
GetKeyState
MessageBoxW
wvsprintfW
IntersectRect
InflateRect
OffsetRect
GetPropW
LoadAcceleratorsW
SetPropW
GetWindowLongW
GetDC
IsWindowVisible
EqualRect
CreateCaret
ShowCaret
HideCaret
SetCaretPos
GetSysColor
DrawTextW
SetWindowRgn
ClientToScreen
LoadCursorW
SetCursor
SetWindowLongW
GetClientRect
IsZoomed
UpdateLayeredWindow
ReleaseDC
GetCursorPos
SetTimer
KillTimer
DefWindowProcW
PostMessageW
DestroyWindow
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
NotifyWinEvent
InvalidateRgn
CreateAcceleratorTableW
GetProcessWindowStation
GetParent
CreateWindowExW
RegisterClassW
MonitorFromRect
GetSystemMetrics
ShowWindow
GetMonitorInfoW
SetFocus
GetWindowRect
SetWindowPos
ScreenToClient
SendMessageW
UnregisterClassW
GetUserObjectInformationW
RegisterClassExW
LoadStringW
IsWindow
BringWindowToTop
PostQuitMessage
PtInRect
SetForegroundWindow
IsIconic
EnableWindow

gdi32

RoundRect
GetTextExtentPoint32W
TextOutW
GetCharABCWidthsW
GetBkColor
FillRgn
GetTextColor
LineTo
MoveToEx
CreatePenIndirect
ExtTextOutW
StretchBlt
ExtSelectClipRgn
GetClipRgn
GetClipBox
SelectClipRgn
SetBkMode
CombineRgn
DeleteObject
GetObjectW
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
SetViewportOrgEx
GetStockObject
CreateFontIndirectW
CreatePen
CreateSolidBrush
SaveDC
RestoreDC
BitBlt
Rectangle
SetWindowOrgEx
GetTextMetricsW
CreateRoundRectRgn
SetGraphicsMode
SetWorldTransform
SetStretchBltMode
GetObjectA
SetTextColor
GetCharABCWidthsFloatW
SetBkColor

advapi32

GetUserNameW
EqualSid
SetTokenInformation
SetEntriesInAclW
CreateWellKnownSid
CopySid
ConvertStringSidToSidW
CreateRestrictedToken
SetThreadToken
CreateProcessAsUserW
GetTokenInformation
DuplicateToken
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetKernelObjectSecurity
GetLengthSid
DuplicateTokenEx
GetSidSubAuthority
OpenThreadToken
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetKnownFolderPath
SHGetSpecialFolderLocation
ShellExecuteW

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
VariantClear
VariantInit
SysStringLen

shlwapi

PathFileExistsW
AssocQueryStringA

gdiplus

GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDrawImageI
GdiplusStartup
GdipCreateFromHDC
GdipCreateMatrix2
GdipDeleteMatrix
GdipSetWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipGetImageHeight
GdipBitmapSetPixel
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipSetTextRenderingHint
GdiplusShutdown
GdipDrawString
GdipCloneBrush
GdipDeleteBrush
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipDrawImageRectI
GdipCreateStringFormat

imm32

ImmGetContext
ImmSetCompositionWindow
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionFontW
ImmAssociateContextEx

winmm

timeGetTime

comctl32

_TrackMouseEvent
ord17

oleacc

LresultFromObject
CreateStdAccessibleObject

bcrypt

BCryptGenRandom

dbghelp

SymFromAddr

Exports

Exports

__ASSERT

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/andromeda.dll
.dll windows:6 windows x64 arch:x64

3e31527385d53dc75970eaf7f4c75d9d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ed:f4:83:2f:cb:f7:79:27:0f:80:ff:ae:63:8c:37:9c:9f:13:eb:6c:d6:ee:c1:3d:e3:ec:2d:7a:c4:5b:4a:7b
Signer

Actual PE Digest

ed:f4:83:2f:cb:f7:79:27:0f:80:ff:ae:63:8c:37:9c:9f:13:eb:6c:d6:ee:c1:3d:e3:ec:2d:7a:c4:5b:4a:7b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\xwechat\agent\workspace\andromeda_win_wconan\wconan_build\cmake\windows-x64\default\Release\shared\cmake\Release\andromeda.pdb

Imports

kernel32

CopyFileW
MoveFileW
MoveFileExW
ReplaceFileW
OutputDebugStringA
GetCurrentProcessId
GetLocalTime
GetTickCount
FormatMessageA
DuplicateHandle
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
FreeLibrary
LoadLibraryExW
LoadLibraryW
GetProcessTimes
GlobalMemoryStatusEx
TerminateProcess
WaitForSingleObject
RtlLookupFunctionEntry
RtlVirtualUnwind
ExpandEnvironmentStringsW
CreateEventW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
SetThreadPriority
GetThreadPriority
GetSystemTimeAsFileTime
QueryThreadCycleTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
PeekNamedPipe
CancelIo
WaitForMultipleObjects
GetCurrentThreadId
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
SetEvent
ResetEvent
GetDiskFreeSpaceExW
CreateThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetTempPathW
GetVersionExW
GetNativeSystemInfo
UnmapViewOfFile
RegisterWaitForSingleObject
FormatMessageW
GlobalFree
InitializeSRWLock
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
InitializeCriticalSection
DeleteCriticalSection
FlushFileBuffers
GetFileInformationByHandle
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
SetFilePointer
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapSize
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStdHandle
HeapAlloc
HeapFree
ReadConsoleW
GetTimeZoneInformation
GetDriveTypeW
GetProcessHeap
GetConsoleMode
GetConsoleOutputCP
GetFileType
SetStdHandle
GetFullPathNameW
ExitProcess
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
WriteFile
SetFileAttributesW
RemoveDirectoryW
ReadFile
GetLongPathNameW
GetFileAttributesExW
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
SetLastError
GetFileAttributesW
FindNextFileW
FindFirstFileExW
FindClose
SetEnvironmentVariableW
UnhandledExceptionFilter
RtlCaptureContext
GetCPInfo
GetStringTypeW
MapViewOfFile
CreateFileMappingW
UnregisterWaitEx
CloseHandle
GetCurrentThread
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
GetModuleHandleExW
IsDebuggerPresent
GetThreadId
LocalFree
GetCommandLineW
GetModuleFileNameW
GetWindowsDirectoryW
GetSystemDirectoryW
ReleaseSRWLockExclusive
RaiseException
GetProcAddress
GetModuleHandleW
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
DecodePointer
EncodePointer
WaitForSingleObjectEx
SleepConditionVariableCS
RtlPcToFileHeader
TryEnterCriticalSection
InitializeCriticalSectionEx

user32

MsgWaitForMultipleObjectsEx
GetQueueStatus
PostQuitMessage
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
SetWindowLongPtrW
GetWindowLongPtrW
DestroyWindow
CreateWindowExW
KillTimer
RegisterClassExW
UnregisterClassW
SetTimer
DefWindowProcW

shell32

CommandLineToArgvW
SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoTaskMemFree

advapi32

RegCloseKey
RegCreateKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryValueExW
SystemFunction036

dbghelp

SymInitialize
SymGetLineFromAddr64
SymFromAddr
SymSetSearchPathW
SymSetOptions
SymGetSearchPathW

shlwapi

PathMatchSpecW

iphlpapi

GetAdaptersAddresses

winhttp

WinHttpCloseHandle
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSetTimeouts

crypt32

CertGetCertificateContextProperty
CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertAddEncodedCertificateToStore
CertCompareCertificateName
CryptVerifyCertificateSignatureEx
CryptDecodeObjectEx
CryptInstallOIDFunctionAddress
CertGetIssuerCertificateFromStore
CertDuplicateCertificateContext
CertSetCertificateContextProperty
CertFindExtension
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertCreateCertificateChainEngine

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

ws2_32

getsockopt
WSACloseEvent
WSACreateEvent
socket
WSAEnumNetworkEvents
WSAEventSelect
send
WSASendTo
WSAWaitForMultipleEvents
ioctlsocket
WSAGetLastError
WSAStartup
WSAResetEvent
getaddrinfo
WSARecvFrom
sendto
recvfrom
htonl
getpeername
WSASend
WSAIoctl
WSAGetOverlappedResult
shutdown
recv
freeaddrinfo
closesocket
setsockopt
WSASocketW
accept
bind
connect
getsockname

Exports

Exports

??0?$enable_shared_from_this@VHttpWithCronet@@@std@@IEAA@AEBV01@@Z
??0?$enable_shared_from_this@VHttpWithCronet@@@std@@IEAA@XZ
??0CronetFileTaskRunnerWrapper@@QEAA@AEBV0@@Z
??0CronetFileTaskRunnerWrapper@@QEAA@XZ
??0HttpCronetContextBuilder@@QEAA@AEBV0@@Z
??0HttpCronetContextBuilder@@QEAA@XZ
??0HttpFileTaskWithCronet@@QEAA@XZ
??0HttpResultCallback@@QEAA@AEBV0@@Z
??0HttpResultCallback@@QEAA@XZ
??0HttpWithCronet@@QEAA@AEBV0@@Z
??0HttpWithCronet@@QEAA@XZ
??0NetWorkEstimateCallback@@QEAA@AEBV0@@Z
??0NetWorkEstimateCallback@@QEAA@XZ
??0RequestResultCallback@@QEAA@AEBV0@@Z
??0RequestResultCallback@@QEAA@XZ
??1?$enable_shared_from_this@VHttpWithCronet@@@std@@IEAA@XZ
??1CronetFileTaskRunnerWrapper@@QEAA@XZ
??1HttpCronetContextBuilder@@UEAA@XZ
??1HttpFileTaskWithCronet@@UEAA@XZ
??1HttpResultCallback@@UEAA@XZ
??1HttpWithCronet@@UEAA@XZ
??1NetWorkEstimateCallback@@UEAA@XZ
??1RequestResultCallback@@UEAA@XZ
??4?$enable_shared_from_this@VHttpWithCronet@@@std@@IEAAAEAV01@AEBV01@@Z
??4CronetFileTaskRunnerWrapper@@QEAAAEAV0@AEBV0@@Z
??4HttpCronetContextBuilder@@QEAAAEAV0@AEBV0@@Z
??4HttpResultCallback@@QEAAAEAV0@AEBV0@@Z
??4HttpWithCronet@@QEAAAEAV0@AEBV0@@Z
??4NetWorkEstimateCallback@@QEAAAEAV0@AEBV0@@Z
??4RequestResultCallback@@QEAAAEAV0@AEBV0@@Z
??_7HttpCronetContextBuilder@@6B@
??_7HttpFileTaskWithCronet@@6B@
??_7HttpResultCallback@@6B@
??_7HttpWithCronet@@6B@
??_7NetWorkEstimateCallback@@6B@
??_7RequestResultCallback@@6B@
?AddCustomHostMapRule@HttpCronetContextBuilder@@QEAAXAEBV?$vector@UHostMapRules@HttpCronetContextBuilder@@V?$allocator@UHostMapRules@HttpCronetContextBuilder@@@std@@@std@@@Z
?AddForceQuicOn@HttpCronetContextBuilder@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?AddForceQuicOn@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?AddHeader@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?AddHostMap@HttpCronetContextBuilder@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AEBH@Z
?AddHostMap@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AEBH@Z
?AddHostMapForRequest@HttpCronetContextBuilder@@QEAAXAEBV?$vector@UHostMapRules@HttpCronetContextBuilder@@V?$allocator@UHostMapRules@HttpCronetContextBuilder@@@std@@@std@@@Z
?Build@HttpCronetContextBuilder@@QEAAXAEBUHttpParams@1@@Z
?Cancel@HttpWithCronet@@QEAAXXZ
?ContinueDespiteLastError@HttpWithCronet@@QEAAXXZ
?Destroy@HttpWithCronet@@QEAAXXZ
?GetContext@HttpCronetContextBuilder@@QEAAPEAVCronetURLRequestContext@cronet@@XZ
?GetNetworkProfile@HttpCronetContextBuilder@@QEAAXAEAUNetworkEstimateProfile@1@@Z
?GetParams@HttpCronetContextBuilder@@QEAA?AUHttpParams@1@XZ
?GetTaskRunner@CronetFileTaskRunnerWrapper@@QEAA?AV?$shared_ptr@VThread@base@@@std@@XZ
?GetTimeNow@HttpWithCronet@@QEAA_JXZ
?NotifyEffectiveConnectionTypeChanged@HttpCronetContextBuilder@@UEAAXH@Z
?NotifyEffectiveConnectionTypeChanged@NetWorkEstimateCallback@@UEAAXH@Z
?NotifyOnRTTObservation@HttpCronetContextBuilder@@UEAAXHHHH@Z
?NotifyOnRTTObservation@NetWorkEstimateCallback@@UEAAXHHHH@Z
?NotifyOnRTTOrThroughputEstimatesComputed@HttpCronetContextBuilder@@UEAAXHHH@Z
?NotifyOnRTTOrThroughputEstimatesComputed@NetWorkEstimateCallback@@UEAAXHHH@Z
?NotifyOnThroughputObservation@HttpCronetContextBuilder@@UEAAXHHH@Z
?NotifyOnThroughputObservation@NetWorkEstimateCallback@@UEAAXHHH@Z
?OnCanceled@HttpWithCronet@@UEAAXXZ
?OnDestroy@HttpResultCallback@@UEAAXXZ
?OnDestroy@HttpWithCronet@@UEAAXXZ
?OnError@HttpResultCallback@@UEAA_NHHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?OnError@HttpWithCronet@@UEAAXHHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?OnProfileCollect@HttpResultCallback@@UEAAXAEBUHttpTaskTimeTickProfile@1@_N_J2@Z
?OnReadCompleted@HttpFileTaskWithCronet@@MEAAXPEBXH_J@Z
?OnReadCompleted@HttpWithCronet@@UEAAXPEBXH_J@Z
?OnReceiveData@HttpResultCallback@@UEAA_NPEBD_J1@Z
?OnRedirect@HttpResultCallback@@UEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0AEBV?$multimap@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@3@_N00_J@Z
?OnResponseStart@HttpResultCallback@@UEAA_NAEBV?$multimap@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@_NH111H_J1@Z
?OnResponseStarted@HttpWithCronet@@UEAAXAEBUHttpStatus@RequestResultCallback@@AEBV?$multimap@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@_J@Z
?OnSocketReady@HttpResultCallback@@UEAAXH@Z
?OnSocketReady@HttpWithCronet@@UEAAXH@Z
?OnStop@HttpResultCallback@@UEAAXXZ
?OnSucceed@HttpResultCallback@@UEAAX_J@Z
?OnSucceeded@HttpWithCronet@@UEAAX_J@Z
?OnUploadProgress@HttpResultCallback@@UEAAX_J0@Z
?OnUploadProgress@HttpWithCronet@@UEAAX_J0@Z
?ReceiveMetricsCollected@HttpWithCronet@@UEAAXAEBUHttpTaskTimeTickProfile@HttpResultCallback@@_N_J2@Z
?ReceiveRedirect@HttpWithCronet@@UEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0AEBV?$multimap@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@3@_N00_J@Z
?RemoveCustomHostMap@HttpCronetContextBuilder@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetBodyData@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetContext@HttpWithCronet@@QEAAXPEAVCronetURLRequestContext@cronet@@@Z
?SetDiskCachePath@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFilePathAndTaskRunner@HttpFileTaskWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFileTaskRunner@HttpWithCronet@@QEAAXV?$shared_ptr@VCronetFileTaskRunnerWrapper@@@std@@@Z
?SetForbidSocketReuse@HttpWithCronet@@QEAAXXZ
?SetLogHook@HttpWithCronet@@QEAAXP6A_NHPEBD0H_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?SetMethod@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetNetworkEstimateCallback@HttpCronetContextBuilder@@QEAAXPEAVNetWorkEstimateCallback@@@Z
?SetRequestTag@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetResultCallback@HttpWithCronet@@QEAAXV?$shared_ptr@VHttpResultCallback@@@std@@@Z
?SetURL@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetUploadDataLength@HttpWithCronet@@QEAAX_K0@Z
?SetUploadFilePath@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetUploadFormData@HttpWithCronet@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?SetVFSOpenImpl@HttpWithCronet@@QEAAXV?$function@$$A6AHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z@std@@@Z
?StartRequest@HttpFileTaskWithCronet@@UEAAXXZ
?StartRequest@HttpWithCronet@@UEAAXXZ
?Stop@CronetFileTaskRunnerWrapper@@QEAAXXZ
?_AddCustomHostMapRuleInternal@HttpCronetContextBuilder@@AEAAXAEBV?$vector@UHostMapRules@HttpCronetContextBuilder@@V?$allocator@UHostMapRules@HttpCronetContextBuilder@@@std@@@std@@@Z
?_AddHostMapForRequestInternal@HttpCronetContextBuilder@@AEAAXAEBV?$vector@UHostMapRules@HttpCronetContextBuilder@@V?$allocator@UHostMapRules@HttpCronetContextBuilder@@@std@@@std@@@Z
?_BuildRequest@HttpWithCronet@@IEAAXXZ
?_DidStartRequest@HttpFileTaskWithCronet@@AEAAXH@Z
?_DidWriteBuffer@HttpFileTaskWithCronet@@AEAAXV?$scoped_refptr@VDrainableIOBuffer@net@@@@H@Z
?_GetSystemProperty@HttpCronetContextBuilder@@AEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV23@@Z
?_MakeHostMappedRuleString@HttpCronetContextBuilder@@AEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV23@0H@Z
?_MakeOptions@HttpCronetContextBuilder@@AEAAXAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_OpenVFSFileFd@HttpWithCronet@@AEAAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?_ReadData@HttpWithCronet@@IEAAXXZ
?_RemoveCustomHostMapInternal@HttpCronetContextBuilder@@AEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_StartFileDownload@HttpFileTaskWithCronet@@AEAAXXZ
?_Stop@HttpWithCronet@@IEAAXXZ
?_WriteBuffer@HttpFileTaskWithCronet@@AEAAHV?$scoped_refptr@VDrainableIOBuffer@net@@@@@Z
?_WriteData@HttpFileTaskWithCronet@@MEAA_NPEBXH@Z
?_WriteData@HttpWithCronet@@MEAA_NPEBXH@Z
?shared_from_this@?$enable_shared_from_this@VHttpWithCronet@@@std@@QEAA?AV?$shared_ptr@VHttpWithCronet@@@2@XZ
?shared_from_this@?$enable_shared_from_this@VHttpWithCronet@@@std@@QEBA?AV?$shared_ptr@$$CBVHttpWithCronet@@@2@XZ
?weak_from_this@?$enable_shared_from_this@VHttpWithCronet@@@std@@QEAA?AV?$weak_ptr@VHttpWithCronet@@@2@XZ
?weak_from_this@?$enable_shared_from_this@VHttpWithCronet@@@std@@QEBA?AV?$weak_ptr@$$CBVHttpWithCronet@@@2@XZ
CronetLog
GetHandleVerifier
HasSystemHttpProxy
InitCommandLine
InvokeCallbackFunction
SetCertVerify
SetLogProxy
SetLogProxy2
SetProxyIpAndPort
SetUseUserCA
SetUserCertVerify
gss_delete_sec_context
gss_display_name
gss_display_status
gss_import_name
gss_init_sec_context
gss_inquire_context
gss_release_buffer
gss_release_name
gss_wrap_size_limit
quic_accept
quic_bind
quic_block_connect
quic_block_recv
quic_block_send
quic_close
quic_connect
quic_create_breaker
quic_createstream
quic_destroy_breaker
quic_disable_0rtt
quic_disable_encryption
quic_fec_version
quic_get_connectinfo
quic_getcsid
quic_getownerfd
quic_getpeername
quic_getsockname
quic_getsockopt
quic_hybird_poll
quic_is_0rtt_connected
quic_is_breaked
quic_is_connect_confirmed
quic_lasterror
quic_listen
quic_logger_forward
quic_logger_hook
quic_optimized_poll
quic_overlap_connect
quic_poll
quic_recv
quic_reset_breaker
quic_send
quic_set_0rtthost
quic_set_aead
quic_set_alpn
quic_set_certfile
quic_set_certverify_callback
quic_set_clientnetinfo
quic_set_hostmapping
quic_set_kexs
quic_set_keyfile
quic_set_logger_level
quic_setsockopt
quic_shutdown
quic_socket
quic_stream_error
quic_strerror
quic_wakeup_breaker

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

prot
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/cldnn_ns_16k.bin
[3.9.11.25]/directui license.txt
[3.9.11.25]/duilib license.txt
[3.9.11.25]/ilink2.dll
.dll windows:6 windows x64 arch:x64

96da7f837626a5b4e9c36b3026de3e70

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:51:72:cb:6a:64:4f:0e:cf:03:73:3a:f2:4d:3b:a4:5a:3a:28:a6:cb:43:1d:ad:cb:3a:4a:e3:1f:29:9c:20
Signer

Actual PE Digest

d0:51:72:cb:6a:64:4f:0e:cf:03:73:3a:f2:4d:3b:a4:5a:3a:28:a6:cb:43:1d:ad:cb:3a:4a:e3:1f:29:9c:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\.wconan2\ilink\b9f2b5eb_1710318497\wconan_build\cmake\windows-x64\default\Release\shared\cmake\Release\ilink2.pdb

