fwpuclnt.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
v.3.9.lntsaII3r_win_64-86_set-up+P0rtbI3xtn.zip
Resource
win7-20240705-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
v.3.9.lntsaII3r_win_64-86_set-up+P0rtbI3xtn.zip
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
Setup.exe
Resource
win7-20240729-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
Setup.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
9 signatures
150 seconds
Behavioral task
behavioral5
Sample
python310.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
python310.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
v.3.9.lntsaII3r_win_64-86_set-up+P0rtbI3xtn.zip
-
Size
10.4MB
-
MD5
6f8f3e76cd60e295375034f3f028bafe
-
SHA1
d4e4d1afb9b0aecfc58d8980bce53990fcff32fd
-
SHA256
20f1e34627d78a9206329f1ed09f562d851d6bd7df83350bf2c22361510da259
-
SHA512
4c21a67d2323a0387e749669f7ede5c8d534fc82aabd3d65795fa3e87dfb87e3b273992cc3366cb975dbef70cc91e6910b68d405663d23153f3916b2edc737e6
-
SSDEEP
196608:0NqxPhjCITZIReidoi0furV2rCXedavn+jVTLYG3U87qmqBIqj6NaLY7tr:plhjTGEaNMroedavn+Rnu8OUh7p
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/FWPUCLNT.DLL unpack001/glu32.dll unpack001/gnsdk_fp.dll
Files
-
v.3.9.lntsaII3r_win_64-86_set-up+P0rtbI3xtn.zip.zip
-
FWPUCLNT.DLL.dll windows:10 windows x86 arch:x86
6b9b6e4f8204f13218b7e87153952712
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
memset
_wcsicmp
wcschr
_wcslwr
_wcslwr_s
memcmp
memcpy
qsort
_except_handler4_common
_initterm
malloc
free
_amsg_exit
_XcptFilter
ntdll
RtlAllocateHeap
RtlSubAuthorityCountSid
RtlContractHashTable
RtlLengthSecurityDescriptor
RtlGetControlSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
RtlExpandHashTable
RtlEndEnumerationHashTable
NtQueryObject
RtlEnumerateEntryHashTable
RtlGetThreadPreferredUILanguages
RtlInitEnumerationHashTable
RtlGetNextEntryHashTable
RtlLookupEntryHashTable
RtlRemoveEntryHashTable
RtlInsertEntryHashTable
RtlDeleteHashTable
RtlCreateHashTable
EtwEventEnabled
EtwEventWriteTransfer
EtwEventWrite
EtwEventActivityIdControl
EtwEventUnregister
RtlNtStatusToDosError
NtClose
NtDeviceIoControlFile
NtCreateFile
RtlInitUnicodeString
NtRaiseException
RtlValidSecurityDescriptor
NtQueryInformationToken
RtlEqualSid
RtlCopySid
RtlLengthSid
RtlValidSid
RtlSetSaclSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlCreateSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
EtwTraceMessage
RtlFreeHeap
EtwUnregisterTraceGuids
EtwGetTraceEnableFlags
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwRegisterTraceGuidsW
EtwEventRegister
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExA
GetProcAddress
FreeLibrary
FreeLibraryAndExitThread
DisableThreadLibraryCalls
GetModuleHandleExW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
SetThreadToken
OpenProcessToken
GetCurrentThread
TerminateProcess
GetThreadId
