Glasswire[.]v3[.]3[.]678-ShadowC[.]rar

resource	yara_rule
static1/unpack002/$PLUGINSDIR/GWInstSt.exe	themida
static1/unpack002/GWUnlock.exe	themida
static1/unpack003/$PLUGINSDIR/GWInstSt.exe	themida

resource
unpack001/Crack/GWCtlSrv.exe
unpack001/Crack/GlassWire.exe
unpack001/GlassWireSetup_3.3.678.exe
unpack002/$PLUGINSDIR/StartMenu.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsDialogs.dll
unpack003/$PLUGINSDIR/nsExec.dll

Glasswire.v3.3.678-ShadowC.rar

.rar

!!!Readme_first!!!!.txt

Crack/GWCtlSrv.exe

.exe windows:6 windows x86 arch:x86

857b71eab0bd451a0f66d57166f2b851

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

FreeSid

AllocateAndInitializeSid

RegGetValueW

RegDeleteTreeW

RegDeleteKeyValueW

RegSetValueExW

RegOpenKeyExW

RegDeleteKeyExW

RegCreateKeyExW

RegCloseKey

RegCopyTreeW

StartServiceW

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerExW

DeleteService

CreateServiceW

ControlService

ChangeServiceConfig2W

AuditFree

AuditQuerySystemPolicy

AuditSetSystemPolicy

QueryServiceStatus

OpenServiceW

OpenSCManagerW

EnumServicesStatusExW

CloseServiceHandle

RevertToSelf

ImpersonateLoggedOnUser

DuplicateTokenEx

CreateProcessAsUserW

LookupPrivilegeValueW

LookupAccountSidW

ImpersonateSelf

GetTokenInformation

AdjustTokenPrivileges

OpenThreadToken

OpenProcessToken

SetNamedSecurityInfoW

GetNamedSecurityInfoW

SetEntriesInAclW

ReportEventW

RegisterEventSourceW

DeregisterEventSource

CryptEnumProvidersW

CryptSignHashW

CryptDecrypt

CryptExportKey

CryptGetUserKey

CryptGetProvParam

CryptSetHashParam

CryptDestroyKey

CryptDestroyHash

CryptHashData

CryptCreateHash

CryptGetHashParam

CryptAcquireContextW

gdi32

SelectObject

DeleteDC

DeleteObject

CreateDIBSection

CreateCompatibleDC

gweventlog

??0EventLog@glasswire@@QAE@PAVObject@1@@Z

?IsEnabled@EventLog@glasswire@@QBE_NW4ChannelId@12@@Z

?SetEnabled@EventLog@glasswire@@QAE_NW4ChannelId@12@_N@Z

?PushAlertData@EventLog@glasswire@@QBEXABVAlertData@common@2@@Z

?OnChannelEnabled@EventLog@glasswire@@QAEAAV?$Signal@W4ChannelId@EventLog@glasswire@@_N@2@XZ