Imports

owl

?set_max_backup_index@file_appender@v7@zlog@@QEAAX_K@Z
?from_hex_string@v7@owl@@YA_NPEBD_KPEAE1@Z
??0log_string@v7@zlog@@QEAA@XZ
?set_max_file_size@file_appender@v7@zlog@@QEAAX_K@Z
??0file_appender@v7@zlog@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?open@mmap_file@v7@owl@@QEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
??1mmap_file@v7@owl@@QEAA@XZ
??0mmap_file@v7@owl@@QEAA@XZ
?detach@buffer@v7@owl@@QEAAPEAXPEA_K@Z
?attach@buffer@v7@owl@@QEAAXPEAX_K@Z
?wmax@buffer@v7@owl@@QEBA_KXZ
?rmax@buffer@v7@owl@@QEBA_KXZ
?seekw@buffer@v7@owl@@QEAAXHW4seek_dir@23@@Z
?seekr@buffer@v7@owl@@QEAAXHW4seek_dir@23@@Z
?read@buffer@v7@owl@@QEAA_KPEAX_K@Z
?write@buffer@v7@owl@@QEAAAEAV123@_KAEBV123@@Z
?capacity@buffer@v7@owl@@QEBA_KXZ
crc32_hash
?get_page_size@v7@owl@@YA_KXZ
??0buffer@v7@owl@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?from_hex_string@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
??0buffer@v7@owl@@QEAA@PEBX_K@Z
?to_hex_string@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBX_K_N@Z
?ends_with@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?write@buffer@v7@owl@@QEAAAEAV123@AEBV123@@Z
?base64_decode@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBX_K@Z
?write@buffer@v7@owl@@QEAAAEAV123@PEBX_K@Z
?reset@buffer@v7@owl@@QEAAXXZ
?data@buffer@v7@owl@@QEAAPEADXZ
?data@buffer@v7@owl@@QEBAPEBDXZ
?size@buffer@v7@owl@@QEBA_KXZ
??1buffer@v7@owl@@QEAA@XZ
??0buffer@v7@owl@@QEAA@XZ
?mkdir_recursive@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?cancel@promise_impl@v7@owl@@QEAAXXZ
?connect_slot_@signal_base@v7@owl@@IEAAXAEBUfunction_holder@23@PEAVtrackable@23@IPEAVexecutor@23@AEBV?$shared_ptr@X@std@@@Z
?write@v7@zlog@@YAXAEBUlog_entry@12@@Z
?flush@log_manager@v7@zlog@@QEAAXXZ
?set_level@log_manager@v7@zlog@@QEAAXW4log_level@23@@Z
?set_console_enabled@log_manager@v7@zlog@@QEAAX_N@Z
?remove_appender@log_manager@v7@zlog@@QEAAXAEBV?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@Z
?add_appender@log_manager@v7@zlog@@QEAAXAEBV?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@Z
?instance@log_manager@v7@zlog@@SAPEAV123@XZ
?do_write@log_appender_base@v7@zlog@@UEAAXAEBUlog_entry@23@@Z
?set_filter@log_appender_base@v7@zlog@@QEAAXV?$function@$$A6A_NAEBUlog_entry@v7@zlog@@@Z@std@@@Z
??1log_appender_base@v7@zlog@@UEAA@XZ
??0log_appender_base@v7@zlog@@QEAA@XZ
?append@log_string@v7@zlog@@QEAAAEAV123@PEBD_K@Z
?append@log_string@v7@zlog@@QEAAAEAV123@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
get_owl_version
?join_path@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z
?get_current_time@v7@owl@@YA_KXZ
?create_looper@v7@owl@@YAPEAVlooper@12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6AXXZ@5@@Z
?join@looper@v7@owl@@QEAAXXZ
?quit@looper@v7@owl@@QEAAXXZ
?add_task_wrapper_@dispatcher_base@v7@owl@@AEAA_KW4task_type@23@PEAVcallable@23@II@Z
?hex@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?traverse_file@v7@owl@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_KAEBV?$function@$$A6A_NAEBVfile_info@v7@owl@@@Z@4@@Z
?starts_with@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_K@Z
?remove_file@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?basename@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?write_file@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?md5_hash@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?get_random_string@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
?get_false@log_object@v7@zlog@@SAAEAV123@XZ
?get_true@log_object@v7@zlog@@SAAEAV123@XZ
?append@log_string@v7@zlog@@QEAAAEAV123@PEBD@Z
?get_iterator_@signal_base@v7@owl@@KA?AV?$slist_iterator@Uslot_function@v7@owl@@@23@PEAUsignal_data@23@@Z
?get_mutex_@signal_base@v7@owl@@KAAEAVrecursive_mutex@std@@PEAUsignal_data@23@@Z
?after_invoke_@signal_base@v7@owl@@KAXAEAV?$unique_lock@Vrecursive_mutex@std@@@std@@PEAUsignal_data@23@@Z
?before_invoke_@signal_base@v7@owl@@KA_NPEAUsignal_data@23@@Z
?delete_slot_@signal_base@v7@owl@@IEAAXAEAUslot_function@23@@Z
?disconnect@signal_base@v7@owl@@UEAAXPEBX@Z
??1signal_base@v7@owl@@UEAA@XZ
??0signal_base@v7@owl@@QEAA@XZ
??1trackable@v7@owl@@QEAA@XZ
??0trackable@v7@owl@@QEAA@XZ
?append@log_string@v7@zlog@@QEAAAEAV123@D@Z
?base64_encode@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?commit@ini_file@v7@owl@@QEAA_NXZ
?close@ini_file@v7@owl@@QEAAXXZ
?open@ini_file@v7@owl@@QEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1ini_file@v7@owl@@QEAA@XZ
??0ini_file@v7@owl@@QEAA@XZ
?create_directory@v7@owl@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?del@ini_file@v7@owl@@QEAAAEAV123@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set@ini_file@v7@owl@@QEAAAEAV123@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?make_promise@v7@owl@@YA?AVpromise@12@V?$function@$$A6AXVdeferred@v7@owl@@@Z@std@@@Z
?get@ini_file@v7@owl@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV45@0@Z
?base64_decode@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?make_promise@v7@owl@@YA?AVpromise@12@PEAVexecutor@12@V?$function@$$A6AXVdeferred@v7@owl@@@Z@std@@@Z
?cancel@weak_promise@v7@owl@@QEBAXXZ
?set_on_cancel_@promise_impl@v7@owl@@AEAAX$$QEAV?$function@$$A6AXXZ@std@@@Z
?try_resolve_reject@promise_impl@v7@owl@@AEAAXXZ
?resolve@promise_impl@v7@owl@@QEAAX$$QEAVtuple_any@23@@Z
??1promise_impl@v7@owl@@QEAA@XZ
??0promise_impl@v7@owl@@QEAA@XZ
??0promise_node@v7@owl@@QEAA@PEAVexecutor@12@@Z
?what@bad_any_cast@v7@owl@@UEBAPEBDXZ
??1scoped_log_impl@v7@zlog@@QEAA@XZ
??0scoped_log_impl@v7@zlog@@QEAA@_NW4log_level@12@PEBD22H2AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1log_object@v7@zlog@@QEAA@XZ
??0log_object@v7@zlog@@QEAA@PEAVlog_manager@12@PEBD_NW4log_level@12@111HW4destroy_action@12@@Z
?instance@log_manager@v7@zlog@@SAPEAV123@W4log_level@23@@Z
?append_format_typesafe_impl_@log_string@v7@zlog@@AEAA_NPEBD0PEBVvariant@23@_K@Z
?unused@v7@zlog@@YAAEBUunused_t@12@XZ

ws2_32

WSACleanup
WSASetLastError
inet_ntoa
socket
connect
freeaddrinfo
getaddrinfo
getsockname
getpeername
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSACreateEvent
select
__WSAFDIsSet
ioctlsocket
closesocket
ntohs
ntohl
WSAGetLastError
setsockopt
send
recv
getsockopt
htons
htonl
inet_addr
sendto
WSAEnumNetworkEvents
recvfrom
WSASetEvent
WSACloseEvent

kernel32

ReadFile
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
RtlUnwindEx
InterlockedFlushSList
InterlockedPushEntrySList
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
InitializeSListHead
GetStringTypeW
GetLocaleInfoEx
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
ExitProcess
InitOnceComplete
InitOnceBeginInitialize
GetExitCodeThread
QueryPerformanceFrequency
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
RaiseException
RtlPcToFileHeader
GetConsoleOutputCP
SetConsoleCtrlHandler
PeekNamedPipe
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
GetDateFormatW
GetTimeFormatW
LCMapStringW
CompareStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetFileSizeEx
HeapReAlloc
SetStdHandle
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
HeapSize
GetFullPathNameW
GetSystemTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
LoadLibraryW
LoadLibraryA
FreeLibrary
ConvertThreadToFiber
ConvertFiberToThread
QueryPerformanceCounter
FormatMessageA
CloseHandle
WaitForSingleObject
SwitchToThread
CreateThread
GetCurrentThreadId
GetThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
GetSystemTimeAsFileTime
CreateSemaphoreA
CreateEventA
GetModuleHandleA
GetTickCount
WaitForSingleObjectEx
ReleaseSemaphore
DuplicateHandle
GetProcAddress
GetCurrentProcess
SetEvent
FormatMessageW
MultiByteToWideChar
GetCurrentProcessId
LocalFree
CreateFileA
CreateFileW
GetFileSize
SetEndOfFile
SetFilePointer
GetLastError
SetLastError
MapViewOfFileEx
UnmapViewOfFile
CreateFileMappingA
GetEnvironmentVariableW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
RtlUnwind
RemoveDirectoryW
SetFilePointerEx
DeviceIoControl
GetModuleHandleW
MoveFileExW
SetWaitableTimer
CreateWaitableTimerW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SystemTimeToFileTime
OpenEventA
WaitForMultipleObjectsEx
ResetEvent
GetProcessHeap
HeapAlloc
HeapFree
WideCharToMultiByte
OpenThread
AreFileApisANSI
GetModuleHandleExW
GetStdHandle
GetFileType
WriteFile
InitializeCriticalSectionAndSpinCount
SwitchToFiber
DeleteFiber
CreateFiber

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

advapi32

CryptAcquireContextA
CryptGenRandom
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptReleaseContext

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore

iphlpapi

GetNetworkParams
GetAdaptersAddresses

wininet

InternetGetConnectedState

bcrypt

BCryptGenRandom

Exports

Exports

CreateIlinkNetwork
CreateNetworkManager
CreateNetworkManagerBridge
CreateNetworkManagerNoSTL
CreateTdiManager
DeleteIlinkNetwork
DestroyNetworkManager
DestroyNetworkManagerBridge
DestroyNetworkManagerNoSTL
DestroyTdiManager
GetContext
GetContextBridge
GetContextNoSTL
GetIlinkDeviceInterface
GetIlinkXlogInterface
GetLogManager
GetLogManagerBridge
GetLogManagerNoSTL
__ASSERT

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 186KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/libEGL.dll
.dll windows:5 windows x64 arch:x64

403d8cc0d31f841d5bbf6b82c1ea957d

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:8d:c7:6a:25:56:67:52:88:6a:c5:de:9a:9a:30:a0:c8:8e:f1:57:3b:cd:65:49:8c:b5:69:44:ca:46:7e:ab
Signer

Actual PE Digest

6f:8d:c7:6a:25:56:67:52:88:6a:c5:de:9a:9a:30:a0:c8:8e:f1:57:3b:cd:65:49:8c:b5:69:44:ca:46:7e:ab

Digest Algorithm

sha256

PE Digest Matches

true

ff:f1:ff:01:f0:87:20:12:19:a5:ea:04:1b:a1:1d:29:19:49:7a:9d
Signer

Actual PE Digest

ff:f1:ff:01:f0:87:20:12:19:a5:ea:04:1b:a1:1d:29:19:49:7a:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libEGL.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreateNativeClientBufferANDROID
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglExportVkImageANGLE
eglGetCompositorTimingANDROID
eglGetCompositorTimingSupportedANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetFrameTimestampSupportedANDROID
eglGetFrameTimestampsANDROID
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetNextFrameIdANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglHandleGPUSwitchANGLE
eglInitialize
eglLabelObjectKHR
eglLockSurfaceKHR
eglMakeCurrent
eglPostSubBufferNV
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurface64KHR
eglQuerySurfacePointerANGLE
eglReacquireHighPowerGPUANGLE
eglReleaseDeviceANGLE
eglReleaseHighPowerGPUANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglSignalSyncKHR
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapBuffersWithFrameTokenANGLE
eglSwapInterval
eglTerminate
eglUnlockSurfaceKHR
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/libFFmpeg.dll
.dll windows:6 windows x64 arch:x64

20cb46b345a7c23ccb87756db4f44a21

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:57:50:d0:43:24:c4:5d:0b:da:b7:86:d1:62:d9:5d:ff:1d:74:4e:36:f5:ce:67:b7:1b:09:66:78:8d:0d:47
Signer

Actual PE Digest

b2:57:50:d0:43:24:c4:5d:0b:da:b7:86:d1:62:d9:5d:ff:1d:74:4e:36:f5:ce:67:b7:1b:09:66:78:8d:0d:47

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\xwechat\agent\workspace\translib_win_test\msvc\x64\libFFmpeg.pdb

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadFile
ReadConsoleW
OutputDebugStringW
CreateFileW
CloseHandle
WriteConsoleW
SystemTimeToTzSpecificLocalTime
RtlUnwind
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExA
GetSystemDirectoryW
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetProcessAffinityMask
MoveFileExW
MoveFileExA
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeSRWLock
InitOnceComplete
InitOnceBeginInitialize
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetFileAttributesExW
QueryPerformanceFrequency
SetEndOfFile
GetTimeZoneInformation
GetCurrentDirectoryW
GetFullPathNameW
HeapQueryInformation
FileTimeToSystemTime

ws2_32

ioctlsocket
select
shutdown
send
recv
sendto
recvfrom
gethostname
htons
getsockname
getpeername
WSAGetLastError
WSACleanup
WSAStartup
socket
setsockopt
ntohl
listen
getsockopt
connect
closesocket
bind
accept
getnameinfo
freeaddrinfo
getaddrinfo
__WSAFDIsSet
ntohs

secur32

ApplyControlToken
QueryContextAttributesW
AcquireCredentialsHandleW
FreeCredentialsHandle
InitializeSecurityContextW
DecryptMessage
EncryptMessage
FreeContextBuffer
DeleteSecurityContext

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

libwxcodec

vcodec2_api_get
WxH264Encoder_getHeaders
WxH264Encoder_encode
WxH264Encoder_close
WxH264Encoder_init

user32

GetDesktopWindow

ole32

CoTaskMemFree

Exports

Exports

av_abuffersink_params_alloc
av_ac3_parse_header
av_add_i
av_add_index_entry
av_add_q
av_add_stable
av_adler32_update
av_adts_header_parse
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_append_packet
av_append_path_component
av_apply_bitstream_filters
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_next
av_bsf_receive_packet
av_bsf_send_packet
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_unref
av_buffersink_get_channel_layout
av_buffersink_get_channels
av_buffersink_get_format
av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_get_h
av_buffersink_get_hw_frames_ctx
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_sample_rate
av_buffersink_get_samples
av_buffersink_get_time_base
av_buffersink_get_type
av_buffersink_get_w
av_buffersink_params_alloc
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_frame_flags
av_buffersrc_close
av_buffersrc_get_nb_failed_requests
av_buffersrc_parameters_alloc
av_buffersrc_parameters_set
av_buffersrc_write_frame
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_layout_extract_channel
av_chroma_location_from_name
av_chroma_location_name
av_cmp_i
av_codec_ffversion
av_codec_get_chroma_intra_matrix
av_codec_get_codec_descriptor
av_codec_get_codec_properties
av_codec_get_id
av_codec_get_lowres
av_codec_get_max_lowres
av_codec_get_pkt_timebase
av_codec_get_seek_preroll
av_codec_get_tag
av_codec_get_tag2
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_codec_next
av_codec_set_chroma_intra_matrix
av_codec_set_codec_descriptor
av_codec_set_lowres
av_codec_set_pkt_timebase
av_codec_set_seek_preroll
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_copy_packet
av_copy_packet_side_data
av_cpb_properties_alloc
av_cpu_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_default_get_category
av_default_item_name
av_demuxer_iterate
av_demuxer_open
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirac_parse_sequence_header
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_downmix_info_update_side_data
av_dump_format
av_dup_packet
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_padded_malloc
av_fast_padded_mallocz
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fifo_alloc
av_fifo_alloc_array
av_fifo_drain
av_fifo_free
av_fifo_freep
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_filename_number_test
av_filter_ffversion
av_filter_iterate
av_find_best_pix_fmt_of_2
av_find_best_stream
av_find_default_stream_index
av_find_info_tag
av_find_input_format
av_find_nearest_q_idx
av_find_program_from_stream
av_fmt_ctx_get_duration_estimation_method
av_fopen_utf8
av_force_cpu_flags
av_format_ffversion
av_format_get_audio_codec
av_format_get_control_message_cb
av_format_get_data_codec
av_format_get_metadata_header_padding
av_format_get_opaque
av_format_get_open_cb
av_format_get_probe_score
av_format_get_subtitle_codec
av_format_get_video_codec
av_format_inject_global_side_data
av_format_set_audio_codec
av_format_set_control_message_cb
av_format_set_data_codec
av_format_set_metadata_header_padding
av_format_set_opaque
av_format_set_open_cb
av_format_set_subtitle_codec
av_format_set_video_codec
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_best_effort_timestamp
av_frame_get_buffer
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_color_range
av_frame_get_colorspace
av_frame_get_decode_error_flags
av_frame_get_metadata
av_frame_get_pkt_duration
av_frame_get_pkt_pos
av_frame_get_pkt_size
av_frame_get_plane_buffer
av_frame_get_qp_table
av_frame_get_sample_rate
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_set_best_effort_timestamp
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_color_range
av_frame_set_colorspace
av_frame_set_decode_error_flags
av_frame_set_metadata
av_frame_set_pkt_duration
av_frame_set_pkt_pos
av_frame_set_pkt_size
av_frame_set_qp_table
av_frame_set_sample_rate
av_frame_side_data_name
av_frame_unref
av_free
av_free_packet
av_freep
av_gcd
av_get_alt_sample_fmt
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_pixel
av_get_bits_per_sample
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_codec_tag_string
av_get_colorspace_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_exact_bits_per_sample
av_get_extended_channel_layout
av_get_frame_filename
av_get_frame_filename2
av_get_known_color_name
av_get_media_type_string
av_get_output_timestamp
av_get_packed_sample_fmt
av_get_packet
av_get_padded_bits_per_pixel
av_get_pcm_codec
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_profile_name
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_grow_packet
av_guess_codec
av_guess_format
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hex_dump
av_hex_dump_log
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwaccel_next
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_iformat_next
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_imdct_calc
av_imdct_half
av_index_search_timestamp
av_init_packet
av_int2i
av_int_list_length_for_size
av_interleaved_write_frame
av_interleaved_write_uncoded_frame
av_jni_get_java_vm
av_jni_set_java_vm
av_lfg_init
av_lfg_init_from_data
av_lockmgr_register
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mallocz_array
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_ext
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_mdct_calc
av_mdct_end
av_mdct_init
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_memcpy_backptr
av_memdup
av_mod_i
av_msg
av_msg_set_callback
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_muxer_iterate
av_nearer_q
av_new_packet
av_new_program
av_oformat_next
av_opt_child_class_next
av_opt_child_next
av_opt_copy
av_opt_eval_double

Sections

.text
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 8.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/libGLESv2.dll
.dll windows:5 windows x64 arch:x64

d899245aed11af82d1f638c3132629cf

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:8a:79:5d:6b:bb:fd:e4:04:6b:24:1f:db:22:0c:38:d8:eb:60:7f:61:71:36:9a:56:12:e2:df:37:58:82:20
Signer

Actual PE Digest

e1:8a:79:5d:6b:bb:fd:e4:04:6b:24:1f:db:22:0c:38:d8:eb:60:7f:61:71:36:9a:56:12:e2:df:37:58:82:20

Digest Algorithm

sha256

PE Digest Matches

true

56:80:5e:48:20:e9:a6:f3:5a:4c:a0:61:f5:6d:68:61:09:88:af:cc
Signer

Actual PE Digest

56:80:5e:48:20:e9:a6:f3:5a:4c:a0:61:f5:6d:68:61:09:88:af:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libGLESv2.dll.pdb

Imports

user32

CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
GetClassInfoA
GetClientRect
GetDC
GetWindowThreadProcessId
InvalidateRect
IsIconic
IsWindow
LoadCursorA
RegisterClassA
ReleaseDC
UnregisterClassA
WindowFromDC