OpenThreadToken
CreateThread
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
rpcrt4
RpcBindingFree
RpcBindingSetOption
RpcBindingCreateW
RpcSsDestroyClientContext
I_RpcExceptionFilter
MesEncodeDynBufferHandleCreate
MesHandleFree
MesDecodeBufferHandleCreate
RpcAsyncInitializeHandle
RpcAsyncCompleteCall
UuidCreate
NdrMesTypeEncode2
NdrMesTypeDecode2
NdrAsyncClientCall2
NdrClientCall4
RpcBindingBind
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
QueueUserWorkItem
api-ms-win-core-synch-l1-1-0
ReleaseSemaphore
CreateSemaphoreExW
OpenEventW
TryAcquireSRWLockExclusive
InitializeSRWLock
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
SetEvent
CreateEventW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
api-ms-win-core-heap-l1-1-0
HeapFree
HeapSize
HeapAlloc
GetProcessHeap
HeapReAlloc
api-ms-win-security-base-l1-1-0
GetTokenInformation
CopySid
RevertToSelf
GetLengthSid
api-ms-win-core-threadpool-private-l1-1-0
RegisterWaitForSingleObjectEx
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureContext
api-ms-win-core-registry-l1-1-0
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegNotifyChangeKeyValue
RegDeleteKeyExW
RegCreateKeyExW
RegCloseKey
api-ms-win-core-string-l1-1-0
CompareStringW
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-file-l1-1-0
CreateFileW
bcrypt
BCryptOpenAlgorithmProvider
BCryptDestroyHash
BCryptGetProperty
BCryptFinishHash
BCryptHashData
BCryptCreateHash
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventWriteTransfer
EventSetInformation
EventRegister
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
FwpiExpandCriteria0
FwpiFreeCriteria0
FwpiVpnTriggerAddAppSids
FwpiVpnTriggerAddFilePaths
FwpiVpnTriggerAddSecurityDescriptor
FwpiVpnTriggerConfigureParameters
FwpiVpnTriggerEventSubscribe0
FwpiVpnTriggerEventUnsubscribe0
FwpiVpnTriggerInitializeNrptTriggering
FwpiVpnTriggerRemoveAppSids
FwpiVpnTriggerRemoveFilePaths
FwpiVpnTriggerRemoveSecurityDescriptor
FwpiVpnTriggerResetNrptTriggering
FwpiVpnTriggerSetStateDisconnected
FwpiVpnTriggerUninitializeNrptTriggering
FwpmBitmapIndexFree0
FwpmBitmapIndexGet0
FwpmCalloutAdd0
FwpmCalloutCreateEnumHandle0
FwpmCalloutDeleteById0
FwpmCalloutDeleteByKey0
FwpmCalloutDestroyEnumHandle0
FwpmCalloutEnum0
FwpmCalloutGetById0
FwpmCalloutGetByKey0
FwpmCalloutGetSecurityInfoByKey0
FwpmCalloutSetSecurityInfoByKey0
FwpmCalloutSubscribeChanges0
FwpmCalloutSubscriptionsGet0
FwpmCalloutUnsubscribeChanges0
FwpmConnectionCreateEnumHandle0
FwpmConnectionDestroyEnumHandle0
FwpmConnectionEnum0
FwpmConnectionGetById0
FwpmConnectionGetSecurityInfo0
FwpmConnectionSetSecurityInfo0
FwpmConnectionSubscribe0
FwpmConnectionUnsubscribe0
FwpmDiagnoseNetFailure0
FwpmEngineClose0
FwpmEngineGetOption0
FwpmEngineGetSecurityInfo0
FwpmEngineOpen0
FwpmEngineSetOption0
FwpmEngineSetSecurityInfo0
FwpmEventProviderCreate0