kernel32

GetVolumePathNameW

GetOverlappedResult

CancelIo

GetExitCodeProcess

IsValidCodePage

GetOEMCP

FindFirstFileA

CreateThread

GetModuleFileNameW

FindCloseChangeNotification

FindFirstChangeNotificationW

FindNextChangeNotification

GetExitCodeThread

GetThreadId

CreateSymbolicLinkW

CreateHardLinkW

SetFileTime

SetFileAttributesW

GetFileInformationByHandle

CreateDirectoryW

LoadLibraryExA

SetCurrentDirectoryW

FindFirstFileExW

GetDiskFreeSpaceExW

GetFinalPathNameByHandleW

SetFileInformationByHandle

SetFilePointerEx

CreateDirectoryExW

CopyFileW

GetFileInformationByHandleEx

InitOnceBeginInitialize

InitOnceComplete

TryAcquireSRWLockExclusive

TryAcquireSRWLockShared

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsProcessorFeaturePresent

IsDebuggerPresent

GetStartupInfoW

InitializeSListHead

VirtualQuery

GetDriveTypeW

CreateFile2

CreateFileMappingA

SleepConditionVariableCS

WakeAllConditionVariable

WakeConditionVariable

InitOnceInitialize

CreateEventW

ResetEvent

InitializeCriticalSectionAndSpinCount

GetCurrentDirectoryW

GetSystemFirmwareTable

GetCurrentProcess

RaiseException

DecodePointer

PostQueuedCompletionStatus

GlobalFree

EnumResourceNamesW

FindResourceW

LockResource

LoadResource

GetFileSizeEx

LocalAlloc

CreateProcessW

GetUserGeoID

GetGeoInfoW

GetNativeSystemInfo

OpenProcess

GetCurrentThread

TerminateProcess

GetProcessTimes

GetComputerNameA

SetDefaultDllDirectories

TryEnterCriticalSection

InitializeCriticalSection

AreFileApisANSI

HeapCreate

HeapFree

GetFullPathNameW

GetDiskFreeSpaceW

OutputDebugStringA

LockFile

SetFilePointer

GetFullPathNameA

SetEndOfFile

UnlockFileEx

GetTempPathW

CloseHandle

GetLastError

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

SetEvent

WaitForSingleObject

WaitForMultipleObjects

QueueUserAPC

TerminateThread

TlsAlloc

TlsGetValue

TlsFree

LocalFree

FormatMessageA

Wow64EnableWow64FsRedirection

FreeLibrary

GetProcAddress

LoadLibraryExW

CreateFileW

DeviceIoControl

FindFirstVolumeW

FindNextVolumeW

FindVolumeClose

QueryDosDeviceW

GetVolumePathNamesForVolumeNameW

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

SetLastError

FormatMessageW

MultiByteToWideChar

WideCharToMultiByte

QueryPerformanceCounter

GetTickCount

InitializeCriticalSectionEx

QueryPerformanceFrequency

GetSystemDirectoryW

GetModuleHandleW

LoadLibraryW

Sleep

MoveFileExW

GetStdHandle

GetFileType

ReadFile

PeekNamedPipe

GetCurrentProcessId

GetEnvironmentVariableA

CompareFileTime

GetSystemTimeAsFileTime

WaitForSingleObjectEx

SleepEx

VerSetConditionMask

GetModuleHandleA

VerifyVersionInfoW

GetSystemTime

SystemTimeToFileTime

GetModuleHandleExW

GetEnvironmentVariableW

GetConsoleMode

SetConsoleMode

ReadConsoleA

ReadConsoleW

InitOnceInitialize

ReleaseSRWLockShared

AcquireSRWLockShared

GetCurrentThreadId

TlsSetValue

GetSystemInfo

VirtualAlloc

VirtualProtect

VirtualFree

VirtualLock

SwitchToFiber

DeleteFiber

CreateFiberEx

FindClose

FindFirstFileW

FindNextFileW

GetSystemDirectoryA

LoadLibraryA

WriteFile

GetACP

ConvertFiberToThread

ConvertThreadToFiberEx

FlushFileBuffers

MapViewOfFile

CreateFileMappingW

GetProcessHeap

GetFileSize

LockFileEx

UnlockFile

HeapDestroy

HeapCompact

HeapAlloc

HeapReAlloc

DeleteFileW

DeleteFileA

CreateFileA

FlushViewOfFile

OutputDebugStringW

GetFileAttributesExW

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapSize

HeapValidate

UnmapViewOfFile

GetFileAttributesW

CreateMutexW

msvcp140

_Thrd_detach

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ

?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

?id@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBUtm@@PB_W4@Z

?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?get@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PB_W4@Z

?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z

?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD4@Z

?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

?_XGetLastError@std@@YAXXZ

?_Xruntime_error@std@@YAXPBD@Z

?_Throw_Cpp_error@std@@YAXH@Z

_Cnd_do_broadcast_at_thread_exit

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

_Thrd_join

_Cnd_signal

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?__ExceptionPtrRethrow@@YAXPBX@Z

?__ExceptionPtrCurrentException@@YAXPAX@Z

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z

?uncaught_exception@std@@YA_NXZ

?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z

?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z

?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ

?do_encoding@?$codecvt@_SDU_Mbstatet@@@std@@MBEHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

?getloc@ios_base@std@@QBE?AVlocale@2@XZ

?widen@?$ctype@G@std@@QBEGD@Z

?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ

?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

_Thrd_sleep

_Xtime_get_ticks

?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

?id@?$collate@D@std@@2V0locale@2@A

?_Incref@facet@locale@std@@UAEXXZ

?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z

??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ

??0facet@locale@std@@IAE@I@Z

?_C_str@?$_Yarn@D@std@@QBEPBDXZ

?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

??1_Locinfo@std@@QAE@XZ

??0_Locinfo@std@@QAE@PBD@Z

_Strxfrm

_Strcoll

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z

?_Throw_future_error@std@@YAXABVerror_code@1@@Z

_Cnd_unregister_at_thread_exit

_Cnd_register_at_thread_exit

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_Syserror_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAHH@Z