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateThread
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

dxgi

CreateDXGIFactory
CreateDXGIFactory1

gdi32

ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers

Exports

Exports

??0PlatformMethods@angle@@QEAA@XZ
??4PlatformMethods@angle@@QEAAAEAU01@$$QEAU01@@Z
??4PlatformMethods@angle@@QEAAAEAU01@AEBU01@@Z
ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
EGL_BindAPI
EGL_BindTexImage
EGL_ChooseConfig
EGL_ClientWaitSync
EGL_ClientWaitSyncKHR
EGL_CopyBuffers
EGL_CreateContext
EGL_CreateDeviceANGLE
EGL_CreateImage
EGL_CreateImageKHR
EGL_CreateNativeClientBufferANDROID
EGL_CreatePbufferFromClientBuffer
EGL_CreatePbufferSurface
EGL_CreatePixmapSurface
EGL_CreatePlatformPixmapSurface
EGL_CreatePlatformPixmapSurfaceEXT
EGL_CreatePlatformWindowSurface
EGL_CreatePlatformWindowSurfaceEXT
EGL_CreateStreamKHR
EGL_CreateStreamProducerD3DTextureANGLE
EGL_CreateSync
EGL_CreateSyncKHR
EGL_CreateWindowSurface
EGL_DebugMessageControlKHR
EGL_DestroyContext
EGL_DestroyImage
EGL_DestroyImageKHR
EGL_DestroyStreamKHR
EGL_DestroySurface
EGL_DestroySync
EGL_DestroySyncKHR
EGL_DupNativeFenceFDANDROID
EGL_ExportVkImageANGLE
EGL_GetCompositorTimingANDROID
EGL_GetCompositorTimingSupportedANDROID
EGL_GetConfigAttrib
EGL_GetConfigs
EGL_GetCurrentContext
EGL_GetCurrentDisplay
EGL_GetCurrentSurface
EGL_GetDisplay
EGL_GetError
EGL_GetFrameTimestampSupportedANDROID
EGL_GetFrameTimestampsANDROID
EGL_GetMscRateANGLE
EGL_GetNativeClientBufferANDROID
EGL_GetNextFrameIdANDROID
EGL_GetPlatformDisplay
EGL_GetPlatformDisplayEXT
EGL_GetProcAddress
EGL_GetSyncAttrib
EGL_GetSyncAttribKHR
EGL_GetSyncValuesCHROMIUM
EGL_HandleGPUSwitchANGLE
EGL_Initialize
EGL_LabelObjectKHR
EGL_LockSurfaceKHR
EGL_MakeCurrent
EGL_PostSubBufferNV
EGL_PresentationTimeANDROID
EGL_ProgramCacheGetAttribANGLE
EGL_ProgramCachePopulateANGLE
EGL_ProgramCacheQueryANGLE
EGL_ProgramCacheResizeANGLE
EGL_QueryAPI
EGL_QueryContext
EGL_QueryDebugKHR
EGL_QueryDeviceAttribEXT
EGL_QueryDeviceStringEXT
EGL_QueryDisplayAttribANGLE
EGL_QueryDisplayAttribEXT
EGL_QueryStreamKHR
EGL_QueryStreamu64KHR
EGL_QueryString
EGL_QueryStringiANGLE
EGL_QuerySurface
EGL_QuerySurface64KHR
EGL_QuerySurfacePointerANGLE
EGL_ReacquireHighPowerGPUANGLE
EGL_ReleaseDeviceANGLE
EGL_ReleaseHighPowerGPUANGLE
EGL_ReleaseTexImage
EGL_ReleaseThread
EGL_SetBlobCacheFuncsANDROID
EGL_SignalSyncKHR
EGL_StreamAttribKHR
EGL_StreamConsumerAcquireKHR
EGL_StreamConsumerGLTextureExternalAttribsNV
EGL_StreamConsumerGLTextureExternalKHR
EGL_StreamConsumerReleaseKHR
EGL_StreamPostD3DTextureANGLE
EGL_SurfaceAttrib
EGL_SwapBuffers
EGL_SwapBuffersWithDamageKHR
EGL_SwapBuffersWithFrameTokenANGLE
EGL_SwapInterval
EGL_Terminate
EGL_UnlockSurfaceKHR
EGL_WaitClient
EGL_WaitGL
EGL_WaitNative
EGL_WaitSync
EGL_WaitSyncKHR
GL_AcquireTexturesANGLE
GL_ActiveShaderProgram
GL_ActiveShaderProgramEXT
GL_ActiveTexture
GL_AlphaFunc
GL_AlphaFuncx
GL_AttachShader
GL_BeginQuery
GL_BeginQueryEXT
GL_BeginTransformFeedback
GL_BindAttribLocation
GL_BindBuffer
GL_BindBufferBase
GL_BindBufferRange
GL_BindFragDataLocationEXT
GL_BindFragDataLocationIndexedEXT
GL_BindFramebuffer
GL_BindFramebufferOES
GL_BindImageTexture
GL_BindProgramPipeline
GL_BindProgramPipelineEXT
GL_BindRenderbuffer
GL_BindRenderbufferOES
GL_BindSampler
GL_BindTexture
GL_BindTransformFeedback
GL_BindUniformLocationCHROMIUM
GL_BindVertexArray
GL_BindVertexArrayOES
GL_BindVertexBuffer
GL_BlendBarrier
GL_BlendBarrierKHR
GL_BlendColor
GL_BlendEquation
GL_BlendEquationSeparate
GL_BlendEquationSeparatei
GL_BlendEquationSeparateiEXT
GL_BlendEquationSeparateiOES
GL_BlendEquationi
GL_BlendEquationiEXT
GL_BlendEquationiOES
GL_BlendFunc
GL_BlendFuncSeparate
GL_BlendFuncSeparatei
GL_BlendFuncSeparateiEXT
GL_BlendFuncSeparateiOES
GL_BlendFunci
GL_BlendFunciEXT
GL_BlendFunciOES
GL_BlitFramebuffer
GL_BlitFramebufferANGLE
GL_BlitFramebufferNV
GL_BufferData
GL_BufferStorageEXT
GL_BufferStorageExternalEXT
GL_BufferStorageMemEXT
GL_BufferSubData
GL_CheckFramebufferStatus
GL_CheckFramebufferStatusOES
GL_Clear
GL_ClearBufferfi
GL_ClearBufferfv
GL_ClearBufferiv
GL_ClearBufferuiv
GL_ClearColor
GL_ClearColorx
GL_ClearDepthf
GL_ClearDepthx
GL_ClearStencil
GL_ClientActiveTexture
GL_ClientWaitSync
GL_ClipControlEXT
GL_ClipPlanef
GL_ClipPlanex
GL_Color4f
GL_Color4ub
GL_Color4x
GL_ColorMask
GL_ColorMaski
GL_ColorMaskiEXT
GL_ColorMaskiOES
GL_ColorPointer
GL_CompileShader
GL_CompressedCopyTextureCHROMIUM
GL_CompressedTexImage2D
GL_CompressedTexImage2DRobustANGLE
GL_CompressedTexImage3D
GL_CompressedTexImage3DOES
GL_CompressedTexImage3DRobustANGLE
GL_CompressedTexSubImage2D
GL_CompressedTexSubImage2DRobustANGLE
GL_CompressedTexSubImage3D
GL_CompressedTexSubImage3DOES
GL_CompressedTexSubImage3DRobustANGLE
GL_CopyBufferSubData
GL_CopyImageSubData
GL_CopyImageSubDataEXT
GL_CopyImageSubDataOES
GL_CopySubTexture3DANGLE
GL_CopySubTextureCHROMIUM
GL_CopyTexImage2D
GL_CopyTexSubImage2D
GL_CopyTexSubImage3D
GL_CopyTexSubImage3DOES
GL_CopyTexture3DANGLE
GL_CopyTextureCHROMIUM
GL_CoverageModulationCHROMIUM
GL_CreateMemoryObjectsEXT
GL_CreateProgram
GL_CreateShader
GL_CreateShaderProgramv
GL_CreateShaderProgramvEXT
GL_CullFace
GL_CurrentPaletteMatrixOES
GL_DebugMessageCallback
GL_DebugMessageCallbackKHR
GL_DebugMessageControl
GL_DebugMessageControlKHR
GL_DebugMessageInsert
GL_DebugMessageInsertKHR
GL_DeleteBuffers
GL_DeleteFencesNV
GL_DeleteFramebuffers
GL_DeleteFramebuffersOES
GL_DeleteMemoryObjectsEXT
GL_DeleteProgram
GL_DeleteProgramPipelines
GL_DeleteProgramPipelinesEXT
GL_DeleteQueries
GL_DeleteQueriesEXT
GL_DeleteRenderbuffers
GL_DeleteRenderbuffersOES
GL_DeleteSamplers
GL_DeleteSemaphoresEXT
GL_DeleteShader
GL_DeleteSync
GL_DeleteTextures
GL_DeleteTransformFeedbacks
GL_DeleteVertexArrays
GL_DeleteVertexArraysOES
GL_DepthFunc
GL_DepthMask
GL_DepthRangef
GL_DepthRangex
GL_DetachShader
GL_Disable
GL_DisableClientState
GL_DisableExtensionANGLE
GL_DisableVertexAttribArray
GL_Disablei
GL_DisableiEXT
GL_DisableiOES
GL_DiscardFramebufferEXT
GL_DispatchCompute
GL_DispatchComputeIndirect
GL_DrawArrays
GL_DrawArraysIndirect
GL_DrawArraysInstanced
GL_DrawArraysInstancedANGLE
GL_DrawArraysInstancedBaseInstanceANGLE
GL_DrawArraysInstancedEXT
GL_DrawBuffers
GL_DrawBuffersEXT
GL_DrawElements
GL_DrawElementsBaseVertex
GL_DrawElementsBaseVertexEXT
GL_DrawElementsBaseVertexOES
GL_DrawElementsIndirect
GL_DrawElementsInstanced
GL_DrawElementsInstancedANGLE
GL_DrawElementsInstancedBaseVertex
GL_DrawElementsInstancedBaseVertexBaseInstanceANGLE
GL_DrawElementsInstancedBaseVertexEXT
GL_DrawElementsInstancedBaseVertexOES
GL_DrawElementsInstancedEXT
GL_DrawRangeElements
GL_DrawRangeElementsBaseVertex
GL_DrawRangeElementsBaseVertexEXT
GL_DrawRangeElementsBaseVertexOES
GL_DrawTexfOES
GL_DrawTexfvOES
GL_DrawTexiOES
GL_DrawTexivOES
GL_DrawTexsOES
GL_DrawTexsvOES
GL_DrawTexxOES
GL_DrawTexxvOES
GL_EGLImageTargetRenderbufferStorageOES
GL_EGLImageTargetTexStorageEXT
GL_EGLImageTargetTexture2DOES
GL_EGLImageTargetTextureStorageEXT
GL_Enable
GL_EnableClientState
GL_EnableVertexAttribArray
GL_Enablei
GL_EnableiEXT
GL_EnableiOES
GL_EndQuery
GL_EndQueryEXT
GL_EndTransformFeedback
GL_FenceSync
GL_Finish
GL_FinishFenceNV
GL_Flush
GL_FlushMappedBufferRange
GL_FlushMappedBufferRangeEXT
GL_Fogf
GL_Fogfv
GL_Fogx
GL_Fogxv
GL_FramebufferFetchBarrierEXT
GL_FramebufferParameteri
GL_FramebufferParameteriMESA
GL_FramebufferRenderbuffer
GL_FramebufferRenderbufferOES
GL_FramebufferTexture
GL_FramebufferTexture2D
GL_FramebufferTexture2DMultisampleEXT
GL_FramebufferTexture2DOES
GL_FramebufferTexture3DOES
GL_FramebufferTextureEXT
GL_FramebufferTextureLayer
GL_FramebufferTextureMultiviewOVR
GL_FramebufferTextureOES
GL_FrontFace
GL_Frustumf
GL_Frustumx
GL_GenBuffers
GL_GenFencesNV
GL_GenFramebuffers
GL_GenFramebuffersOES
GL_GenProgramPipelines
GL_GenProgramPipelinesEXT
GL_GenQueries
GL_GenQueriesEXT
GL_GenRenderbuffers
GL_GenRenderbuffersOES
GL_GenSamplers
GL_GenSemaphoresEXT
GL_GenTextures
GL_GenTransformFeedbacks
GL_GenVertexArrays
GL_GenVertexArraysOES
GL_GenerateMipmap
GL_GenerateMipmapOES
GL_GetActiveAttrib
GL_GetActiveUniform
GL_GetActiveUniformBlockName
GL_GetActiveUniformBlockiv
GL_GetActiveUniformBlockivRobustANGLE
GL_GetActiveUniformsiv
GL_GetAttachedShaders
GL_GetAttribLocation
GL_GetBooleani_v
GL_GetBooleani_vRobustANGLE
GL_GetBooleanv
GL_GetBooleanvRobustANGLE
GL_GetBufferParameteri64v
GL_GetBufferParameteri64vRobustANGLE
GL_GetBufferParameteriv
GL_GetBufferParameterivRobustANGLE
GL_GetBufferPointerv
GL_GetBufferPointervOES
GL_GetBufferPointervRobustANGLE
GL_GetClipPlanef
GL_GetClipPlanex
GL_GetCompressedTexImageANGLE
GL_GetDebugMessageLog
GL_GetDebugMessageLogKHR
GL_GetError
GL_GetFenceivNV
GL_GetFixedv
GL_GetFloatv
GL_GetFloatvRobustANGLE
GL_GetFragDataIndexEXT
GL_GetFragDataLocation
GL_GetFramebufferAttachmentParameteriv
GL_GetFramebufferAttachmentParameterivOES
GL_GetFramebufferAttachmentParameterivRobustANGLE
GL_GetFramebufferParameteriv
GL_GetFramebufferParameterivMESA
GL_GetFramebufferParameterivRobustANGLE
GL_GetGraphicsResetStatus
GL_GetGraphicsResetStatusEXT
GL_GetInteger64i_v
GL_GetInteger64i_vRobustANGLE
GL_GetInteger64v
GL_GetInteger64vEXT
GL_GetInteger64vRobustANGLE
GL_GetIntegeri_v
GL_GetIntegeri_vRobustANGLE
GL_GetIntegerv
GL_GetIntegervRobustANGLE
GL_GetInternalformativ
GL_GetInternalformativRobustANGLE
GL_GetLightfv
GL_GetLightxv
GL_GetMaterialfv
GL_GetMaterialxv
GL_GetMemoryObjectParameterivEXT
GL_GetMultisamplefv
GL_GetMultisamplefvANGLE
GL_GetMultisamplefvRobustANGLE
GL_GetObjectLabel
GL_GetObjectLabelEXT
GL_GetObjectLabelKHR
GL_GetObjectPtrLabel
GL_GetObjectPtrLabelKHR
GL_GetPointerv
GL_GetPointervKHR
GL_GetPointervRobustANGLERobustANGLE
GL_GetProgramBinary
GL_GetProgramBinaryOES
GL_GetProgramInfoLog
GL_GetProgramInterfaceiv
GL_GetProgramInterfaceivRobustANGLE
GL_GetProgramPipelineInfoLog
GL_GetProgramPipelineInfoLogEXT
GL_GetProgramPipelineiv
GL_GetProgramPipelineivEXT
GL_GetProgramResourceIndex
GL_GetProgramResourceLocation
GL_GetProgramResourceLocationIndexEXT
GL_GetProgramResourceName
GL_GetProgramResourceiv
GL_GetProgramiv
GL_GetProgramivRobustANGLE
GL_GetQueryObjecti64vEXT
GL_GetQueryObjecti64vRobustANGLE
GL_GetQueryObjectivEXT
GL_GetQueryObjectivRobustANGLE
GL_GetQueryObjectui64vEXT
GL_GetQueryObjectui64vRobustANGLE
GL_GetQueryObjectuiv
GL_GetQueryObjectuivEXT
GL_GetQueryObjectuivRobustANGLE
GL_GetQueryiv
GL_GetQueryivEXT
GL_GetQueryivRobustANGLE
GL_GetRenderbufferImageANGLE
GL_GetRenderbufferParameteriv
GL_GetRenderbufferParameterivOES
GL_GetRenderbufferParameterivRobustANGLE
GL_GetSamplerParameterIiv
GL_GetSamplerParameterIivEXT
GL_GetSamplerParameterIivOES
GL_GetSamplerParameterIivRobustANGLE
GL_GetSamplerParameterIuiv
GL_GetSamplerParameterIuivEXT
GL_GetSamplerParameterIuivOES
GL_GetSamplerParameterIuivRobustANGLE
GL_GetSamplerParameterfv
GL_GetSamplerParameterfvRobustANGLE
GL_GetSamplerParameteriv
GL_GetSamplerParameterivRobustANGLE
GL_GetSemaphoreParameterui64vEXT
GL_GetShaderInfoLog
GL_GetShaderPrecisionFormat
GL_GetShaderSource
GL_GetShaderiv
GL_GetShaderivRobustANGLE
GL_GetString
GL_GetStringi
GL_GetSynciv
GL_GetTexEnvfv
GL_GetTexEnviv
GL_GetTexEnvxv
GL_GetTexGenfvOES
GL_GetTexGenivOES
GL_GetTexGenxvOES
GL_GetTexImageANGLE
GL_GetTexLevelParameterfv
GL_GetTexLevelParameterfvANGLE
GL_GetTexLevelParameterfvRobustANGLE
GL_GetTexLevelParameteriv
GL_GetTexLevelParameterivANGLE
GL_GetTexLevelParameterivRobustANGLE
GL_GetTexParameterIiv
GL_GetTexParameterIivEXT
GL_GetTexParameterIivOES
GL_GetTexParameterIivRobustANGLE
GL_GetTexParameterIuiv
GL_GetTexParameterIuivEXT
GL_GetTexParameterIuivOES
GL_GetTexParameterIuivRobustANGLE
GL_GetTexParameterfv
GL_GetTexParameterfvRobustANGLE
GL_GetTexParameteriv
GL_GetTexParameterivRobustANGLE
GL_GetTexParameterxv
GL_GetTransformFeedbackVarying
GL_GetTranslatedShaderSourceANGLE

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 70B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/libwxcodec.dll
.dll windows:6 windows x64 arch:x64

86a6d41934525ea53da4f7e658fac908

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:21:11:e5:21:cb:ce:58:0d:1a:c0:b3:ee:a3:56:96:1a:e5:34:b5:12:74:4a:27:6e:11:49:e5:17:4f:b1:d4
Signer

Actual PE Digest

2a:21:11:e5:21:cb:ce:58:0d:1a:c0:b3:ee:a3:56:96:1a:e5:34:b5:12:74:4a:27:6e:11:49:e5:17:4f:b1:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\xwechat\agent\workspace\translib_win_test\msvc\x64\libwxcodec.pdb

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadFile
ReadConsoleW
OutputDebugStringW
CreateFileW
CloseHandle
WriteConsoleW
RtlUnwind
InitializeCriticalSection
Sleep
SetThreadPriority
GetSystemInfo
WaitForSingleObject
CreateThread
GetTimeZoneInformation
MoveFileExW
DeleteFileW
SetEndOfFile
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete

Exports

Exports

WxH264Encoder_UpdateParamInfo
WxH264Encoder_close
WxH264Encoder_encode
WxH264Encoder_flush
WxH264Encoder_getHeaders
WxH264Encoder_init
WxH264Encoder_intraRefresh
vcodec2_api_get
vcodec2_build_info
vcodec2_cleanup
vcodec2_encoder_close
vcodec2_encoder_encode
vcodec2_encoder_get_stats
vcodec2_encoder_headers
vcodec2_encoder_log
vcodec2_encoder_open_0
vcodec2_encoder_parameters
vcodec2_max_bit_depth
vcodec2_param_alloc
vcodec2_param_apply_profile
vcodec2_param_default
vcodec2_param_default_preset
vcodec2_param_free
vcodec2_param_parse
vcodec2_picture_alloc
vcodec2_picture_free
vcodec2_picture_init
vcodec2_setup_primitives
vcodec2_version

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/mmcrashpad_client64.dll
.dll windows:5 windows x64 arch:x64

cdf2c53f936eaa12c8f98943fa69b6d7

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2f:40:9c:42:2b:57:2a:7f:2b:18:be:2d:ea:7f:b4:df:35:e2:a8:de:47:cc:71:5a:a4:9e:e4:3b:2a:0a:26:80
Signer

Actual PE Digest

2f:40:9c:42:2b:57:2a:7f:2b:18:be:2d:ea:7f:b4:df:35:e2:a8:de:47:cc:71:5a:a4:9e:e4:3b:2a:0a:26:80

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

mmcrashpad_client64.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateNamedPipeW
CreateProcessW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetModuleFileNameExW
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory

advapi32

BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
ConvertStringSecurityDescriptorToSecurityDescriptorW
EventRegister
EventUnregister
EventWrite
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SystemFunction036

dbghelp

StackWalk64
SymCleanup
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetModuleInfoW64
SymGetSearchPathW
SymInitialize
SymLoadModuleExW
SymSetOptions
SymSetSearchPathW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath

shlwapi

PathMatchSpecW

winmm

timeGetTime

user32

UnregisterClassW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ole32

CoTaskMemFree

Exports

Exports

GetHandleVerifier
MMExceptionHandler
MMInitCrashpad
MMRefreshUserInfo
MMSetLogInfo