FwpmEventProviderDestroy0
FwpmEventProviderFireNetEvent0
FwpmEventProviderIsNetEventTypeEnabled0
FwpmFilterAdd0
FwpmFilterCreateEnumHandle0
FwpmFilterDeleteById0
FwpmFilterDeleteByKey0
FwpmFilterDestroyEnumHandle0
FwpmFilterEnum0
FwpmFilterGetById0
FwpmFilterGetByKey0
FwpmFilterGetSecurityInfoByKey0
FwpmFilterSetSecurityInfoByKey0
FwpmFilterSubscribeChanges0
FwpmFilterSubscriptionsGet0
FwpmFilterUnsubscribeChanges0
FwpmFreeMemory0
FwpmGetAppIdFromFileName0
FwpmGetSidFromOnlineId0
FwpmIPsecS2STunnelAddConditions0
FwpmIPsecS2STunnelAddInterfaceToCompartment0
FwpmIPsecS2STunnelGetInterfaceForCompartment0
FwpmIPsecS2STunnelRemoveConditions0
FwpmIPsecS2STunnelRemoveInterfaceFromCompartment0
FwpmIPsecTunnelAdd0
FwpmIPsecTunnelAdd1
FwpmIPsecTunnelAdd2
FwpmIPsecTunnelAdd3
FwpmIPsecTunnelAddConditions0
FwpmIPsecTunnelDeleteByKey0
FwpmLayerCreateEnumHandle0
FwpmLayerDestroyEnumHandle0
FwpmLayerEnum0
FwpmLayerGetById0
FwpmLayerGetByKey0
FwpmLayerGetSecurityInfoByKey0
FwpmLayerSetSecurityInfoByKey0
FwpmNetEventCreateEnumHandle0
FwpmNetEventDestroyEnumHandle0
FwpmNetEventEnum0
FwpmNetEventEnum1
FwpmNetEventEnum2
FwpmNetEventEnum3
FwpmNetEventEnum4
FwpmNetEventEnum5
FwpmNetEventSubscribe0
FwpmNetEventSubscribe1
FwpmNetEventSubscribe2
FwpmNetEventSubscribe3
FwpmNetEventSubscribe4
FwpmNetEventSubscriptionsGet0
FwpmNetEventUnsubscribe0
FwpmNetEventsGetSecurityInfo0
FwpmNetEventsLost0
FwpmNetEventsSetSecurityInfo0
FwpmProcessNameResolutionEvent0
FwpmProviderAdd0
FwpmProviderContextAdd0
FwpmProviderContextAdd1
FwpmProviderContextAdd2
FwpmProviderContextAdd3
FwpmProviderContextCreateEnumHandle0
FwpmProviderContextDeleteById0
FwpmProviderContextDeleteByKey0
FwpmProviderContextDestroyEnumHandle0
FwpmProviderContextEnum0
FwpmProviderContextEnum1
FwpmProviderContextEnum2
FwpmProviderContextEnum3
FwpmProviderContextGetById0
FwpmProviderContextGetById1
FwpmProviderContextGetById2
FwpmProviderContextGetById3
FwpmProviderContextGetByKey0
FwpmProviderContextGetByKey1
FwpmProviderContextGetByKey2
FwpmProviderContextGetByKey3
FwpmProviderContextGetSecurityInfoByKey0
FwpmProviderContextSetSecurityInfoByKey0
FwpmProviderContextSubscribeChanges0
FwpmProviderContextSubscriptionsGet0
FwpmProviderContextUnsubscribeChanges0
FwpmProviderCreateEnumHandle0
FwpmProviderDeleteByKey0
FwpmProviderDestroyEnumHandle0
FwpmProviderEnum0
FwpmProviderGetByKey0
FwpmProviderGetSecurityInfoByKey0
FwpmProviderSetSecurityInfoByKey0
FwpmProviderSubscribeChanges0
FwpmProviderSubscriptionsGet0
FwpmProviderUnsubscribeChanges0
FwpmSessionCreateEnumHandle0
FwpmSessionDestroyEnumHandle0
FwpmSessionEnum0
FwpmSubLayerAdd0
FwpmSubLayerCreateEnumHandle0
FwpmSubLayerDeleteByKey0
FwpmSubLayerDestroyEnumHandle0
FwpmSubLayerEnum0
FwpmSubLayerGetByKey0
FwpmSubLayerGetSecurityInfoByKey0
FwpmSubLayerSetSecurityInfoByKey0
FwpmSubLayerSubscribeChanges0
FwpmSubLayerSubscriptionsGet0