_Mbrtowc

?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

?_W_Getdays@_Locinfo@std@@QBEPBGXZ

?_W_Getmonths@_Locinfo@std@@QBEPBGXZ

?uncaught_exceptions@std@@YAHXZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?setf@ios_base@std@@QAEHH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

_Mtx_init_in_situ

_Mtx_destroy_in_situ

_Mtx_lock

_Mtx_unlock

?_Throw_C_error@std@@YAXH@Z

?_Xbad_function_call@std@@YAXXZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?do_encoding@?$codecvt@_SDU_Mbstatet@@@std@@MBEHXZ

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

??Bid@locale@std@@QAEIXZ

_Cnd_broadcast

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?tolower@?$ctype@D@std@@QBEDD@Z

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?id@?$ctype@D@std@@2V0locale@2@A

?_Xout_of_range@std@@YAXPBD@Z

?setf@ios_base@std@@QAEHHH@Z

?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

?toupper@?$ctype@G@std@@QBEGG@Z

?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?id@?$ctype@_W@std@@2V0locale@2@A

?is@?$ctype@G@std@@QBE_NFG@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

?always_noconv@codecvt_base@std@@QBE_NXZ

?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

?_Xinvalid_argument@std@@YAXPBD@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

?toupper@?$ctype@D@std@@QBEDD@Z

?tolower@?$ctype@G@std@@QBEGG@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