Sections

.text
Size: 866KB - Virtual size: 866KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 68B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/mmcrashpad_handler64.exe
.exe windows:5 windows x64 arch:x64

409cc11024427e9ccc23f4a6c70bd297

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:59:c0:c4:f9:4c:71:d4:2b:f1:7d:8f:a6:1f:4e:19:f9:37:46:6d:17:7c:13:90:4b:0b:6f:52:e2:7f:46:a0
Signer

Actual PE Digest

30:59:c0:c4:f9:4c:71:d4:2b:f1:7d:8f:a6:1f:4e:19:f9:37:46:6d:17:7c:13:90:4b:0b:6f:52:e2:7f:46:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

mmcrashpad_handler64.exe.pdb

Imports

advapi32

BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
ConvertStringSecurityDescriptorToSecurityDescriptorW
EventRegister
EventUnregister
EventWrite
ImpersonateNamedPipeClient
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SystemFunction036

dbghelp

MiniDumpWriteDump
StackWalk64
SymCleanup
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetModuleInfoW64
SymGetSearchPathW
SymInitialize
SymLoadModuleExW
SymSetOptions
SymSetSearchPathW

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FindResourceExW
FindResourceW
FlsAlloc
FlsSetValue
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileSectionW
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadId
GetThreadLocale
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
IsDBCSLeadByte
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetModuleFileNameExW
K32GetModuleInformation
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFree
LockFileEx
LockResource
MapViewOfFile
MoveFileW
MultiByteToWideChar
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableSRW
SleepEx
SuspendThread
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
Wow64GetThreadContext
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcpyW

user32

BeginPaint
BringWindowToTop
CallWindowProcW
ClientToScreen
CloseClipboard
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyMenu
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawIconEx
DrawTextW
EmptyClipboard
EnableWindow
EndDialog
EndPaint
GetClientRect
GetDlgItem
GetKeyState
GetMenuItemCount
GetMessageW
GetQueueStatus
GetSysColorBrush
GetWindowLongPtrW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InvalidateRect
IsWindow
KillTimer
LoadIconW
LoadImageW
MapDialogRect
MapWindowPoints
MsgWaitForMultipleObjectsEx
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
SendDlgItemMessageW
SendMessageW
SetClipboardData
SetDlgItemTextW
SetTimer
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SwitchToThisWindow
TrackPopupMenu
TranslateMessage
UnregisterClassW

ole32

CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoTaskMemFree
CoUninitialize
DoDragDrop
OleInitialize
OleUninitialize

shell32

CommandLineToArgvW
ord155
SHBindToParent
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteW

shlwapi

PathMatchSpecW

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpWriteData

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

gdi32

CreateFontW
DeleteObject
GetStockObject
SelectObject
SetBkMode
SetTextColor

oleaut32

SysAllocString
SysAllocStringByteLen
SysFreeString
SysStringByteLen
SysStringLen

ws2_32

inet_ntoa

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

ImageList_Create
ImageList_ReplaceIcon

netapi32

Netbios

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 36B

.tls
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 68B

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/mmmojo.dll
.dll windows:5 windows x86 arch:x86

2382b373f5946e01b6074f6002346d72

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:df:ce:3c:de:91:ae:0a:32:0d:5c:0e:cb:79:f0:29:98:a5:7d:71:65:d5:cf:69:bf:11:a7:93:6b:f1:59:54
Signer

Actual PE Digest

2c:df:ce:3c:de:91:ae:0a:32:0d:5c:0e:cb:79:f0:29:98:a5:7d:71:65:d5:cf:69:bf:11:a7:93:6b:f1:59:54

Digest Algorithm

sha256

PE Digest Matches

true

8a:e1:a1:17:42:07:87:9a:dc:75:2a:b2:03:7e:69:bc:1a:ac:31:a6
Signer

Actual PE Digest

8a:e1:a1:17:42:07:87:9a:dc:75:2a:b2:03:7e:69:bc:1a:ac:31:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\chromium_master\chromium\src\out\release86\mmmojo.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AssignProcessToJobObject
CallbackMayRunLong
CancelIo
CloseHandle
CloseThreadpool
CloseThreadpoolWork
CompareStringW
ConnectNamedPipe
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateThreadpool
CreateThreadpoolWork
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
GetWindowsDirectoryW
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetModuleInformation
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueryProcessCycleTime
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetProcessDEPPolicy
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SubmitThreadpoolWork
SwitchToThread
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWorkCallbacks
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrlenA
lstrlenW

advapi32

AccessCheck
AddMandatoryAce
AdjustTokenPrivileges
BuildTrusteeWithSidW
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
DuplicateToken
DuplicateTokenEx
EqualSid
EventRegister
EventUnregister
EventWrite
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetTokenInformation
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
IsValidSid
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityDescriptorDacl
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteExW

user32

AllowSetForegroundWindow
CloseDesktop
CloseWindowStation
CreateDesktopW
CreateWindowExW
CreateWindowStationW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetActiveWindow
GetProcessWindowStation
GetQueueStatus
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongW
KillTimer
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
SetProcessWindowStation
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoTaskMemFree
CoUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

AppendMMSubProcessSwitchNative
CreateMMMojoEnvironment
CreateMMMojoWriteInfo
GetHandleVerifier
GetMMMojoReadInfoAttach
GetMMMojoReadInfoMethod
GetMMMojoReadInfoRequest
GetMMMojoReadInfoSync
GetMMMojoWriteInfoAttach
GetMMMojoWriteInfoRequest
InitializeMMMojo
IsSandboxedProcess
MMMojoLog
MMMojoLogArg
RemoveMMMojoEnvironment
RemoveMMMojoReadInfo
RemoveMMMojoWriteInfo
SendMMMojoWriteInfo
SetMMMojoEnvironmentCallbacks
SetMMMojoEnvironmentInitParams
SetMMMojoWriteInfoMessagePipe
SetMMMojoWriteInfoResponseSync
ShutdownMMMojo
StartMMMojoEnvironment
StopMMMojoEnvironment
SwapMMMojoWriteInfoCallback
SwapMMMojoWriteInfoMessage

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 128B

malloc_h
Size: 512B - Virtual size: 191B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/mmmojo_64.dll
.dll windows:5 windows x64 arch:x64

01ae9b0bd2188b2447de6df79374af05

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:2a:dd:d4:dd:c6:9d:03:03:97:99:1f:33:1d:f6:d3:15:bc:4a:4b:a0:14:af:52:e3:34:39:23:c5:c9:65:cb
Signer

Actual PE Digest

e2:2a:dd:d4:dd:c6:9d:03:03:97:99:1f:33:1d:f6:d3:15:bc:4a:4b:a0:14:af:52:e3:34:39:23:c5:c9:65:cb

Digest Algorithm

sha256

PE Digest Matches

true

6a:27:02:43:87:9b:f7:d9:84:f7:f1:67:1f:7f:5f:42:3e:62:19:b4
Signer

Actual PE Digest

6a:27:02:43:87:9b:f7:d9:84:f7:f1:67:1f:7f:5f:42:3e:62:19:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\chromium_master\chromium\src\out\release\mmmojo_64.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AssignProcessToJobObject
CallbackMayRunLong
CancelIo
CloseHandle
CloseThreadpool
CloseThreadpoolWork
CompareStringW
ConnectNamedPipe
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateThreadpool
CreateThreadpoolWork
CreateToolhelp32Snapshot
DebugBreak
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProcessId
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetModuleInformation
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueryProcessCycleTime
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
ResumeThread
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SubmitThreadpoolWork
SwitchToThread
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWorkCallbacks
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrlenA
lstrlenW

advapi32

AccessCheck
AddMandatoryAce
AdjustTokenPrivileges
BuildTrusteeWithSidW
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
DuplicateToken
DuplicateTokenEx
EqualSid
EventRegister
EventUnregister
EventWrite
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetTokenInformation
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
IsValidSid
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityDescriptorDacl
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetKnownFolderPath
ShellExecuteExW

user32

AllowSetForegroundWindow
CloseDesktop
CloseWindowStation
CreateDesktopW
CreateWindowExW
CreateWindowStationW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetActiveWindow
GetProcessWindowStation
GetQueueStatus
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongPtrW
KillTimer
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
SetProcessWindowStation
SetTimer
SetWindowLongPtrW
TranslateMessage
UnregisterClassW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoTaskMemFree
CoUninitialize

Exports

Exports

AppendMMSubProcessSwitchNative
CreateMMMojoEnvironment
CreateMMMojoWriteInfo
GetHandleVerifier
GetMMMojoReadInfoAttach
GetMMMojoReadInfoMethod
GetMMMojoReadInfoRequest
GetMMMojoReadInfoSync
GetMMMojoWriteInfoAttach
GetMMMojoWriteInfoRequest
InitializeMMMojo
IsSandboxedProcess
MMMojoLog
MMMojoLogArg
RemoveMMMojoEnvironment
RemoveMMMojoReadInfo
RemoveMMMojoWriteInfo
SendMMMojoWriteInfo
SetMMMojoEnvironmentCallbacks
SetMMMojoEnvironmentInitParams
SetMMMojoWriteInfoMessagePipe
SetMMMojoWriteInfoResponseSync
ShutdownMMMojo
StartMMMojoEnvironment
StopMMMojoEnvironment
SwapMMMojoWriteInfoCallback
SwapMMMojoWriteInfoMessage

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 68B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

malloc_h
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/owl.dll
.dll windows:6 windows x64 arch:x64

c6b668386def86c992ef294d7df33e44

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:76:aa:0d:f0:fd:75:5a:1b:ab:d6:ee:6f:1e:31:26:1b:eb:73:6d:e6:75:6f:52:85:e7:00:72:a0:e7:a2:be
Signer

Actual PE Digest

3f:76:aa:0d:f0:fd:75:5a:1b:ab:d6:ee:6f:1e:31:26:1b:eb:73:6d:e6:75:6f:52:85:e7:00:72:a0:e7:a2:be

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\.wconan2\owl\c32ac8f1_1709781166\wconan_build\cmake\windows-x64\default\Release\shared\cmake\Release\owl.pdb

Imports

ws2_32

getsockname
inet_ntop
inet_pton
socket
ntohs
htons
ioctlsocket
WSACleanup
WSAStartup
shutdown
setsockopt
listen
getpeername
send
recv
getsockopt
connect
bind
accept
getnameinfo
freeaddrinfo
getaddrinfo
WSAGetLastError
WSASetLastError
gethostbyname
select
__WSAFDIsSet
sendto
recvfrom
htonl
closesocket

kernel32

SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
GetCurrentDirectoryW
GetFileSizeEx
FlushFileBuffers
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
GetLastError
GetCurrentProcessId
GetCurrentThreadId
GetSystemInfo
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
RaiseException
WaitForSingleObject
FindClose
FindFirstFileExW
FindNextFileW
GetFullPathNameW
FormatMessageA
WriteConsoleW
GetFileSize
LocalFree
FormatMessageW
VirtualProtect
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
VirtualLock
VirtualUnlock
CreateFileMappingA
GetConsoleOutputCP
HeapSize
GetModuleFileNameW
InitOnceBeginInitialize
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlPcToFileHeader
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
QueryPerformanceFrequency
Sleep
GetExitCodeThread
RtlUnwind
InitOnceComplete
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwindEx
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
SetEndOfFile
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesExW
MoveFileExW
CreateFileW
GetFileType
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ReadFile
SetFilePointerEx
ExitProcess
SetStdHandle
DuplicateHandle
CreatePipe
GetConsoleMode
ReadConsoleW
WriteFile

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

Exports

Exports

?$TSS0@?1??instance@cls_manager@v7@owl@@SAAEAV234@XZ@4HA
??$?0V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V01@$0A@@?$pair@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@QEAA@$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??$?0Vlocale@std@@@locale_ref@detail@owl@fmt@@QEAA@AEBVlocale@std@@@Z
??$?0Vlooper@v7@owl@@V?$function@$$A6AXPEAVlooper@v7@owl@@@Z@std@@$0A@@?$shared_ptr@Vlooper@v7@owl@@@std@@QEAA@PEAVlooper@v7@owl@@V?$function@$$A6AXPEAVlooper@v7@owl@@@Z@1@@Z
??$?4V?$tuple@Vexception_ptr@std@@@std@@$0A@@tuple_any@v7@owl@@QEAAAEAV012@$$QEAV?$tuple@Vexception_ptr@std@@@std@@@Z
??$?6DU?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@Vid@thread@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6H@v7@zlog@@YAAEAVlog_string@01@AEAV201@AEBU?$atomic@H@std@@@Z
??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@PEBD@Z
??$?6V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@v7@zlog@@YAAEAVlog_string@01@AEAV201@AEBV?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@std@@@Z
??$?6Vco_job_base@v7@owl@@@v7@zlog@@YAAEAVlog_string@01@AEAV201@AEBV?$shared_ptr@Vco_job_base@v7@owl@@@std@@@Z
??$?6W4task_type@v7@owl@@$0A@@v7@zlog@@YAAEAVlog_string@01@AEAV201@AEBW4task_type@0owl@@@Z
??$?6_N@v7@zlog@@YAAEAVlog_string@01@AEAV201@AEBU?$atomic@_N@std@@@Z
??$?8$$A6A_NXZ@std@@YA_NAEBV?$function@$$A6A_NXZ@0@$$T@Z
??$?8Vallocator@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vallocator@v7@owl@@@0@$$T@Z
??$?8Vco_job_base@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vco_job_base@v7@owl@@@0@$$T@Z
??$?8Vco_job_base@v7@owl@@V012@@std@@YA_NAEBV?$shared_ptr@Vco_job_base@v7@owl@@@0@0@Z
??$?8Vcoroutine@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vcoroutine@v7@owl@@@0@$$T@Z
??$?8Vlog_appender@v7@zlog@@V012@@std@@YA_NAEBV?$shared_ptr@Vlog_appender@v7@zlog@@@0@0@Z
??$?8Vpromise_impl@v7@owl@@V012@@std@@YA_NAEBV?$shared_ptr@Vpromise_impl@v7@owl@@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@QEBD@Z
??$?9V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@std@@YA_NAEBV?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@0@$$T@Z
??$?9Vco_job_base@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vco_job_base@v7@owl@@@0@$$T@Z
??$?9Vco_scope@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vco_scope@v7@owl@@@0@$$T@Z
??$?9Vcoroutine@v7@owl@@@std@@YA_NAEBV?$shared_ptr@Vcoroutine@v7@owl@@@0@$$T@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@AEBV10@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?OVcoroutine@v7@owl@@V012@@std@@YA_NAEBV?$shared_ptr@Vcoroutine@v7@owl@@@0@0@Z
??$?R$$V@log_object@v7@zlog@@QEAAAEAV012@PEBD@Z
??$?RAEAH@log_object@v7@zlog@@QEAAAEAV012@PEBDAEAH@Z
??$?RAEAHPEBD@log_object@v7@zlog@@QEAAAEAV012@PEBDAEAH$$QEAPEBD@Z
??$?RAEAPEBD@log_object@v7@zlog@@QEAAAEAV012@PEBDAEAPEBD@Z
??$?RAEAU?$atomic@H@std@@AEAU01@@log_object@v7@zlog@@QEAAAEAV012@PEBDAEAU?$atomic@H@std@@1@Z
??$?RAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAI@log_object@v7@zlog@@QEAAAEAV012@PEBDAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAI@Z
??$?RAEA_J@log_object@v7@zlog@@QEAAAEAV012@PEBDAEA_J@Z
??$?RAEA_KAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@log_object@v7@zlog@@QEAAAEAV012@PEBDAEA_KAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$?RAEA_N@log_object@v7@zlog@@QEAAAEAV012@PEBDAEA_N@Z
??$?RAEBI@log_object@v7@zlog@@QEAAAEAV012@PEBDAEBI@Z
??$?RAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@log_object@v7@zlog@@QEAAAEAV012@PEBDAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$?RAEBW4bind_strategy@v7@owl@@@log_object@v7@zlog@@QEAAAEAV012@PEBDAEBW4bind_strategy@1owl@@@Z
??$?RUmonostate@owl@fmt@@$0A@@?$precision_checker@Uerror_handler@detail@owl@fmt@@@detail@owl@fmt@@QEAA_KUmonostate@23@@Z
??$?RUmonostate@owl@fmt@@$0A@@?$width_checker@Uerror_handler@detail@owl@fmt@@@detail@owl@fmt@@QEAA_KUmonostate@23@@Z
??$?RV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD@log_object@v7@zlog@@QEAAAEAV012@PEBD$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAPEBD@Z
??$?RVdeferred@v7@owl@@@<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@QEAA?A_PVdeferred@v7@owl@@@Z
??$?XH@bigint@detail@owl@fmt@@QEAAAEAV0123@H@Z
??$_Allocate_manually_vector_aligned@U_Default_allocate_traits@std@@@std@@YAPEAX_K@Z
??$_Assign_cast@AEAVpromise@v7@owl@@V?$_List_unchecked_const_iterator@V?$_List_val@U?$_List_simple_types@Vpromise@v7@owl@@@std@@@std@@U_Iterator_base0@2@@std@@@?$list@Vpromise@v7@owl@@V?$allocator@Vpromise@v7@owl@@@std@@@std@@AEAAXV?$_List_unchecked_const_iterator@V?$_List_val@U?$_List_simple_types@Vpromise@v7@owl@@@std@@@std@@U_Iterator_base0@2@@1@V21@@Z
??$_Atomic_address_as@DU?$_Atomic_padded@_N@std@@@std@@YAPECDAEAU?$_Atomic_padded@_N@0@@Z
??$_Atomic_address_as@DU?$_Atomic_padded@_N@std@@@std@@YAPEDDAEBU?$_Atomic_padded@_N@0@@Z
??$_Atomic_address_as@HU?$_Atomic_padded@H@std@@@std@@YAPEDHAEBU?$_Atomic_padded@H@0@@Z
??$_Atomic_address_as@HU?$_Atomic_padded@I@std@@@std@@YAPEDHAEBU?$_Atomic_padded@I@0@@Z
??$_Atomic_address_as@HU?$_Atomic_padded@W4log_level@v7@zlog@@@std@@@std@@YAPEDHAEBU?$_Atomic_padded@W4log_level@v7@zlog@@@0@@Z
??$_Atomic_address_as@JU?$_Atomic_padded@H@std@@@std@@YAPECJAEAU?$_Atomic_padded@H@0@@Z
??$_Atomic_address_as@JU?$_Atomic_padded@I@std@@@std@@YAPECJAEAU?$_Atomic_padded@I@0@@Z
??$_Atomic_address_as@JU?$_Atomic_padded@W4log_level@v7@zlog@@@std@@@std@@YAPECJAEAU?$_Atomic_padded@W4log_level@v7@zlog@@@0@@Z
??$_Atomic_address_as@_JU?$_Atomic_padded@PEAVthread@v7@owl@@@std@@@std@@YAPEC_JAEAU?$_Atomic_padded@PEAVthread@v7@owl@@@0@@Z
??$_Atomic_address_as@_JU?$_Atomic_padded@_J@std@@@std@@YAPEC_JAEAU?$_Atomic_padded@_J@0@@Z
??$_Atomic_address_as@_JU?$_Atomic_padded@_K@std@@@std@@YAPEC_JAEAU?$_Atomic_padded@_K@0@@Z
??$_Atomic_address_as@_JU?$_Atomic_padded@_K@std@@@std@@YAPED_JAEBU?$_Atomic_padded@_K@0@@Z
??$_Atomic_reinterpret_as@D_N@std@@YADAEB_N@Z
??$_Atomic_reinterpret_as@JH@std@@YAJAEBH@Z
??$_Atomic_reinterpret_as@JI@std@@YAJAEBI@Z
??$_Atomic_reinterpret_as@JW4log_level@v7@zlog@@@std@@YAJAEBW4log_level@v7@zlog@@@Z
??$_Atomic_reinterpret_as@_JPEAVthread@v7@owl@@@std@@YA_JAEBQEAVthread@v7@owl@@@Z
??$_Atomic_reinterpret_as@_J_J@std@@YA_JAEB_J@Z
??$_Atomic_reinterpret_as@_J_K@std@@YA_JAEB_K@Z
??$_Copy_memmove@PEADPEAD@std@@YAPEADPEAD00@Z
??$_Copy_memmove@PEAHPEAH@std@@YAPEAHPEAH00@Z
??$_Copy_memmove@PEAIPEAI@std@@YAPEAIPEAI00@Z
??$_Copy_memmove@PEAPEAIPEAPEAI@std@@YAPEAPEAIPEAPEAI00@Z
??$_Copy_memmove@PEAPEAUslot_tracker@v7@owl@@PEAPEAU123@@std@@YAPEAPEAUslot_tracker@v7@owl@@PEAPEAU123@00@Z
??$_Copy_memmove@PEAPEAUtask_item@v7@owl@@PEAPEAU123@@std@@YAPEAPEAUtask_item@v7@owl@@PEAPEAU123@00@Z
??$_Copy_memmove@PEAPEAV?$function@$$A6AXXZ@std@@PEAPEAV12@@std@@YAPEAPEAV?$function@$$A6AXXZ@0@PEAPEAV10@00@Z
??$_Copy_memmove@PEAPEAVasync_task@v7@owl@@PEAPEAV123@@std@@YAPEAPEAVasync_task@v7@owl@@PEAPEAV123@00@Z
??$_Copy_memmove@PEAPEA_KPEAPEA_K@std@@YAPEAPEA_KPEAPEA_K00@Z
??$_Copy_memmove@PEA_KPEA_K@std@@YAPEA_KPEA_K00@Z
??$_Copy_memmove@PEA_WPEA_W@std@@YAPEA_WPEA_W00@Z
??$_Copy_memmove@PEBDPEAD@std@@YAPEADPEBD0PEAD@Z
??$_Copy_memmove@PEBIPEAI@std@@YAPEAIPEBI0PEAI@Z
??$_Copy_memmove@PEB_WPEA_W@std@@YAPEA_WPEB_W0PEA_W@Z
??$_Destroy_range@V?$allocator@Uschedule_item_t@v7@owl@@@std@@@std@@YAXPEAUschedule_item_t@v7@owl@@QEAU123@AEAV?$allocator@Uschedule_item_t@v7@owl@@@0@@Z
??$_Destroy_range@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@std@@YAXPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@QEAV10@AEAV?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@0@@Z
??$_Destroy_range@V?$allocator@V?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@std@@@std@@YAXPEAV?$shared_ptr@Vlog_appender@v7@zlog@@@0@QEAV10@AEAV?$allocator@V?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@0@@Z
??$_Destroy_range@V?$allocator@Vpromise@v7@owl@@@std@@@std@@YAXPEAVpromise@v7@owl@@QEAV123@AEAV?$allocator@Vpromise@v7@owl@@@0@@Z
??$_Emplace_reallocate@AEBH@?$vector@HV?$allocator@H@std@@@std@@QEAAPEAHQEAHAEBH@Z
??$_Emplace_reallocate@AEBQEAUslot_tracker@v7@owl@@@?$vector@PEAUslot_tracker@v7@owl@@V?$allocator@PEAUslot_tracker@v7@owl@@@std@@@std@@QEAAPEAPEAUslot_tracker@v7@owl@@QEAPEAU234@AEBQEAU234@@Z
??$_Emplace_reallocate@AEBUtimeout_item@v7@owl@@@?$vector@Utimeout_item@v7@owl@@V?$allocator@Utimeout_item@v7@owl@@@std@@@std@@QEAAPEAUtimeout_item@v7@owl@@QEAU234@AEBU234@@Z
??$_Emplace_reallocate@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@QEAAPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@QEAV21@AEBV21@@Z
??$_Emplace_reallocate@AEBV?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@?$vector@V?$shared_ptr@Vlog_appender@v7@zlog@@@std@@V?$allocator@V?$shared_ptr@Vlog_appender@v7@zlog@@@std@@@2@@std@@QEAAPEAV?$shared_ptr@Vlog_appender@v7@zlog@@@1@QEAV21@AEBV21@@Z
??$_Emplace_reallocate@AEB_K@?$vector@_KV?$allocator@_K@std@@@std@@QEAAPEA_KQEA_KAEB_K@Z
??$_Emplace_reallocate@PEAUtask_item@v7@owl@@@?$vector@PEAUtask_item@v7@owl@@V?$allocator@PEAUtask_item@v7@owl@@@std@@@std@@QEAAPEAPEAUtask_item@v7@owl@@QEAPEAU234@$$QEAPEAU234@@Z
??$_Emplace_reallocate@PEAVasync_task@v7@owl@@@?$vector@PEAVasync_task@v7@owl@@V?$allocator@PEAVasync_task@v7@owl@@@std@@@std@@QEAAPEAPEAVasync_task@v7@owl@@QEAPEAV234@$$QEAPEAV234@@Z
??$_Emplace_reallocate@Uschedule_item_t@v7@owl@@@?$vector@Uschedule_item_t@v7@owl@@V?$allocator@Uschedule_item_t@v7@owl@@@std@@@std@@QEAAPEAUschedule_item_t@v7@owl@@QEAU234@$$QEAU234@@Z
??$_Emplace_reallocate@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@QEAAPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@QEAV21@$$QEAV21@@Z
??$_Emplace_reallocate@Vpromise_value@v7@owl@@@?$vector@Vpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@QEAAPEAVpromise_value@v7@owl@@QEAV234@$$QEAV234@@Z
??$_Emplace_reallocate@Vweak_promise@v7@owl@@@?$vector@Vweak_promise@v7@owl@@V?$allocator@Vweak_promise@v7@owl@@@std@@@std@@QEAAPEAVweak_promise@v7@owl@@QEAV234@$$QEAV234@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@PEAVcoroutine@v7@owl@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@PEAVcoroutine@v7@owl@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@PEAVcoroutine@v7@owl@@PEAX@std@@@1@PEAU?$_Tree_node@PEAVcoroutine@v7@owl@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@$$CBHPEAV?$list@PEAUevent_handler_info@select_io_context@v7@owl@@V?$allocator@PEAUevent_handler_info@select_io_context@v7@owl@@@std@@@std@@@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBHPEAV?$list@PEAUevent_handler_info@select_io_context@v7@owl@@V?$allocator@PEAUevent_handler_info@select_io_context@v7@owl@@@std@@@std@@@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@$$CBHPEAV?$list@PEAUevent_handler_info@select_io_context@v7@owl@@V?$allocator@PEAUevent_handler_info@select_io_context@v7@owl@@@std@@@std@@@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@$$CBHPEAV?$list@PEAUevent_handler_info@select_io_context@v7@owl@@V?$allocator@PEAUevent_handler_info@select_io_context@v7@owl@@@std@@@std@@@std@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@$$CBHPEBD@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBHPEBD@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@$$CBHPEBD@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@$$CBHPEBD@std@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@$$CB_KPEAVasync_task@v7@owl@@@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CB_KPEAVasync_task@v7@owl@@@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@$$CB_KPEAVasync_task@v7@owl@@@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@$$CB_KPEAVasync_task@v7@owl@@@std@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@QEAUslot_tracker@v7@owl@@H@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@QEAUslot_tracker@v7@owl@@H@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@QEAUslot_tracker@v7@owl@@H@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@QEAUslot_tracker@v7@owl@@H@std@@PEAX@1@@Z
??$_Erase_tree@V?$allocator@U?$_Tree_node@U?$pair@QEAVallocator@v7@owl@@V?$shared_ptr@Vco_scheduler@v7@owl@@@std@@@std@@PEAX@std@@@std@@@?$_Tree_val@U?$_Tree_simple_types@U?$pair@QEAVallocator@v7@owl@@V?$shared_ptr@Vco_scheduler@v7@owl@@@std@@@std@@@std@@@std@@QEAAXAEAV?$allocator@U?$_Tree_node@U?$pair@QEAVallocator@v7@owl@@V?$shared_ptr@Vco_scheduler@v7@owl@@@std@@@std@@PEAX@std@@@1@PEAU?$_Tree_node@U?$pair@QEAVallocator@v7@owl@@V?$shared_ptr@Vco_scheduler@v7@owl@@@std@@@std@@PEAX@1@@Z
??$_Fill_zero_memset@PEAI@std@@YAXPEAI_K@Z
??$_Find_last@Vtype_index@std@@@?$_Hash@V?$_Umap_traits@Vtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@V?$_Uhash_compare@Vtype_index@std@@U?$hash@Vtype_index@std@@@2@U?$equal_to@Vtype_index@std@@@2@@2@V?$allocator@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@2@$0A@@std@@@std@@IEBA?AU?$_Hash_find_last_result@PEAU?$_List_node@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@PEAX@std@@@1@AEBVtype_index@1@_K@Z
??$_Float_put_desired_precision@N@std@@YAH_JH@Z
??$_Float_put_desired_precision@O@std@@YAH_JH@Z
??$_Free_non_head@V?$allocator@U?$_List_node@V?$function@$$A6A_NAEBUlog_entry@v7@zlog@@@Z@std@@PEAX@std@@@std@@@?$_List_node@V?$function@$$A6A_NAEBUlog_entry@v7@zlog@@@Z@std@@PEAX@std@@SAXAEAV?$allocator@U?$_List_node@V?$function@$$A6A_NAEBUlog_entry@v7@zlog@@@Z@std@@PEAX@std@@@1@PEAU01@@Z
??$_Free_non_head@V?$allocator@U?$_List_node@Vpromise@v7@owl@@PEAX@std@@@std@@@?$_List_node@Vpromise@v7@owl@@PEAX@std@@SAXAEAV?$allocator@U?$_List_node@Vpromise@v7@owl@@PEAX@std@@@1@PEAU01@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@X$$V@std@@AEBV<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@X$$V@0@AEBV<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@X$$V@std@@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@X$$V@0@$$QEAV<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_2056658e43d8978311fde11135aa7dcd>@@X$$V@std@@AEBV<lambda_2056658e43d8978311fde11135aa7dcd>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_2056658e43d8978311fde11135aa7dcd>@@X$$V@0@AEBV<lambda_2056658e43d8978311fde11135aa7dcd>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_2056658e43d8978311fde11135aa7dcd>@@X$$V@std@@V<lambda_2056658e43d8978311fde11135aa7dcd>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_2056658e43d8978311fde11135aa7dcd>@@X$$V@0@$$QEAV<lambda_2056658e43d8978311fde11135aa7dcd>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@XVdeferred@v7@owl@@@std@@AEBV<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@XVdeferred@v7@owl@@@0@AEBV<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@XVdeferred@v7@owl@@@std@@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@XVdeferred@v7@owl@@@0@$$QEAV<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@X$$V@std@@AEBV<lambda_8df581c8bb36de47c79909e46e870bfd>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@X$$V@0@AEBV<lambda_8df581c8bb36de47c79909e46e870bfd>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@X$$V@std@@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@X$$V@0@$$QEAV<lambda_8df581c8bb36de47c79909e46e870bfd>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@X$$V@std@@AEBV<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@X$$V@0@AEBV<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@X$$V@std@@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@X$$V@0@$$QEAV<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@X$$V@std@@AEBV<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@X$$V@0@AEBV<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@X$$V@std@@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@X$$V@0@$$QEAV<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@X$$V@std@@AEBV<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@X$$V@0@AEBV<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@Z
??$_Global_new@V?$_Func_impl_no_alloc@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@X$$V@std@@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@std@@YAPEAV?$_Func_impl_no_alloc@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@X$$V@0@$$QEAV<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@Z
??$_Immortalize_memcpy_image@V_Future_error_category2@std@@@std@@YAAEBV_Future_error_category2@0@XZ
??$_Immortalize_memcpy_image@V_Generic_error_category@std@@@std@@YAAEBV_Generic_error_category@0@XZ
??$_Immortalize_memcpy_image@V_Iostream_error_category2@std@@@std@@YAAEBV_Iostream_error_category2@0@XZ
??$_Insert_string@DU?$char_traits@D@std@@_K@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@0@AEAV10@QEBD_K@Z
??$_Integral_to_string@DH@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@H@Z
??$_Integral_to_string@DJ@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@J@Z
??$_Integral_to_string@D_J@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@_J@Z
??$_Is_all_bits_zero@H@std@@YA_NAEBH@Z
??$_Maklocchr@D@std@@YADDPEADAEBU_Cvtvec@@@Z
??$_Maklocstr@D@std@@YAPEADPEBDPEADAEBU_Cvtvec@@@Z
??$_Pop_heap_hole_by_index@PEAUschedule_item_t@v7@owl@@U123@U?$greater@X@std@@@std@@YAXPEAUschedule_item_t@v7@owl@@_J1$$QEAU123@U?$greater@X@0@@Z
??$_Pop_heap_unchecked@PEAUtimeout_item@v7@owl@@U?$greater@Utimeout_item@v7@owl@@@std@@@std@@YAXPEAUtimeout_item@v7@owl@@0U?$greater@Utimeout_item@v7@owl@@@0@@Z
??$_Pop_heap_unchecked@PEAUtimeout_item@v7@owl@@U?$greater@X@std@@@std@@YAXPEAUtimeout_item@v7@owl@@0U?$greater@X@0@@Z
??$_Push_heap_by_index@PEAUschedule_item_t@v7@owl@@U123@U?$greater@X@std@@@std@@YAXPEAUschedule_item_t@v7@owl@@_J1$$QEAU123@U?$greater@X@0@@Z
??$_Reallocate_grow_by@V<lambda_319d5e083f45f90dcdce5dce53cbb275>@@D@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_319d5e083f45f90dcdce5dce53cbb275>@@D@Z
??$_Reallocate_grow_by@V<lambda_55b0f89b53a0342680e40398a0d39887>@@_K_KPEBD_K@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_55b0f89b53a0342680e40398a0d39887>@@_K2PEBD2@Z
??$_Reallocate_grow_by@V<lambda_65e615be2a453ca0576c979606f46740>@@PEBD_K@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_65e615be2a453ca0576c979606f46740>@@PEBD_K@Z
??$_Reallocate_grow_by@V<lambda_9013ee9e23efe4882b67eff5b0ecf103>@@$$V@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_9013ee9e23efe4882b67eff5b0ecf103>@@@Z
??$_Reallocate_grow_by@V<lambda_b986da8d428e4af07c64af60eec09b61>@@_K_KD@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_b986da8d428e4af07c64af60eec09b61>@@_K2D@Z
??$_Reallocate_grow_by@V<lambda_c66657cd1f058c8dbbb532b7fb001410>@@_K_K_KD@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_c66657cd1f058c8dbbb532b7fb001410>@@_K22D@Z
??$_Reallocate_grow_by@V<lambda_e1befb086ad3257e3f042a63030725f7>@@_KD@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_e1befb086ad3257e3f042a63030725f7>@@_KD@Z
??$_Reallocate_grow_by@V<lambda_f3a66ab6a0570788f31503db83886f49>@@_KPEBD_K@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAAAEAV01@_KV<lambda_f3a66ab6a0570788f31503db83886f49>@@_KPEBD2@Z
??$_Setpd@PEAHV<lambda_b773f9c79fbed16f614585671b8d5bad>@@@?$shared_ptr@H@std@@AEAAXQEAHV<lambda_b773f9c79fbed16f614585671b8d5bad>@@@Z
??$_Test_callable@V<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@std@@YA_NAEBV<lambda_03ffe5e1ff47e270874c1cc7853a35d8>@@@Z
??$_Test_callable@V<lambda_06ec7951d29ad9a85e7399bb65deb45d>@@@std@@YA_NAEBV<lambda_06ec7951d29ad9a85e7399bb65deb45d>@@@Z
??$_Test_callable@V<lambda_072f8b0f0d17cc1e21160088181c3227>@@@std@@YA_NAEBV<lambda_072f8b0f0d17cc1e21160088181c3227>@@@Z
??$_Test_callable@V<lambda_12a2a99ef2154e90a38719c0a589883f>@@@std@@YA_NAEBV<lambda_12a2a99ef2154e90a38719c0a589883f>@@@Z
??$_Test_callable@V<lambda_2056658e43d8978311fde11135aa7dcd>@@@std@@YA_NAEBV<lambda_2056658e43d8978311fde11135aa7dcd>@@@Z
??$_Test_callable@V<lambda_33200ab2369c15726a64345ab47ad552>@@@std@@YA_NAEBV<lambda_33200ab2369c15726a64345ab47ad552>@@@Z
??$_Test_callable@V<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@std@@YA_NAEBV<lambda_3d35ed2e4f86a0429d3cd21713519f60>@@@Z
??$_Test_callable@V<lambda_44d9605cbaf890617173287bcea56ade>@@@std@@YA_NAEBV<lambda_44d9605cbaf890617173287bcea56ade>@@@Z
??$_Test_callable@V<lambda_8df581c8bb36de47c79909e46e870bfd>@@@std@@YA_NAEBV<lambda_8df581c8bb36de47c79909e46e870bfd>@@@Z
??$_Test_callable@V<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@std@@YA_NAEBV<lambda_9bf5cb3f8d8986615caa94b1d1f5b1f8>@@@Z
??$_Test_callable@V<lambda_9d1c9c5d90e74d33956717003aaa6ed0>@@@std@@YA_NAEBV<lambda_9d1c9c5d90e74d33956717003aaa6ed0>@@@Z
??$_Test_callable@V<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@std@@YA_NAEBV<lambda_ac44ae37bf5e222162f69c7605a31bd2>@@@Z
??$_Test_callable@V<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@std@@YA_NAEBV<lambda_c6fae162484bf4df6e6fec8f96f22ec4>@@@Z
??$_Test_callable@V<lambda_cb687b8e883feb53e109fb9ece410e09>@@@std@@YA_NAEBV<lambda_cb687b8e883feb53e109fb9ece410e09>@@@Z
??$_Test_callable@V<lambda_ce4ab2fba76bc2f880b0ab216166f370>@@@std@@YA_NAEBV<lambda_ce4ab2fba76bc2f880b0ab216166f370>@@@Z
??$_Test_callable@V<lambda_d3dda4480cdb0551e16312e2ced6787e>@@@std@@YA_NAEBV<lambda_d3dda4480cdb0551e16312e2ced6787e>@@@Z
??$_Test_callable@V<lambda_dc2cad0ea317a577afc5453c6ccba38b>@@@std@@YA_NAEBV<lambda_dc2cad0ea317a577afc5453c6ccba38b>@@@Z
??$_To_absolute_time@_JU?$ratio@$00$0DOI@@std@@@std@@YA?A_PAEBV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@0@@Z
??$_To_absolute_time@_JU?$ratio@$00$0PECEA@@std@@@std@@YA?A_PAEBV?$duration@_JU?$ratio@$00$0PECEA@@std@@@chrono@0@@Z
??$_To_xtime_10_day_clamped@_JU?$ratio@$00$0DLJKMKAA@@std@@@std@@YA_NAEAUxtime@@AEBV?$duration@_JU?$ratio@$00$0DLJKMKAA@@std@@@chrono@0@@Z
??$_To_xtime_10_day_clamped@_JU?$ratio@$00$0DOI@@std@@@std@@YA_NAEAUxtime@@AEBV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@0@@Z
??$_UIntegral_to_buff@DI@std@@YAPEADPEADI@Z
??$_UIntegral_to_buff@DK@std@@YAPEADPEADK@Z
??$_UIntegral_to_buff@D_K@std@@YAPEADPEAD_K@Z
??$_UIntegral_to_string@DI@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@I@Z
??$_UIntegral_to_string@DK@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@K@Z
??$_UIntegral_to_string@D_K@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@_K@Z
??$_Uninitialized_copy@PEAVpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@YAPEAVpromise_value@v7@owl@@QEAV123@0PEAV123@AEAV?$allocator@Vpromise_value@v7@owl@@@0@@Z
??$_Uninitialized_move@PEAUschedule_item_t@v7@owl@@V?$allocator@Uschedule_item_t@v7@owl@@@std@@@std@@YAPEAUschedule_item_t@v7@owl@@QEAU123@0PEAU123@AEAV?$allocator@Uschedule_item_t@v7@owl@@@0@@Z