_Query_perf_counter

_Query_perf_frequency

?_Random_device@std@@YAIXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

?__ExceptionPtrCreate@@YAXPAX@Z

?__ExceptionPtrDestroy@@YAXPAX@Z

?__ExceptionPtrCopy@@YAXPAXPBX@Z

?__ExceptionPtrAssign@@YAXPAXPBX@Z

?__ExceptionPtrToBool@@YA_NPBX@Z

?__ExceptionPtrCopyException@@YAXPAXPBX1@Z

_Cnd_init_in_situ

_Cnd_destroy_in_situ

_Cnd_wait

msvcp140_atomic_wait

__std_tzdb_get_time_zones

__std_tzdb_get_current_zone

__std_tzdb_delete_current_zone

__std_tzdb_get_leap_seconds

__std_tzdb_delete_leap_seconds

__std_calloc_crt

__std_free_crt

__std_tzdb_delete_time_zones

__std_atomic_notify_all_direct

__std_atomic_wait_direct

oleaut32

VariantChangeType

VariantClear

VariantInit

shell32

SHGetKnownFolderPath

user32

TranslateMessage

GetMessageW

RegisterClassExW

UnregisterClassW

DestroyWindow

UnregisterPowerSettingNotification

RegisterPowerSettingNotification

UnregisterDeviceNotification

RegisterDeviceNotificationA

DispatchMessageW

CreateIconFromResourceEx

DestroyCursor

ReleaseDC

GetDC

GetWindowThreadProcessId

EnumWindows

PostMessageW

MessageBoxW

DefWindowProcW

GetUserObjectInformationW

GetProcessWindowStation

SetWindowLongW

SetTimer

GetWindowLongW

CreateWindowExW

DrawIconEx

userenv

CreateEnvironmentBlock

UnloadUserProfile

vcruntime140

_except_handler4_common

wcsrchr

__std_type_info_destroy_list

memcpy

__std_terminate

__std_exception_copy

__std_exception_destroy

__current_exception_context

__current_exception

_CxxThrowException

__CxxFrameHandler

wcsstr

memcpy

memset

wcschr

_purecall

__RTDynamicCast

memchr

strchr

strrchr

strstr

__std_type_info_compare

version

GetFileVersionInfoW

VerQueryValueW

GetFileVersionInfoSizeW

ws2_32

WSARecvFrom

WSASocketW

WSASend

WSARecv

WSAStringToAddressW

WSAAddressToStringW

htonl

WSAEnumNetworkEvents

WSAEventSelect

WSAResetEvent

WSASetEvent

WSAWaitForMultipleEvents

closesocket

WSAGetLastError

htons

WSASetLastError

inet_ntop

htons

socket

inet_pton

shutdown

getservbyname

getservbyport

gethostbyname

gethostbyaddr

inet_ntoa

inet_addr

ioctlsocket

gethostname

getpeername

recv

connect

htonl

FreeAddrInfoW

getaddrinfo

listen

getsockname

accept

sendto

recvfrom

bind

select

__WSAFDIsSet

WSACreateEvent

WSACloseEvent

send

getsockopt

WSACleanup

WSAStartup

WSASendTo

setsockopt

WSAIoctl

ucrtbase

wcstol

strtoul

strtol

wcrtomb

_wcstoui64

wcstombs

strtod

atoi

_strtoi64

_strtoui64

mbstowcs

getenv

_wrename

_lock_file

_unlock_file

_wunlink

_wstat64

_stat64i32

_wstat64i32

_wmkdir

_fstat64

_wchdir

_unlink

_waccess

_wrmdir

_umask

calloc

_callnewh

_set_new_mode

_recalloc

_msize

free

realloc

malloc

___mb_cur_max_func

setlocale

_configthreadlocale

___lc_codepage_func

_libm_sse2_log_precise

log2

tanh

tan

sqrt

sinh

sin

pow

fmod

exp

floor

cosh

_except1

cos

_dclass

atan2

atan

_libm_sse2_log10_precise

asin

_fdopen

acos

atanh

__setusermatherr

trunc

acosh

ceil

asinh

_fdclass

_c_exit

_Exit

_errno

_get_initial_narrow_environment

_controlfp_s

_set_app_type

_invalid_parameter_noinfo

strerror_s

signal

_seh_filter_exe

_cexit

_beginthreadex

_invalid_parameter_noinfo_noreturn

_crt_at_quick_exit

__sys_errlist

terminate

_crt_atexit

_execute_onexit_table

__sys_nerr

exit

__p___argv

_register_thread_local_exe_atexit_callback

_endthreadex

_seh_filter_dll

_configure_narrow_argv

_initialize_narrow_environment

_initterm

_initterm_e

_resetstkoflw

abort

_initialize_onexit_table

raise

strerror

__p___argc

_register_onexit_function

fopen

_wsopen_dispatch

_wfopen

fputs

_close

_dup

_dup2

_read

_write

__stdio_common_vfprintf

_open_osfhandle

feof

fgetpos

__acrt_iob_func

_get_osfhandle

setvbuf

fwrite

__p__commode

_open

_fseeki64

__stdio_common_vsprintf_s

fgetc

fflush

fsetpos

_setmode

_fileno

ferror

ungetc

_lseeki64

fread

fclose

_get_stream_buffer_pointers

fgets

__stdio_common_vsscanf

fputc

ftell

_wopen

__stdio_common_vsprintf

__stdio_common_vswprintf

_set_fmode

fseek

isalnum

isupper

strcspn

wcspbrk

wcsncpy

toupper

strncmp

strncat

isalpha

_iswalpha_l

isxdigit

strpbrk

isdigit

tolower

wcsncmp

_wcsdup

_mbsdup

strncpy_s

strcat_s

strcpy_s

isspace

strcmp

strncpy

strspn

_gmtime64_s

_localtime64_s

_gmtime64

_get_timezone

strftime

_time64

_ctime64_s

_localtime64

_mktime64

srand

qsort

bcrypt

BCryptOpenAlgorithmProvider

BCryptCloseAlgorithmProvider

BCryptCreateHash

BCryptHashData

BCryptGenRandom

BCryptDestroyHash

BCryptGetProperty

BCryptSetProperty

BCryptGenerateSymmetricKey

BCryptEncrypt

BCryptDestroyKey

BCryptDeriveKeyPBKDF2

BCryptFinishHash

ole32

CoTaskMemFree

CoInitializeEx

CoUninitialize

CoCreateGuid

CoCreateInstance

wsnmp32

SnmpCountVbl

SnmpCreateSession

SnmpCancelMsg

SnmpClose

SnmpFreeDescriptor

SnmpFreeVbl

SnmpCreateVbl

SnmpFreePdu

SnmpOidToStr

SnmpCreatePdu

SnmpFreeContext

SnmpStrToContext

SnmpFreeEntity

SnmpStrToEntity

SnmpSendMsg

SnmpSetRetry

SnmpSetTimeout

SnmpCleanup

SnmpStartup

SnmpStrToOid

SnmpGetLastError

SnmpSetVb

SnmpGetPduData

SnmpGetVb

SnmpRecvMsg

Exports

??_FEventLog@glasswire@@QAEXXZ

?dfunc@EventLog@glasswire@@AAEPAVEventLogPrivate@2@XZ

?dfunc@EventLog@glasswire@@ABEPBVEventLogPrivate@2@XZ

Sections

.text
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

Size: 860KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

Size: 196KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

Size: 527KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.themida
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.boot
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.SCY
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

Crack/GlassWire.exe

.exe windows:6 windows x86 arch:x86

8f40bc3b0302564283e2198aea75bc63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptHashData

InitializeSecurityDescriptor

FreeSid

AllocateAndInitializeSid

RegGetValueW

RegDeleteTreeW

RegDeleteKeyValueW

RegSetValueExW

RegCloseKey

RegCreateKeyExW

RegDeleteKeyExW

RegOpenKeyExW

ReportEventW

RegisterEventSourceW

DeregisterEventSource

CryptEnumProvidersW

CryptSignHashW

CryptDecrypt

CryptExportKey

CryptGetUserKey

CryptGetProvParam

CryptSetHashParam

CryptAcquireContextW

CryptReleaseContext

CryptGetHashParam

CryptCreateHash

SetSecurityDescriptorDacl

CryptDestroyHash

SetEntriesInAclW

GetNamedSecurityInfoW

SetNamedSecurityInfoW

CryptDestroyKey

crypt32

CertGetCertificateContextProperty

CertDuplicateCertificateContext

CertFindCertificateInStore

CertOpenStore

CertOpenSystemStoreW

CertGetIntendedKeyUsage

CertGetEnhancedKeyUsage

CertFreeCertificateContext

CertEnumCertificatesInStore

CertCloseStore

gdi32

GetDeviceCaps

CreateRectRgn

SelectObject

DeleteObject

DeleteDC

CreateCompatibleDC

CombineRgn

CreateSolidBrush

kernel32

SetFileAttributesW

SetEndOfFile

GetFullPathNameW

GetFinalPathNameByHandleW

GetFileInformationByHandle

GetFileAttributesExW

GetFileAttributesW

GetDiskFreeSpaceExW

FindFirstFileExW

CreateFileW

CreateDirectoryW

SetCurrentDirectoryW

InitOnceComplete

InitOnceBeginInitialize

SetFilePointerEx

SetFileTime

GetTempPathW

AreFileApisANSI

DeviceIoControl

CreateDirectoryExW

CopyFileW

CreateHardLinkW

GetFileInformationByHandleEx

CreateSymbolicLinkW

TryAcquireSRWLockExclusive

TryAcquireSRWLockShared

CloseHandle

GetLastError

PostQueuedCompletionStatus

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

SetEvent

WaitForSingleObject

WaitForMultipleObjects

QueueUserAPC

TerminateThread

TlsAlloc

TlsFree

LocalFree

SetUnhandledExceptionFilter

MultiByteToWideChar

ResetEvent

CreateEventW

GetCurrentProcessId

GetExitCodeProcess

GetModuleFileNameW

GlobalAlloc

GlobalUnlock

GlobalLock

GlobalFree

DeleteAtom

AddAtomW

FindAtomW

SetLastError

FormatMessageW

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

QueryPerformanceCounter

GetTickCount

InitializeCriticalSectionEx

QueryPerformanceFrequency

GetSystemDirectoryW

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

WideCharToMultiByte

Sleep

MoveFileExW

WaitForSingleObjectEx

CompareFileTime

GetSystemTimeAsFileTime

GetEnvironmentVariableA

GetStdHandle

GetFileType

ReadFile

PeekNamedPipe

SleepEx

VerSetConditionMask

GetModuleHandleA

VerifyVersionInfoW

GetCurrentProcess

K32EnumProcessModules

Wow64DisableWow64FsRedirection

Wow64RevertWow64FsRedirection

TlsGetValue

SetDefaultDllDirectories

GetComputerNameA

GetNativeSystemInfo

GetGeoInfoW

GetUserGeoID

LoadLibraryA

GetCurrentDirectoryW

FindClose

FindFirstFileW

FindNextFileW

InitializeCriticalSectionAndSpinCount

TlsSetValue

GetSystemTime

SystemTimeToFileTime

GetModuleHandleExW

GetEnvironmentVariableW

GetConsoleMode

SetConsoleMode

ReadConsoleA

ReadConsoleW

InitOnceInitialize

ReleaseSRWLockShared

AcquireSRWLockShared

GetCurrentThreadId

GetSystemInfo

VirtualAlloc

VirtualProtect

VirtualFree

VirtualLock

SwitchToFiber

DeleteFiber

CreateFiberEx

GetSystemDirectoryA

WriteFile

GetACP

ConvertFiberToThread

ConvertThreadToFiberEx

LocalAlloc

SetFileInformationByHandle

TerminateProcess

IsProcessorFeaturePresent

UnhandledExceptionFilter

IsDebuggerPresent

GetStartupInfoW

InitializeSListHead

GetCommandLineW