??$_Uninitialized_move@PEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@YAPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@QEAV10@0PEAV10@AEAV?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@0@@Z
??$_Uninitialized_value_construct_n_unchecked1@PEAPEAI_K@std@@YAPEAPEAIPEAPEAI_K@Z
??$_Uninitialized_value_construct_n_unchecked1@PEAPEAV?$function@$$A6AXXZ@std@@_K@std@@YAPEAPEAV?$function@$$A6AXXZ@0@PEAPEAV10@_K@Z
??$_Uninitialized_value_construct_n_unchecked1@PEAPEA_K_K@std@@YAPEAPEA_KPEAPEA_K_K@Z
??$_Wait_until@V?$unique_lock@Vrecursive_mutex@std@@@std@@@condition_variable_any@std@@AEAA?AW4cv_status@1@AEAV?$unique_lock@Vrecursive_mutex@std@@@1@QEBUxtime@@@Z
??$_Zero_range@PEAPEAI@std@@YAPEAPEAIQEAPEAI0@Z
??$_Zero_range@PEAPEAV?$function@$$A6AXXZ@std@@@std@@YAPEAPEAV?$function@$$A6AXXZ@0@QEAPEAV10@0@Z
??$_Zero_range@PEAPEA_K@std@@YAPEAPEA_KQEAPEA_K0@Z
??$any_cast@V?$tuple@Vexception_ptr@std@@@std@@@v7@owl@@YAAEAV?$tuple@Vexception_ptr@std@@@std@@AEAVtuple_any@01@@Z
??$append@D@?$buffer@D@detail@owl@fmt@@QEAAXPEBD0@Z
??$append@_W@?$buffer@_W@detail@owl@fmt@@QEAAXPEB_W0@Z
??$append_format@HGUconfig@udp_server@v7@owl@@@log_string@v7@zlog@@QEAAAEAV012@PEBDAEBHAEBGAEBUconfig@udp_server@1owl@@@Z
??$append_format@PEAVco_scope@v7@owl@@Vco_options@23@@log_string@v7@zlog@@QEAAAEAV012@PEBDAEBQEAVco_scope@1owl@@AEBVco_options@14@@Z
??$append_format@Uthread_pool_config@v7@owl@@@log_string@v7@zlog@@QEAAAEAV012@PEBDAEBUthread_pool_config@1owl@@@Z
??$append_format@V?$shared_ptr@Vco_job_base@v7@owl@@@std@@V?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@2@@log_string@v7@zlog@@QEAAAEAV012@PEBDAEBV?$shared_ptr@Vco_job_base@v7@owl@@@std@@AEBV?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@4@@Z
??$append_format_ex@$$BY05D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY05$$CBD@Z
??$append_format_ex@$$BY08D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY08$$CBD@Z
??$append_format_ex@$$BY0BA@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BA@$$CBD@Z
??$append_format_ex@$$BY0BB@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BB@$$CBD@Z
??$append_format_ex@$$BY0BC@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BC@$$CBD@Z
??$append_format_ex@$$BY0BD@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BD@$$CBD@Z
??$append_format_ex@$$BY0BI@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BI@$$CBD@Z
??$append_format_ex@$$BY0BK@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BK@$$CBD@Z
??$append_format_ex@$$BY0BN@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BN@$$CBD@Z
??$append_format_ex@$$BY0BO@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0BO@$$CBD@Z
??$append_format_ex@$$BY0CB@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0CB@$$CBD@Z
??$append_format_ex@$$BY0CC@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0CC@$$CBD@Z
??$append_format_ex@$$BY0CD@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0CD@$$CBD@Z
??$append_format_ex@$$BY0CE@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0CE@$$CBD@Z
??$append_format_ex@$$BY0DE@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0DE@$$CBD@Z
??$append_format_ex@$$BY0DF@D@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEAY0DF@$$CBD@Z
??$append_format_ex@$$V@log_string@v7@zlog@@QEAAAEAV012@PEBD0@Z
??$append_format_ex@H@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEBH@Z
??$append_format_ex@HH@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEBH1@Z
??$append_format_ex@U?$atomic@_N@std@@U12@U12@@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEBU?$atomic@_N@std@@11@Z
??$append_format_ex@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$append_format_ex@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HU?$atomic@_N@2@@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEB_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBHAEBU?$atomic@_N@4@@Z
??$append_format_ex@_K_K@log_string@v7@zlog@@QEAAAEAV012@PEBD0AEB_K1@Z
??$apply@AEAV?$function@$$A6AXXZ@v7@owl@@AEAV?$tuple@$$V@std@@@v7@owl@@YA?A_TAEAV?$function@$$A6AXXZ@01@AEAV?$tuple@$$V@std@@@Z
??$apply@Vappender@owl@fmt@@D@?$digit_grouping@D@detail@owl@fmt@@QEBA?AVappender@23@V423@V?$basic_string_view@D@23@@Z
??$apply_1_move@A6AXAEAUfunction_holder@v7@owl@@$$QEAPEAVco_job_base@23@@ZAEAU123@AEAV?$tuple@PEAVco_job_base@v7@owl@@@std@@@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEAPEAVco_job_base@01@@Z0AEAV?$tuple@PEAVco_job_base@v7@owl@@@std@@@Z
??$apply_1_move@A6AXAEAUfunction_holder@v7@owl@@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAH@ZAEAU123@AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@5@@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAH@Z0AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@4@@Z
??$apply_1_move@A6AXAEAUfunction_holder@v7@owl@@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAW4co_status_t@23@3@ZAEAU123@AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4co_status_t@v7@owl@@W4345@@5@@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAW4co_status_t@01@3@Z0AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4co_status_t@v7@owl@@W4345@@4@@Z
??$apply_1_move@A6AXAEAUfunction_holder@v7@owl@@@ZAEAU123@AEAV?$tuple@$$V@std@@@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@@Z0AEAV?$tuple@$$V@std@@@Z
??$apply_1_move_impl@A6AXAEAUfunction_holder@v7@owl@@$$QEAPEAVco_job_base@23@@ZAEAU123@AEAV?$tuple@PEAVco_job_base@v7@owl@@@std@@$0A@@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEAPEAVco_job_base@01@@Z0AEAV?$tuple@PEAVco_job_base@v7@owl@@@std@@U?$integer_sequence@_K$0A@@5@@Z
??$apply_1_move_impl@A6AXAEAUfunction_holder@v7@owl@@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAH@ZAEAU123@AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@5@$0A@$00$01@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAH@Z0AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@4@U?$integer_sequence@_K$0A@$00$01@4@@Z
??$apply_1_move_impl@A6AXAEAUfunction_holder@v7@owl@@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAW4co_status_t@23@3@ZAEAU123@AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4co_status_t@v7@owl@@W4345@@5@$0A@$00$01$02@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@$$QEA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QEAW4co_status_t@01@3@Z0AEAV?$tuple@_KV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4co_status_t@v7@owl@@W4345@@4@U?$integer_sequence@_K$0A@$00$01$02@4@@Z
??$apply_1_move_impl@A6AXAEAUfunction_holder@v7@owl@@@ZAEAU123@AEAV?$tuple@$$V@std@@$S@v7@owl@@YA?A_TA6AXAEAUfunction_holder@01@@Z0AEAV?$tuple@$$V@std@@U?$integer_sequence@_K$S@4@@Z
??$apply_impl@AEAV?$function@$$A6AXXZ@v7@owl@@AEAV?$tuple@$$V@std@@$S@v7@owl@@YA?A_TAEAV?$function@$$A6AXXZ@01@AEAV?$tuple@$$V@std@@U?$integer_sequence@_K$S@4@@Z
??$async_after@V<lambda_44d9605cbaf890617173287bcea56ade>@@$0A@@dispatcher_base@v7@owl@@QEAA_KI$$QEAV<lambda_44d9605cbaf890617173287bcea56ade>@@@Z
??$async_after@V<lambda_9d1c9c5d90e74d33956717003aaa6ed0>@@$0A@@dispatcher_base@v7@owl@@QEAA_KI$$QEAV<lambda_9d1c9c5d90e74d33956717003aaa6ed0>@@@Z
??$await_and_set_errno_ex@HH@v7@owl@@YAHAEAV?$promise2@HH@01@@Z
??$await_and_set_errno_ex@_JH@v7@owl@@YA_JAEAV?$promise2@_JH@01@@Z
??$await_and_set_h_errno@PEAUhostent@@H@v7@owl@@YAPEAUhostent@@AEAV?$promise2@PEAUhostent@@H@01@@Z
??$bit_cast@IM$0A@@detail@owl@fmt@@YAIAEBM@Z
??$bit_cast@_KN$0A@@detail@owl@fmt@@YA_KAEBN@Z
??$bit_cast@_KO$0A@@detail@owl@fmt@@YA_KAEBO@Z
??$bit_cast@_KPEBD$0A@@detail@owl@fmt@@YA_KAEBQEBD@Z
??$bit_cast@_KPEBX$0A@@detail@owl@fmt@@YA_KAEBQEBX@Z
??$check_divisibility_and_divide_by_pow10@$00@dragonbox@detail@owl@fmt@@YA_NAEAI@Z
??$check_divisibility_and_divide_by_pow10@$01@dragonbox@detail@owl@fmt@@YA_NAEAI@Z
??$check_format_string@$$VUFMT_COMPILE_STRING@?1???R<lambda_ba53e2fd5943bbc5cfd037534818aa88>@@QEBA@XZ@$0A@@detail@owl@fmt@@YAXUFMT_COMPILE_STRING@?1???R<lambda_ba53e2fd5943bbc5cfd037534818aa88>@@QEBA@XZ@@Z
??$co_invoke_@A6A_JHPEAX_KH@ZAEAHAEAPEAXAEA_K@v7@owl@@YA_JPEBDA6A_JHPEAX_KH@ZHAEAHAEAPEAXAEA_K@Z
??$co_invoke_@A6A_JHPEAX_KHH@ZAEAHAEAPEAXAEA_KAEAH@v7@owl@@YA_JPEBDA6A_JHPEAX_KHH@ZHAEAHAEAPEAXAEA_K4@Z
??$co_invoke_@A6A_JHPEAX_KHPEAUsockaddr@@PEAHH@ZAEAHAEAPEAXAEA_KAEAHAEAPEAU1@AEAPEAH@v7@owl@@YA_JPEBDA6A_JHPEAX_KHPEAUsockaddr@@PEAHH@ZHAEAHAEAPEAXAEA_K6AEAPEAU2@AEAPEAH@Z
??$co_invoke_@A6A_JHPEBX_KH@ZAEAHAEAPEBXAEA_K@v7@owl@@YA_JPEBDA6A_JHPEBX_KH@ZHAEAHAEAPEBXAEA_K@Z
??$co_invoke_@A6A_JHPEBX_KHH@ZAEAHAEAPEBXAEA_KAEAH@v7@owl@@YA_JPEBDA6A_JHPEBX_KHH@ZHAEAHAEAPEBXAEA_K4@Z
??$co_invoke_@A6A_JHPEBX_KHPEBUsockaddr@@HH@ZAEAHAEAPEBXAEA_KAEAHAEAPEBU1@AEAH@v7@owl@@YA_JPEBDA6A_JHPEBX_KHPEBUsockaddr@@HH@ZHAEAHAEAPEBXAEA_K5AEAPEBU2@5@Z
??$co_select@AEAV?$promise2@HHPEAUaddrinfo@@@v7@owl@@Vpromise@23@@v7@owl@@YA_KAEAV?$promise2@HHPEAUaddrinfo@@@01@$$QEAVpromise@01@@Z
??$co_select@AEAV?$promise2@HHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@v7@owl@@Vpromise@23@@v7@owl@@YA_KAEAV?$promise2@HHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@01@$$QEAVpromise@01@@Z
??$co_select@AEAV?$promise2@PEAUhostent@@H@v7@owl@@Vpromise@23@@v7@owl@@YA_KAEAV?$promise2@PEAUhostent@@H@01@$$QEAVpromise@01@@Z
??$co_select_n@AEAV?$promise2@HHPEAUaddrinfo@@@v7@owl@@Vpromise@23@@v7@owl@@YA?AV?$vector@_KV?$allocator@_K@std@@@std@@_KAEAV?$promise2@HHPEAUaddrinfo@@@01@$$QEAVpromise@01@@Z
??$co_select_n@AEAV?$promise2@HHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@v7@owl@@Vpromise@23@@v7@owl@@YA?AV?$vector@_KV?$allocator@_K@std@@@std@@_KAEAV?$promise2@HHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@01@$$QEAVpromise@01@@Z
??$co_select_n@AEAV?$promise2@PEAUhostent@@H@v7@owl@@Vpromise@23@@v7@owl@@YA?AV?$vector@_KV?$allocator@_K@std@@@std@@_KAEAV?$promise2@PEAUhostent@@H@01@$$QEAVpromise@01@@Z
??$co_suspend@_J@v7@owl@@YA_JXZ
??$convert_for_visit@W4int128_opt@detail@owl@fmt@@@detail@owl@fmt@@YA?AUmonostate@12@W4int128_opt@012@@Z
??$convert_for_visit@W4uint128_opt@detail@owl@fmt@@@detail@owl@fmt@@YA?AUmonostate@12@W4uint128_opt@012@@Z
??$copy_str@DPEAD@detail@owl@fmt@@YA?AVappender@12@PEAD0V312@@Z
??$copy_str@DPEBD@detail@owl@fmt@@YA?AVappender@12@PEBD0V312@@Z
??$decimal_point@D@detail@owl@fmt@@YADVlocale_ref@012@@Z
??$decimal_point_impl@D@detail@owl@fmt@@YADVlocale_ref@012@@Z
??$decimal_point_impl@_W@detail@owl@fmt@@YA_WVlocale_ref@012@@Z
??$do_append_format_typesafe_@$$V@log_string@v7@zlog@@AEAAAEAV012@PEBD0@Z
??$do_append_format_typesafe_@HGV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@log_string@v7@zlog@@AEAAAEAV012@PEBD0AEBHAEBGAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$do_append_format_typesafe_@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@log_string@v7@zlog@@AEAAAEAV012@PEBD0AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$do_parse_arg_id@DAEAUid_adapter@?1???$parse_replacement_field@DAEAUformat_handler@?1???$vformat_to@D@detail@owl@fmt@@YAXAEAV?$buffer@D@234@V?$basic_string_view@D@34@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Vlocale_ref@234@@Z@@detail@owl@fmt@@YAPEBDPEBD0AEAUformat_handler@?1???$vformat_to@D@234@YAXAEAV?$buffer@D@234@V?$basic_string_view@D@34@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Vlocale_ref@234@@Z@@Z@@detail@owl@fmt@@YAPEBDPEBD0AEAUid_adapter@?1???$parse_replacement_field@DAEAUformat_handler@?1???$vformat_to@D@detail@owl@fmt@@YAXAEAV?$buffer@D@234@V?$basic_string_view@D@34@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Vlocale_ref@234@@Z@@012@YAPEBD00AEAUformat_handler@?1???$vformat_to@D@012@YAXAEAV?$buffer@D@012@V?$basic_string_view@D@12@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Vlocale_ref@012@@Z@@Z@@Z
??$do_parse_arg_id@DAEAUprecision_adapter@?1???$parse_precision@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YAPEBDPEBD0AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@234@@Z@@detail@owl@fmt@@YAPEBDPEBD0AEAUprecision_adapter@?1???$parse_precision@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@012@YAPEBD00AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@012@@Z@@Z
??$do_parse_arg_id@DAEAUwidth_adapter@?1???$parse_width@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YAPEBDPEBD0AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@234@@Z@@detail@owl@fmt@@YAPEBDPEBD0AEAUwidth_adapter@?1???$parse_width@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@012@YAPEBD00AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@012@@Z@@Z
??$do_resume_now@AEA_J@coroutine@v7@owl@@QEAAXAEA_J@Z
??$do_write_float@Vappender@owl@fmt@@U?$decimal_fp@M@dragonbox@detail@23@DV?$digit_grouping@D@623@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@M@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$do_write_float@Vappender@owl@fmt@@U?$decimal_fp@M@dragonbox@detail@23@DV?$fallback_digit_grouping@D@623@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@M@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$do_write_float@Vappender@owl@fmt@@U?$decimal_fp@N@dragonbox@detail@23@DV?$digit_grouping@D@623@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@N@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$do_write_float@Vappender@owl@fmt@@U?$decimal_fp@N@dragonbox@detail@23@DV?$fallback_digit_grouping@D@623@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@N@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$do_write_float@Vappender@owl@fmt@@Ubig_decimal_fp@detail@23@DV?$digit_grouping@D@523@@detail@owl@fmt@@YA?AVappender@12@V312@AEBUbig_decimal_fp@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$do_write_float@Vappender@owl@fmt@@Ubig_decimal_fp@detail@23@DV?$fallback_digit_grouping@D@523@@detail@owl@fmt@@YA?AVappender@12@V312@AEBUbig_decimal_fp@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$emplace@AEBVtype_info@@V?$unique_ptr@Vcontainer_activator@ioc@v7@owl@@U?$default_delete@Vcontainer_activator@ioc@v7@owl@@@std@@@std@@@?$_Hash@V?$_Umap_traits@Vtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@V?$_Uhash_compare@Vtype_index@std@@U?$hash@Vtype_index@std@@@2@U?$equal_to@Vtype_index@std@@@2@@2@V?$allocator@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@2@$0A@@std@@@std@@QEAA?AU?$pair@V?$_List_iterator@V?$_List_val@U?$_List_simple_types@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@std@@@std@@@std@@_N@1@AEBVtype_info@@$$QEAV?$unique_ptr@Vcontainer_activator@ioc@v7@owl@@U?$default_delete@Vcontainer_activator@ioc@v7@owl@@@std@@@1@@Z
??$emplace@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@QEAA?AV?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@std@@@1@V?$_Vector_const_iterator@V?$_Vector_val@U?$_Simple_types@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@std@@@1@$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??$fill@PEAV?$_List_unchecked_iterator@V?$_List_val@U?$_List_simple_types@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@std@@@std@@@std@@V12@@std@@YAXQEAV?$_List_unchecked_iterator@V?$_List_val@U?$_List_simple_types@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@std@@@std@@@0@0AEBV10@@Z
??$fill_n@DH@detail@owl@fmt@@YAPEADPEADHD@Z
??$fill_n@D_K@detail@owl@fmt@@YAPEADPEAD_KD@Z
??$find_escape@D@detail@owl@fmt@@YA?AU?$find_escape_result@D@012@PEBD0@Z
??$for_each_codepoint@Ucount_code_points@?1??compute_width@detail@owl@fmt@@YA_KV?$basic_string_view@D@45@@Z@@detail@owl@fmt@@YAXV?$basic_string_view@D@12@Ucount_code_points@?1??compute_width@012@YA_K0@Z@@Z
??$for_each_codepoint@V<lambda_95d4119f2d6c891dc6eb25460e97a1f8>@@@detail@owl@fmt@@YAXV?$basic_string_view@D@12@V<lambda_95d4119f2d6c891dc6eb25460e97a1f8>@@@Z
??$format@$$V@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD@Z
??$format@AEAG@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAG@Z
??$format@AEAH@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAH@Z
??$format@AEAHAEAGAEBUconfig@tcp_server@v7@owl@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAHAEAGAEBUconfig@tcp_server@0owl@@@Z
??$format@AEAHAEAGAEBUconfig@udp_server@v7@owl@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAHAEAGAEBUconfig@udp_server@0owl@@@Z
??$format@AEAHAEAPEBD@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAHAEAPEBD@Z
??$format@AEAHAEAPEBDAEBUconfig@tcp_server@v7@owl@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAHAEAPEBDAEBUconfig@tcp_server@0owl@@@Z
??$format@AEAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAHAEBV23@@Z
??$format@AEAPEAVco_scope@v7@owl@@AEBVco_options@23@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAPEAVco_scope@0owl@@AEBVco_options@05@@Z
??$format@AEAPEBD@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAPEBD@Z
??$format@AEAPEBDAEAPEBDAEAH@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAPEBD1AEAH@Z
??$format@AEAUthread_pool_config@v7@owl@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAUthread_pool_config@0owl@@@Z
??$format@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAV23@@Z
??$format@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAG@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAV23@AEAG@Z
??$format@AEAV?$shared_ptr@Vco_job_base@v7@owl@@@std@@AEAV?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@2@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEAV?$shared_ptr@Vco_job_base@v7@owl@@@3@AEAV?$shared_ptr@V?$co_channel@V?$function@$$A6AXXZ@std@@@v7@owl@@@3@@Z
??$format@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDAEBV23@@Z
??$format@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD$$QEAV23@@Z
??$format_decimal@DI@detail@owl@fmt@@YA?AU?$format_decimal_result@PEAD@012@PEADIH@Z
??$format_decimal@DIVappender@owl@fmt@@$0A@@detail@owl@fmt@@YA?AU?$format_decimal_result@Vappender@owl@fmt@@@012@Vappender@12@IH@Z
??$format_decimal@D_K@detail@owl@fmt@@YA?AU?$format_decimal_result@PEAD@012@PEAD_KH@Z
??$format_decimal@D_KVappender@owl@fmt@@$0A@@detail@owl@fmt@@YA?AU?$format_decimal_result@Vappender@owl@fmt@@@012@Vappender@12@_KH@Z
??$format_ex@$$V@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD0@Z
??$format_ex@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD0AEAV23@@Z
??$format_ex@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAIAEAI@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD0AEAV23@AEAI2@Z
??$format_ex@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@v7@zlog@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD0$$QEAV23@@Z
??$format_float@N@detail@owl@fmt@@YAHNHUfloat_specs@012@AEAV?$buffer@D@012@@Z
??$format_uint@$03DVappender@owl@fmt@@_K@detail@owl@fmt@@YA?AVappender@12@V312@_KH_N@Z
??$get@$0A@Vexception_ptr@std@@@std@@YAAEAVexception_ptr@0@AEAV?$tuple@Vexception_ptr@std@@@0@@Z
??$get@HH$0A@@promise@v7@owl@@QEBAAEAV?$tuple@HH@std@@XZ
??$get@Vlocale@std@@@locale_ref@detail@owl@fmt@@QEBA?AVlocale@std@@XZ
??$get_buffer@DV?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@detail@owl@fmt@@YA?AV?$iterator_buffer@V?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@DUbuffer_traits@detail@owl@fmt@@@012@V?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@Z
??$get_dynamic_spec@Vprecision_checker@detail@owl@fmt@@V?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Uerror_handler@234@@detail@owl@fmt@@YAHV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Uerror_handler@012@@Z
??$get_dynamic_spec@Vwidth_checker@detail@owl@fmt@@V?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Uerror_handler@234@@detail@owl@fmt@@YAHV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Uerror_handler@012@@Z
??$get_id@D@?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@owl@fmt@@QEBAHV?$basic_string_view@D@12@@Z
??$get_iterator@D@detail@owl@fmt@@YA?AVappender@12@AEAV?$buffer@D@012@@Z
??$get_iterator@V?$iterator_buffer@V?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@DUbuffer_traits@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YA?AV?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@AEAV?$iterator_buffer@V?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@DUbuffer_traits@detail@owl@fmt@@@012@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAEAV?$basic_istream@DU?$char_traits@D@std@@@0@$$QEAV10@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAEAV?$basic_istream@DU?$char_traits@D@std@@@0@AEAV10@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$insert@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@v7@owl@@YAXAEAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
??$is_left_endpoint_integer_shorter_interval@M@dragonbox@detail@owl@fmt@@YA_NH@Z
??$is_left_endpoint_integer_shorter_interval@N@dragonbox@detail@owl@fmt@@YA_NH@Z
??$isfinite@M$0A@@detail@owl@fmt@@YA_NM@Z
??$isfinite@N$0A@@detail@owl@fmt@@YA_NN@Z
??$isfinite@O$0A@@detail@owl@fmt@@YA_NO@Z
??$join@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@$0A@@v7@owl@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@AEBV23@@Z
??$make_exception_ptr@Vfuture_error@std@@@std@@YA?AVexception_ptr@0@Vfuture_error@0@@Z
??$make_shared@Upromise_all_state@v7@owl@@AEB_K@std@@YA?AV?$shared_ptr@Upromise_all_state@v7@owl@@@0@AEB_K@Z
??$make_shared@Usocket_address_t@v7@owl@@$$V@std@@YA?AV?$shared_ptr@Usocket_address_t@v7@owl@@@0@XZ
??$make_shared@Vpromise_impl@v7@owl@@$$V@std@@YA?AV?$shared_ptr@Vpromise_impl@v7@owl@@@0@XZ
??$make_shared@Vtcp_socket@v7@owl@@AEAHPEBUsockaddr@@AEAH@std@@YA?AV?$shared_ptr@Vtcp_socket@v7@owl@@@0@AEAH$$QEAPEBUsockaddr@@0@Z
??$make_unique@Vcontainer_activator@ioc@v7@owl@@$$V$0A@@std@@YA?AV?$unique_ptr@Vcontainer_activator@ioc@v7@owl@@U?$default_delete@Vcontainer_activator@ioc@v7@owl@@@std@@@0@XZ
??$multiply@Vuint128_fallback@detail@owl@fmt@@$0A@@bigint@detail@owl@fmt@@AEAAXVuint128_fallback@123@@Z
??$new_allocator_with_capacity_@Vfixed_block_allocator@v7@owl@@PEAX_K_K@v7@owl@@YAPEAVallocator@01@_KPEAX00@Z
??$new_allocator_with_capacity_@Vheap_allocator@v7@owl@@_K@v7@owl@@YAPEAVallocator@01@_K0@Z
??$new_allocator_with_capacity_@Vmmap_allocator@v7@owl@@_K@v7@owl@@YAPEAVallocator@01@_K0@Z
??$new_allocator_with_capacity_@Vmmap_fixed_block_allocator@v7@owl@@_K_K_K@v7@owl@@YAPEAVallocator@01@_K000@Z
??$new_allocator_with_capacity_@Vshared_stack_allocator@v7@owl@@PEAX_K@v7@owl@@YAPEAVallocator@01@_KPEAX0@Z
??$parse_float_type_spec@Uerror_handler@detail@owl@fmt@@D@detail@owl@fmt@@YA?AUfloat_specs@012@AEBU?$basic_format_specs@D@12@$$QEAUerror_handler@012@@Z
??$parse_format_specs@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YAPEBDPEBD0AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@012@@Z
??$parse_format_string@$0A@DUformat_handler@?1???$vformat_to@D@detail@owl@fmt@@YAXAEAV?$buffer@D@234@V?$basic_string_view@D@34@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Vlocale_ref@234@@Z@@detail@owl@fmt@@YAXV?$basic_string_view@D@12@$$QEAUformat_handler@?1???$vformat_to@D@012@YAXAEAV?$buffer@D@012@0V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Vlocale_ref@012@@Z@@Z
??$parse_precision@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YAPEBDPEBD0AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@012@@Z
??$parse_presentation_type@D@detail@owl@fmt@@YA?AW4presentation_type@12@D@Z
??$parse_replacement_field@DAEAUformat_handler@?1???$vformat_to@D@detail@owl@fmt@@YAXAEAV?$buffer@D@234@V?$basic_string_view@D@34@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@34@Vlocale_ref@234@@Z@@detail@owl@fmt@@YAPEBDPEBD0AEAUformat_handler@?1???$vformat_to@D@012@YAXAEAV?$buffer@D@012@V?$basic_string_view@D@12@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Vlocale_ref@012@@Z@@Z
??$parse_width@DAEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@detail@owl@fmt@@@detail@owl@fmt@@YAPEBDPEBD0AEAV?$specs_checker@V?$specs_handler@D@detail@owl@fmt@@@012@@Z
??$push_heap@V?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@Uschedule_item_t@v7@owl@@@std@@@std@@@std@@U?$greater@X@2@@std@@YAXV?$_Vector_iterator@V?$_Vector_val@U?$_Simple_types@Uschedule_item_t@v7@owl@@@std@@@std@@@0@0U?$greater@X@0@@Z
??$reject@V?$vector@Vpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@@deferred@v7@owl@@QEBAX$$QEAV?$vector@Vpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@@Z
??$reject@Vexception_ptr@std@@@deferred@v7@owl@@QEBAX$$QEAVexception_ptr@std@@@Z
??$reset@Vallocator@v7@owl@@@?$shared_ptr@Vallocator@v7@owl@@@std@@QEAAXPEAVallocator@v7@owl@@@Z
??$resolve@V?$vector@Vpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@@deferred@v7@owl@@QEBAX$$QEAV?$vector@Vpromise_value@v7@owl@@V?$allocator@Vpromise_value@v7@owl@@@std@@@std@@@Z
??$resolve@V?$vector@_KV?$allocator@_K@std@@@std@@@deferred@v7@owl@@QEBAX$$QEAV?$vector@_KV?$allocator@_K@std@@@std@@@Z
??$send_noexcept_@_K@?$co_channel@_K@v7@owl@@AEAAH$$QEA_KH@Z
??$shorter_interval_case@M@dragonbox@detail@owl@fmt@@YA?AU?$decimal_fp@M@0123@H@Z
??$shorter_interval_case@N@dragonbox@detail@owl@fmt@@YA?AU?$decimal_fp@N@0123@H@Z
??$sleep_for@_JU?$ratio@$00$0DOI@@std@@@this_thread@std@@YAXAEBV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@1@@Z
??$sleep_for@_JU?$ratio@$00$0PECEA@@std@@@this_thread@std@@YAXAEBV?$duration@_JU?$ratio@$00$0PECEA@@std@@@chrono@1@@Z
??$sleep_until@Usteady_clock@chrono@std@@V?$duration@_JU?$ratio@$00$0DLJKMKAA@@std@@@23@@this_thread@std@@YAXAEBV?$time_point@Usteady_clock@chrono@std@@V?$duration@_JU?$ratio@$00$0DLJKMKAA@@std@@@23@@chrono@1@@Z
??$snprintf_float@N@detail@owl@fmt@@YAHNHUfloat_specs@012@AEAV?$buffer@D@012@@Z
??$split@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@v7@owl@@YA_KAEAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@1H_N@Z
??$split_ex@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@v7@owl@@YA_KAEAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@1H@Z
??$start@HH@socket_wrapper@v7@owl@@SAXV?$deferred2@HH@12@HHHV?$function@$$A6AXHH@Z@std@@@Z
??$start@_JH@socket_wrapper@v7@owl@@SAXV?$deferred2@_JH@12@HHHV?$function@$$A6AXHH@Z@std@@@Z
??$static_pointer_cast@XVcontainer@ioc@v7@owl@@@std@@YA?AV?$shared_ptr@X@0@$$QEAV?$shared_ptr@Vcontainer@ioc@v7@owl@@@0@@Z
??$system_error@$$V@owl@fmt@@YA?AVsystem_error@std@@HV?$basic_format_string@D$$V@01@@Z
??$system_error@AEAH@owl@fmt@@YA?AVsystem_error@std@@HV?$basic_format_string@DAEAH@01@AEAH@Z
??$system_error@AEAHAEAH@owl@fmt@@YA?AVsystem_error@std@@HV?$basic_format_string@DAEAHAEAH@01@AEAH1@Z
??$system_error@PEBD@owl@fmt@@YA?AVsystem_error@std@@HV?$basic_format_string@DPEBD@01@$$QEAPEBD@Z
??$thousands_sep@D@detail@owl@fmt@@YA?AU?$thousands_sep_result@D@012@Vlocale_ref@012@@Z
??$thousands_sep_impl@D@detail@owl@fmt@@YA?AU?$thousands_sep_result@D@012@Vlocale_ref@012@@Z
??$thousands_sep_impl@_W@detail@owl@fmt@@YA?AU?$thousands_sep_result@_W@012@Vlocale_ref@012@@Z
??$to_decimal@M@dragonbox@detail@owl@fmt@@YA?AU?$decimal_fp@M@0123@M@Z
??$to_decimal@N@dragonbox@detail@owl@fmt@@YA?AU?$decimal_fp@N@0123@N@Z
??$to_pointer@D@detail@owl@fmt@@YAPEADVappender@12@_K@Z
??$to_string@D$0BPE@@owl@fmt@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$basic_memory_buffer@D$0BPE@V?$allocator@D@std@@@01@@Z
??$udt_to_string_@U?$atomic@H@std@@$0A@@log_string@v7@zlog@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBU?$atomic@H@4@@Z
??$udt_to_string_@Uconfig@tcp_server@v7@owl@@$0A@@log_string@v7@zlog@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBUconfig@tcp_server@1owl@@@Z
??$udt_to_string_@W4task_type@v7@owl@@$0A@@log_string@v7@zlog@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBW4task_type@1owl@@@Z
??$uninitialized_copy@PEADPEAD@std@@YAPEADQEAD0PEAD@Z
??$uninitialized_copy@PEAHPEAH@std@@YAPEAHQEAH0PEAH@Z
??$uninitialized_copy@PEAIPEAI@std@@YAPEAIQEAI0PEAI@Z
??$uninitialized_copy@PEAPEAIPEAPEAI@std@@YAPEAPEAIQEAPEAI0PEAPEAI@Z
??$uninitialized_copy@PEAPEAV?$function@$$A6AXXZ@std@@PEAPEAV12@@std@@YAPEAPEAV?$function@$$A6AXXZ@0@QEAPEAV10@0PEAPEAV10@@Z
??$uninitialized_copy@PEAPEA_KPEAPEA_K@std@@YAPEAPEA_KQEAPEA_K0PEAPEA_K@Z
??$uninitialized_copy@PEA_WPEA_W@std@@YAPEA_WQEA_W0PEA_W@Z
??$uninitialized_copy_n@PEBD_KPEAD@std@@YAPEADQEBD_KPEAD@Z
??$uninitialized_copy_n@PEB_W_KPEA_W@std@@YAPEA_WQEB_W_KPEA_W@Z
??$uninitialized_fill@PEAV?$_List_unchecked_iterator@V?$_List_val@U?$_List_simple_types@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@std@@@std@@@std@@V12@@std@@YAXQEAV?$_List_unchecked_iterator@V?$_List_val@U?$_List_simple_types@U?$pair@$$CBVtype_index@std@@V?$unique_ptr@Uactivator@ioc@v7@owl@@U?$default_delete@Uactivator@ioc@v7@owl@@@std@@@2@@std@@@std@@@std@@@0@0AEBV10@@Z
??$uninitialized_fill_n@PEAIHH@std@@YAPEAIPEAIHAEBH@Z
??$unsafe_cast@P8?$_Func_class@X$$V@std@@EBAXXZP8alignment_dummy_u@v7@owl@@EAAXXZ@v7@owl@@YAP8?$_Func_class@X$$V@std@@EBAXXZP8alignment_dummy_u@01@EAAXXZ@Z
??$unsafe_cast@P8alignment_dummy_u@v7@owl@@EAAXXZP8?$_Func_class@X$$V@std@@EBAXXZ@v7@owl@@YAP8alignment_dummy_u@01@EAAXXZP8?$_Func_class@X$$V@std@@EBAXXZ@Z
??$unsafe_cast@P8alignment_dummy_u@v7@owl@@EAAXXZP8co_job_group@23@EAAXPEAVco_job_base@23@@Z@v7@owl@@YAP8alignment_dummy_u@01@EAAXXZP8co_job_group@01@EAAXPEAVco_job_base@01@@Z@Z
??$unsafe_cast@P8co_job_group@v7@owl@@EAAXPEAVco_job_base@23@@ZP8alignment_dummy_u@23@EAAXXZ@v7@owl@@YAP8co_job_group@01@EAAXPEAVco_job_base@01@@ZP8alignment_dummy_u@01@EAAXXZ@Z
??$use_facet@V?$codecvt@DDU_Mbstatet@@@std@@@std@@YAAEBV?$codecvt@DDU_Mbstatet@@@0@AEBVlocale@0@@Z
??$use_facet@V?$ctype@D@std@@@std@@YAAEBV?$ctype@D@0@AEBVlocale@0@@Z
??$use_facet@V?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@@std@@YAAEBV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@0@AEBVlocale@0@@Z
??$use_facet@V?$numpunct@D@std@@@std@@YAAEBV?$numpunct@D@0@AEBVlocale@0@@Z
??$use_facet@V?$numpunct@_W@std@@@std@@YAAEBV?$numpunct@_W@0@AEBVlocale@0@@Z
??$vformat_to@D@detail@owl@fmt@@YAXAEAV?$buffer@D@012@V?$basic_string_view@D@12@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@12@Vlocale_ref@012@@Z
??$vformat_to@V?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@$0A@@owl@fmt@@YA?AV?$back_insert_iterator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@V23@V?$basic_string_view@D@01@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$vformat_to@Vappender@owl@fmt@@$0A@@owl@fmt@@YA?AVappender@01@V201@V?$basic_string_view@D@01@V?$basic_format_args@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$visit_format_arg@AEAU?$arg_formatter@D@detail@owl@fmt@@V?$basic_format_context@Vappender@owl@fmt@@D@34@@owl@fmt@@YA?AVappender@01@AEAU?$arg_formatter@D@detail@01@AEBV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$visit_format_arg@U?$default_arg_formatter@D@detail@owl@fmt@@V?$basic_format_context@Vappender@owl@fmt@@D@34@@owl@fmt@@YA?AVappender@01@$$QEAU?$default_arg_formatter@D@detail@01@AEBV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$visit_format_arg@V?$precision_checker@Uerror_handler@detail@owl@fmt@@@detail@owl@fmt@@V?$basic_format_context@Vappender@owl@fmt@@D@34@@owl@fmt@@YA_K$$QEAV?$precision_checker@Uerror_handler@detail@owl@fmt@@@detail@01@AEBV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$visit_format_arg@V?$width_checker@Uerror_handler@detail@owl@fmt@@@detail@owl@fmt@@V?$basic_format_context@Vappender@owl@fmt@@D@34@@owl@fmt@@YA_K$$QEAV?$width_checker@Uerror_handler@detail@owl@fmt@@@detail@01@AEBV?$basic_format_arg@V?$basic_format_context@Vappender@owl@fmt@@D@owl@fmt@@@01@@Z
??$wait_for@_JU?$ratio@$00$0DOI@@std@@@condition_variable@std@@QEAA?AW4cv_status@1@AEAV?$unique_lock@Vmutex@std@@@1@AEBV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@1@@Z
??$wait_for@_JU?$ratio@$00$0DOI@@std@@U_Test_ready@?$_Associated_state@H@2@@condition_variable@std@@QEAA_NAEAV?$unique_lock@Vmutex@std@@@1@AEBV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@1@U_Test_ready@?$_Associated_state@H@1@@Z
??$windows_error@$$V@owl@fmt@@YA?AVsystem_error@std@@HV?$basic_string_view@D@01@@Z
??$write@DV?$back_insert_iterator@V?$buffer@D@detail@owl@fmt@@@std@@@detail@owl@fmt@@YA?AV?$back_insert_iterator@V?$buffer@D@detail@owl@fmt@@@std@@V34@PEBD@Z
??$write@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@DAEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@PEBD@Z
??$write@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@Umonostate@12@U?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@V?$basic_string_view@D@12@AEBU?$basic_format_specs@D@12@@Z
??$write@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@V?$basic_string_view@D@12@AEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@H$0A@@detail@owl@fmt@@YA?AVappender@12@V312@H@Z
??$write@DVappender@owl@fmt@@H$0A@@detail@owl@fmt@@YA?AVappender@12@V312@HAEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@I$0A@@detail@owl@fmt@@YA?AVappender@12@V312@I@Z
??$write@DVappender@owl@fmt@@M$0A@@detail@owl@fmt@@YA?AVappender@12@V312@M@Z
??$write@DVappender@owl@fmt@@M$0A@@detail@owl@fmt@@YA?AVappender@12@V312@MU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@N$0A@@detail@owl@fmt@@YA?AVappender@12@V312@N@Z
??$write@DVappender@owl@fmt@@N$0A@@detail@owl@fmt@@YA?AVappender@12@V312@NU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@O$0A@@detail@owl@fmt@@YA?AVappender@12@V312@O@Z
??$write@DVappender@owl@fmt@@O$0A@@detail@owl@fmt@@YA?AVappender@12@V312@OU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@X$0A@@detail@owl@fmt@@YA?AVappender@12@V312@PEBXAEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write@DVappender@owl@fmt@@_J$0A@@detail@owl@fmt@@YA?AVappender@12@V312@_J@Z
??$write@DVappender@owl@fmt@@_K$0A@@detail@owl@fmt@@YA?AVappender@12@V312@_K@Z
??$write@DVappender@owl@fmt@@_N$0A@@detail@owl@fmt@@YA?AVappender@12@V312@_NAEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write_char@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@DAEBU?$basic_format_specs@D@12@@Z
??$write_codepoint@$01DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@DI@Z
??$write_codepoint@$01DVcounting_iterator@detail@owl@fmt@@@detail@owl@fmt@@YA?AVcounting_iterator@012@V3012@DI@Z
??$write_codepoint@$03DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@DI@Z
??$write_codepoint@$03DVcounting_iterator@detail@owl@fmt@@@detail@owl@fmt@@YA?AVcounting_iterator@012@V3012@DI@Z
??$write_codepoint@$07DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@DI@Z
??$write_codepoint@$07DVcounting_iterator@detail@owl@fmt@@@detail@owl@fmt@@YA?AVcounting_iterator@012@V3012@DI@Z
??$write_escaped_char@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@D@Z
??$write_escaped_cp@Vappender@owl@fmt@@D@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$find_escape_result@D@012@@Z
??$write_escaped_cp@Vcounting_iterator@detail@owl@fmt@@D@detail@owl@fmt@@YA?AVcounting_iterator@012@V3012@AEBU?$find_escape_result@D@012@@Z
??$write_escaped_string@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@V?$basic_string_view@D@12@@Z
??$write_escaped_string@DVcounting_iterator@detail@owl@fmt@@@detail@owl@fmt@@YA?AVcounting_iterator@012@V3012@V?$basic_string_view@D@12@@Z
??$write_exponent@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@HV312@@Z
??$write_float@Vappender@owl@fmt@@U?$decimal_fp@M@dragonbox@detail@23@D@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@M@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$write_float@Vappender@owl@fmt@@U?$decimal_fp@N@dragonbox@detail@23@D@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$decimal_fp@N@dragonbox@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$write_float@Vappender@owl@fmt@@Ubig_decimal_fp@detail@23@D@detail@owl@fmt@@YA?AVappender@12@V312@AEBUbig_decimal_fp@012@AEBU?$basic_format_specs@D@12@Ufloat_specs@012@Vlocale_ref@012@@Z
??$write_int@DVappender@owl@fmt@@I@detail@owl@fmt@@YA?AVappender@12@V312@U?$write_int_arg@I@012@AEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write_int@DVappender@owl@fmt@@_K@detail@owl@fmt@@YA?AVappender@12@V312@U?$write_int_arg@_K@012@AEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write_int@Vappender@owl@fmt@@DV<lambda_065c478e05a909ab8aa83d6e010ce46d>@@@detail@owl@fmt@@YA?AVappender@12@V312@HIAEBU?$basic_format_specs@D@12@V<lambda_065c478e05a909ab8aa83d6e010ce46d>@@@Z
??$write_int_localized@Vappender@owl@fmt@@_KD@detail@owl@fmt@@YA?AVappender@12@V312@_KIAEBU?$basic_format_specs@D@12@AEBV?$digit_grouping@D@012@@Z
??$write_int_localized@Vappender@owl@fmt@@_KD@detail@owl@fmt@@YA_NAEAVappender@12@_KIAEBU?$basic_format_specs@D@12@Vlocale_ref@012@@Z
??$write_nonfinite@DVappender@owl@fmt@@@detail@owl@fmt@@YA?AVappender@12@V312@_NU?$basic_format_specs@D@12@AEBUfloat_specs@012@@Z
??$write_padded@$00Vappender@owl@fmt@@DAEAV<lambda_24f701007cf604f2d563897c58112c38>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_24f701007cf604f2d563897c58112c38>@@@Z
??$write_padded@$00Vappender@owl@fmt@@DAEAV<lambda_c59457c5484639485931aec4eac700ab>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_c59457c5484639485931aec4eac700ab>@@@Z
??$write_padded@$00Vappender@owl@fmt@@DAEAV<lambda_f9b3a2ca941e1e8b41b011e7eda9bb8c>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_f9b3a2ca941e1e8b41b011e7eda9bb8c>@@@Z
??$write_padded@$00Vappender@owl@fmt@@DV<lambda_bb47a3546bbb1fef9d8aeda1d5989555>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2$$QEAV<lambda_bb47a3546bbb1fef9d8aeda1d5989555>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_0ec9f54f65b181d3329517c691628deb>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_0ec9f54f65b181d3329517c691628deb>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_10f1bb951a169a2780cfd111143c7643>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_10f1bb951a169a2780cfd111143c7643>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_15956a4542a4323f49940000320241e9>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_15956a4542a4323f49940000320241e9>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_1a67c524078f32abd6ebeace24d8a3d8>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_1a67c524078f32abd6ebeace24d8a3d8>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_273a048ee1ea8f225a6ce41a46a995f4>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_273a048ee1ea8f225a6ce41a46a995f4>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_2e660c577a98a836523b682b29c9be03>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_2e660c577a98a836523b682b29c9be03>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_3d91f5f96952053ac4eae22e158fbf73>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_3d91f5f96952053ac4eae22e158fbf73>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_573f9839909c679ce0619d873b8ea452>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_573f9839909c679ce0619d873b8ea452>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_5d67b4c76edd7daa9f9a57f65869d35f>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_5d67b4c76edd7daa9f9a57f65869d35f>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_5e852101038e20db3f9be224a680e771>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_5e852101038e20db3f9be224a680e771>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_6134c5b2f33520475768650538902d28>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_6134c5b2f33520475768650538902d28>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_677bfb86f3a1f1be8ff654b14b98dae7>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_677bfb86f3a1f1be8ff654b14b98dae7>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_6d1103a14c7cdc045bb585d7098852ee>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_6d1103a14c7cdc045bb585d7098852ee>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_6dcdfd40ee9a6fe10532454e74c2fb61>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_6dcdfd40ee9a6fe10532454e74c2fb61>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_7741ff89596c199110b917287beae94b>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_7741ff89596c199110b917287beae94b>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_7e384ef9bce2d4cb8bf7cec16d68c588>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_7e384ef9bce2d4cb8bf7cec16d68c588>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_7e8953cbd81013fe58ecd8fb14c1ba20>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_7e8953cbd81013fe58ecd8fb14c1ba20>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_8feb72e3e01dd28660bc9df3527c45a9>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_8feb72e3e01dd28660bc9df3527c45a9>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_90ad6b0d8102b35191c32435b00e820e>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_90ad6b0d8102b35191c32435b00e820e>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_92f3dcee4e08ad71c756d5f8cc83e9ac>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_92f3dcee4e08ad71c756d5f8cc83e9ac>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_95aac3f52a12299a7072e2c068767141>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_95aac3f52a12299a7072e2c068767141>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_a8d2564096feaf135596bbb166e84141>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_a8d2564096feaf135596bbb166e84141>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_b7594262389999bd89a6e1a5c6446364>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_b7594262389999bd89a6e1a5c6446364>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_b7ab07da7dfe0a622263dcb23f228074>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_b7ab07da7dfe0a622263dcb23f228074>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_befaf2358c7cd122d536c9e4abc1545f>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_befaf2358c7cd122d536c9e4abc1545f>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_c3673caa6feb00e0079996d232af0b51>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_c3673caa6feb00e0079996d232af0b51>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_c81f7ac722a8543d19da18b72e83b0bb>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_c81f7ac722a8543d19da18b72e83b0bb>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_cf772c403995b175da3a565b019dd279>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_cf772c403995b175da3a565b019dd279>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_d11bae96c4d0ca2fda75ae347ec42693>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_d11bae96c4d0ca2fda75ae347ec42693>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_d4cbf765ca39d8baddc8b1e05b215cdb>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_d4cbf765ca39d8baddc8b1e05b215cdb>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_eef7d19f17993f80a91c6edde1609ede>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_eef7d19f17993f80a91c6edde1609ede>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_f20b4980f12addbfe645cd7db26c293c>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_f20b4980f12addbfe645cd7db26c293c>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_f55667ed198a0b8cb61e6dccdae3abfb>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_f55667ed198a0b8cb61e6dccdae3abfb>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DAEAV<lambda_fa8e8e37c0851b9cf354eb7b8535739e>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2AEAV<lambda_fa8e8e37c0851b9cf354eb7b8535739e>@@@Z
??$write_padded@$01Vappender@owl@fmt@@DV<lambda_4fbd8521fdd6c698c14c3a4d4e7afe1f>@@@detail@owl@fmt@@YA?AVappender@12@V312@AEBU?$basic_format_specs@D@12@_K2$$QEAV<lambda_4fbd8521fdd6c698c14c3a4d4e7afe1f>@@@Z
??$write_ptr@DVappender@owl@fmt@@_K@detail@owl@fmt@@YA?AVappender@12@V312@_KPEBU?$basic_format_specs@D@12@@Z
??$write_significand@DI$0A@@detail@owl@fmt@@YAPEADPEADIHHD@Z
??$write_significand@DVappender@owl@fmt@@IV?$digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@IHHAEBV?$digit_grouping@D@012@@Z
??$write_significand@DVappender@owl@fmt@@IV?$fallback_digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@IHHAEBV?$fallback_digit_grouping@D@012@@Z
??$write_significand@DVappender@owl@fmt@@PEBDV?$digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@PEBDHHAEBV?$digit_grouping@D@012@@Z
??$write_significand@DVappender@owl@fmt@@PEBDV?$fallback_digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@PEBDHHAEBV?$fallback_digit_grouping@D@012@@Z
??$write_significand@DVappender@owl@fmt@@_KV?$digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@_KHHAEBV?$digit_grouping@D@012@@Z
??$write_significand@DVappender@owl@fmt@@_KV?$fallback_digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@_KHHAEBV?$fallback_digit_grouping@D@012@@Z
??$write_significand@D_K$0A@@detail@owl@fmt@@YAPEADPEAD_KHHD@Z
??$write_significand@Vappender@owl@fmt@@D@detail@owl@fmt@@YA?AVappender@12@V312@PEBDHHD@Z
??$write_significand@Vappender@owl@fmt@@DIV?$digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@IHHDAEBV?$digit_grouping@D@012@@Z
??$write_significand@Vappender@owl@fmt@@DIV?$fallback_digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@IHHDAEBV?$fallback_digit_grouping@D@012@@Z
??$write_significand@Vappender@owl@fmt@@DPEBDV?$digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@PEBDHHDAEBV?$digit_grouping@D@012@@Z
??$write_significand@Vappender@owl@fmt@@DPEBDV?$fallback_digit_grouping@D@detail@23@@detail@owl@fmt@@YA?AVappender@12@V312@PEBDHHDAEBV?$fallback_digit_grouping@D@012@@Z

Sections

.text
Size: 779KB - Virtual size: 779KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/pagengine.dll
.dll windows:6 windows x64 arch:x64

8fee130e31cd360e9470c96e57c8cab1

Code Sign

0e:33:12:30:52:5a:25:a7:f8:10:e5:34:88:b0:aa:40
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a7:f6:86:bc:40:35:4a:70:f2:c2:97:c1:31:5e:f6
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/11/2020, 00:00

Not After

22/02/2024, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:11:23:c6:92:9f:37:00:eb:ae:d8:b0:62:5d:69:88:59:3e:82:8d:3c:ae:64:3e:94:48:f4:6c:0e:93:6c:40
Signer

Actual PE Digest

2c:11:23:c6:92:9f:37:00:eb:ae:d8:b0:62:5d:69:88:59:3e:82:8d:3c:ae:64:3e:94:48:f4:6c:0e:93:6c:40

Digest Algorithm

sha256

PE Digest Matches

true

c6:4d:e5:c1:2a:91:11:0b:6e:05:fe:9d:7c:28:e6:e4:a9:d8:90:bf
Signer

Actual PE Digest

c6:4d:e5:c1:2a:91:11:0b:6e:05:fe:9d:7c:28:e6:e4:a9:d8:90:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\code\wechat-windows-dev\out\x64\Release\bin\pagengine.pdb

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
FindClose
FindNextFileW
GetFileInformationByHandle
GetFileSizeEx
ReadFile
CloseHandle
GetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
ExitProcess
GetProcAddress
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
InitOnceExecuteOnce
GetNativeSystemInfo
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitOnceBeginInitialize
InitOnceComplete
InitializeSRWLock
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
MoveFileExA
MoveFileExW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetCurrentProcess
GetProcessAffinityMask
Sleep
GetSystemTimeAsFileTime
ReleaseMutex
CreateMutexA
LoadLibraryA
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExA
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SwitchToThread
GetExitCodeThread
SleepConditionVariableCS
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringEx
EncodePointer
DecodePointer
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
HeapQueryInformation
HeapSize
SetEndOfFile
GetFullPathNameW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
SetFilePointerEx
SetStdHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
CreateFileW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
SetLastError
InterlockedFlushSList
RaiseException
RtlPcToFileHeader
RtlUnwindEx

user32

GetDesktopWindow
SystemParametersInfoW
GetWindowRect
GetDC

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

ws2_32

WSAStartup
WSACleanup

libegl

eglCreateContext
eglCreatePbufferSurface
eglCreateWindowSurface
eglDestroyContext
eglDestroySurface
eglGetConfigAttrib
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetError
eglInitialize
eglMakeCurrent
eglSwapBuffers
eglBindAPI
eglGetCurrentContext
eglGetProcAddress
eglQueryString
eglCreateImageKHR
eglDestroyImageKHR
eglChooseConfig

libglesv2

glPixelStorei
glReadPixels
glRenderbufferStorage
glScissor
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexSubImage2D
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniformMatrix2fv
glUniformMatrix3fv
glUniformMatrix4fv
glUseProgram
glVertexAttrib1f
glVertexAttrib2fv
glVertexAttrib3fv
glVertexAttrib4fv
glVertexAttribPointer
glViewport
glBlitFramebufferANGLE
glRenderbufferStorageMultisampleANGLE
glReadBuffer
glDrawRangeElements
glTexImage3D
glTexSubImage3D
glCopyTexSubImage3D
glCompressedTexImage3D
glCompressedTexSubImage3D
glGenQueries
glDeleteQueries
glIsQuery
glBeginQuery
glEndQuery
glGetQueryiv
glGetQueryObjectuiv
glUnmapBuffer
glGetBufferPointerv
glDrawBuffers
glUniformMatrix2x3fv
glUniformMatrix3x2fv
glUniformMatrix2x4fv
glUniformMatrix4x2fv
glUniformMatrix3x4fv
glUniformMatrix4x3fv
glBlitFramebuffer
glRenderbufferStorageMultisample
glFramebufferTextureLayer
glMapBufferRange
glFlushMappedBufferRange
glBindVertexArray
glDeleteVertexArrays
glGenVertexArrays
glIsVertexArray
glGetIntegeri_v
glBeginTransformFeedback
glEndTransformFeedback
glBindBufferRange
glBindBufferBase
glCreateProgram
glLineWidth
glVertexAttribIPointer
glGetVertexAttribIiv
glGetVertexAttribIuiv
glVertexAttribI4i
glVertexAttribI4ui
glVertexAttribI4iv
glVertexAttribI4uiv
glGetUniformuiv
glGetFragDataLocation
glUniform1ui
glUniform2ui
glUniform3ui
glUniform4ui
glUniform1uiv
glUniform2uiv
glUniform3uiv
glUniform4uiv
glClearBufferiv
glClearBufferuiv
glClearBufferfv
glClearBufferfi
glGetStringi
glCopyBufferSubData
glGetUniformIndices
glGetActiveUniformsiv
glGetUniformBlockIndex
glGetActiveUniformBlockiv
glGetActiveUniformBlockName
glUniformBlockBinding
glDrawArraysInstanced
glDrawElementsInstanced
glFenceSync
glIsSync
glDeleteSync
glClientWaitSync
glWaitSync
glGetInteger64v
glGetSynciv
glGetInteger64i_v
glGetBufferParameteri64v
glGenSamplers
glDeleteSamplers
glIsSampler
glBindSampler
glSamplerParameteri
glSamplerParameteriv
glSamplerParameterf
glSamplerParameterfv
glGetSamplerParameteriv
glGetSamplerParameterfv
glVertexAttribDivisor
glBindTransformFeedback
glDeleteTransformFeedbacks
glGenTransformFeedbacks
glIsTransformFeedback
glPauseTransformFeedback
glResumeTransformFeedback
glGetProgramBinary
glProgramBinary
glProgramParameteri
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glTexStorage2D
glTexStorage3D
glGetInternalformativ
glCopyTexSubImage2D
glClearStencil
glClearColor
glClear
glCheckFramebufferStatus
glBufferSubData
glBufferData
glBlendFunc
glBlendEquationSeparate
glBlendEquation
glBlendColor
glBindTexture
glBindRenderbuffer
glBindFramebuffer
glBindBuffer
glBindAttribLocation
glAttachShader
glActiveTexture
glLinkProgram
glColorMask
glIsEnabled
glGetUniformLocation
glGetString
glGetShaderPrecisionFormat
glGetShaderInfoLog
glGetShaderiv
glGetRenderbufferParameteriv
glGetProgramInfoLog
glGetProgramiv
glGetIntegerv
glGetFramebufferAttachmentParameteriv
glGetError
glGetBufferParameteriv
glGetAttribLocation
glGenTextures
glGenRenderbuffers
glGenFramebuffers
glGenBuffers
glFrontFace
glFramebufferTexture2D
glFramebufferRenderbuffer
glFlush
glFinish
glEnableVertexAttribArray
glEnable
glDrawElements
glDrawArrays
glDisableVertexAttribArray
glDisable
glDepthMask
glDeleteTextures
glDeleteShader
glDeleteRenderbuffers
glDeleteProgram
glDeleteFramebuffers
glGenerateMipmap
glDeleteBuffers
glCullFace
glGetTransformFeedbackVarying
glCreateShader
glCompressedTexSubImage2D
glCompressedTexImage2D
glTransformFeedbackVaryings
glCompileShader
glIsTexture

Exports

Exports

??0PAGEngine@pagengine@@QEAA@AEBV01@@Z
??0PAGEngine@pagengine@@QEAA@XZ
??0PAGEngineCallback@pagengine@@QEAA@$$QEAV01@@Z
??0PAGEngineCallback@pagengine@@QEAA@AEBV01@@Z
??0PAGEngineCallback@pagengine@@QEAA@XZ
??0PAGEngineImpl@pagengine@@QEAA@AEBV01@@Z
??0PAGEngineImpl@pagengine@@QEAA@XZ
??0PagFileImpl@pagengine@@QEAA@AEBV01@@Z
??0PagFileImpl@pagengine@@QEAA@XZ
??1PAGEngine@pagengine@@UEAA@XZ
??1PAGEngineImpl@pagengine@@UEAA@XZ
??1PagFileImpl@pagengine@@UEAA@XZ
??4PAGEngine@pagengine@@QEAAAEAV01@AEBV01@@Z
??4PAGEngineCallback@pagengine@@QEAAAEAV01@$$QEAV01@@Z
??4PAGEngineCallback@pagengine@@QEAAAEAV01@AEBV01@@Z
??4PAGEngineImpl@pagengine@@QEAAAEAV01@AEBV01@@Z
??4PagFileImpl@pagengine@@QEAAAEAV01@AEBV01@@Z
??_7PAGEngine@pagengine@@6B@
??_7PAGEngineCallback@pagengine@@6B@
??_7PAGEngineImpl@pagengine@@6B@
??_7PagFileImpl@pagengine@@6B@
?CreatePAGEngine@pagengine@@YAPEAVPAGEngine@1@XZ
?DrawPAG@PAGEngineImpl@pagengine@@QEAA_N_N@Z
?ElapseMsFromLastRenderTime@PAGEngineImpl@pagengine@@AEAAH_N@Z
?Flush@PAGEngineImpl@pagengine@@UEAA_N_N@Z
?GetDuration@PagFileImpl@pagengine@@UEAAIXZ
?GetFrameRate@PagFileImpl@pagengine@@UEAAMXZ
?GetHeight@PagFileImpl@pagengine@@UEAAIXZ
?GetPagFileDuration@PAGEngineImpl@pagengine@@UEAAIXZ
?GetPagFileSize@PAGEngineImpl@pagengine@@UEAA?AUPagSize@2@XZ
?GetWidth@PagFileImpl@pagengine@@UEAAIXZ
?InitHighResolutionTime@PAGEngineImpl@pagengine@@AEAAXXZ
?InitOnscreenRender@PAGEngineImpl@pagengine@@UEAA_NAEBUPAGEngineInitData@2@@Z
?IsPagFileValid@PAGEngineImpl@pagengine@@UEAA_NXZ
?LoadPagFile@PagFileImpl@pagengine@@QEAA_NPEADH@Z
?LoadPagFile@pagengine@@YAPEAVPAGFile@1@PEADH@Z
?ReadPixels@PAGEngineImpl@pagengine@@UEAA_NPEAX_K@Z
?ReleasePAGEngine@pagengine@@YA_NPEAVPAGEngine@1@@Z
?ReleasePagFile@pagengine@@YA_NPEAVPAGFile@1@@Z
?Resize@PAGEngineImpl@pagengine@@UEAA_NHH@Z
?SetFrameBuffer@PAGEngineImpl@pagengine@@UEAA_NIIH@Z
?SetLoop@PAGEngineImpl@pagengine@@UEAAX_N@Z
?SetPagFile@PAGEngineImpl@pagengine@@UEAA_NPEAVPAGFile@2@@Z
?SetPagFile@PAGEngineImpl@pagengine@@UEAA_NPEBDH@Z
?SetPagFileBuffer@PAGEngineImpl@pagengine@@UEAA_NPEBDH@Z
?SetProgress@PAGEngineImpl@pagengine@@UEAA_NN@Z
?__autoclassinit2@PAGEngineImpl@pagengine@@QEAAX_K@Z
?__autoclassinit2@PagFileImpl@pagengine@@QEAAX_K@Z

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[3.9.11.25]/plugin_info.ini
[3.9.11.25]/protobuf-lite LICENSE.txt
[3.9.11.25]/rqt.dat
.png
[3.9.11.25]/sae.dat
[3.9.11.25]/sperqt.dat
.png
[3.9.11.25]/wcprobe.dll
.dll windows:6 windows x64 arch:x64

36984f0206a7b75ab485e2258d3b2d1d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:33:4b:1f:e8:64:31:23:14:ae:8f:dd:35:52:bc:4a:bf:28:1d:e6:08:29:a2:eb:ae:89:e5:12:5e:10:fe:5b
Signer

Actual PE Digest

6c:33:4b:1f:e8:64:31:23:14:ae:8f:dd:35:52:bc:4a:bf:28:1d:e6:08:29:a2:eb:ae:89:e5:12:5e:10:fe:5b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

shlwapi

PathFileExistsW

wintrust

WinVerifyTrust

version

VerQueryValueW

crypt32

CertFindCertificateInStore

wtsapi32

WTSFreeMemory

oleaut32

SysStringLen

kernel32

GetConsoleMode
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

advapi32

ReportEventA

shell32

SHGetPathFromIDListW

ole32

CoUninitialize

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e221f4f7d36469d53810a4b5f9fc8966

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

e9:76:f2:b4:af:2c:ed:86:33:6f:a5:d2:72:6a:93:da:52:84:da:68:c1:f6:8c:6d:05:5f:18:ca:1b:c2:b5:9eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 148KB

.rsrc Size: 95KB - Virtual size: 95KB

Password: infected

5ebb000a52998bb996312557ab4e30f5

Headers

File Characteristics

PDB Paths

Imports

psapi

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 180KB

.text Size: 384KB - Virtual size: 381KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 8KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 806B

.reloc Size: 20KB - Virtual size: 16KB

Password: infected

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 851B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 610B

Password: infected

473a3a11d05364cd31aaa8cf3e6b4e86

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e9:76:f2:b4:af:2c:ed:86:33:6f:a5:d2:72:6a:93:da:52:84:da:68:c1:f6:8c:6d:05:5f:18:ca:1b:c2:b5:9e
Signer

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 148KB

.rsrc
Size: 95KB - Virtual size: 95KB

.textbss
Size: - Virtual size: 180KB

.text
Size: 384KB - Virtual size: 381KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 806B

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 610B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

8a:a5:48:b1:ac:fb:1f:a3:11:e1:c5:78:df:d4:5a:d6:e2:25:30:b0:44:19:5a:1e:e7:b8:32:64:ce:34:bd:12
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 653KB - Virtual size: 652KB

.data
Size: 28KB - Virtual size: 68KB

.rsrc
Size: 521KB - Virtual size: 520KB

.reloc
Size: 114KB - Virtual size: 113KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 16KB - Virtual size: 12KB