FwpmSubLayerUnsubscribeChanges0
FwpmSystemPortsGet0
FwpmSystemPortsSubscribe0
FwpmSystemPortsUnsubscribe0
FwpmTraceRestoreDefaults0
FwpmTransactionAbort0
FwpmTransactionBegin0
FwpmTransactionCommit0
FwpmvSwitchEventSubscribe0
FwpmvSwitchEventUnsubscribe0
FwpmvSwitchEventsGetSecurityInfo0
FwpmvSwitchEventsSetSecurityInfo0
FwppConnectionGetByIPsecInfo
FwppConnectionGetByS2STunnelId
FwppConnectionGetS2STunnelId
FwppGetMD5HashBytes
FwppIPsecSaContextCreate
FwpsAleEndpointCreateEnumHandle0
FwpsAleEndpointDestroyEnumHandle0
FwpsAleEndpointEnum0
FwpsAleEndpointGetById0
FwpsAleEndpointGetSecurityInfo0
FwpsAleEndpointSetSecurityInfo0
FwpsAleExplicitCredentialsQuery0
FwpsAleGetPortStatus0
FwpsClassifyUser0
FwpsFreeMemory0
FwpsGetInProcReplicaOffset0
FwpsLayerCreateInProcReplica0
FwpsLayerReleaseInProcReplica0
FwpsOpenToken0
FwpsQueryIPsecDosFWUsed0
FwpsQueryIPsecOffloadDone0
GetUnifiedTraceHandle
IPsecDospGetSecurityInfo0
IPsecDospGetStatistics0
IPsecDospSetSecurityInfo0
IPsecDospStateCreateEnumHandle0
IPsecDospStateDestroyEnumHandle0
IPsecDospStateEnum0
IPsecGetKeyFromDictator0
IPsecGetStatistics0
IPsecGetStatistics1
IPsecKeyDictationCheck0
IPsecKeyManagerAddAndRegister0
IPsecKeyManagerGetSecurityInfoByKey0
IPsecKeyManagerSetSecurityInfoByKey0
IPsecKeyManagerUnregisterAndDelete0
IPsecKeyManagersGet0
IPsecKeyModuleAdd0
IPsecKeyModuleDelete0
IPsecKeyModuleUpdateAcquire0
IPsecKeyNotification0
IPsecSaContextAddInbound0
IPsecSaContextAddInbound1
IPsecSaContextAddInboundAndTrackConnection
IPsecSaContextAddOutbound0
IPsecSaContextAddOutbound1
IPsecSaContextAddOutboundAndTrackConnection
IPsecSaContextCreate0
IPsecSaContextCreate1
IPsecSaContextCreateEnumHandle0
IPsecSaContextDeleteById0
IPsecSaContextDestroyEnumHandle0
IPsecSaContextEnum0
IPsecSaContextEnum1
IPsecSaContextExpire0
IPsecSaContextGetById0
IPsecSaContextGetById1
IPsecSaContextGetSpi0
IPsecSaContextGetSpi1
IPsecSaContextSetSpi0
IPsecSaContextSubscribe0
IPsecSaContextSubscriptionsGet0
IPsecSaContextUnsubscribe0
IPsecSaContextUpdate0
IPsecSaCreateEnumHandle0
IPsecSaDbGetSecurityInfo0
IPsecSaDbSetSecurityInfo0
IPsecSaDestroyEnumHandle0
IPsecSaEnum0
IPsecSaEnum1
IPsecSaInitiateAsync0
IkeextGetConfigParameters0
IkeextGetStatistics0
IkeextGetStatistics1
IkeextSaCreateEnumHandle0
IkeextSaDbGetSecurityInfo0
IkeextSaDbSetSecurityInfo0
IkeextSaDeleteById0
IkeextSaDestroyEnumHandle0
IkeextSaEnum0
IkeextSaEnum1
IkeextSaEnum2
IkeextSaGetById0
IkeextSaGetById1
IkeextSaGetById2
IkeextSaUpdateAdditionalAddressesByTunnelId0
IkeextSaUpdatePreferredAddressesByTunnelId0
IkeextSetConfigParameters0
NamespaceCallout
WFPRIODequeueCompletion
WSADeleteSocketPeerTargetName
WSAImpersonateSocketPeer
WSAQuerySocketSecurity
WSARevertImpersonation
WSASetSocketPeerTargetName
WSASetSocketSecurity
WfpCloseDPConfigureHandle
WfpConfigureDPSecurityDescriptor
WfpCreateDPConfigureHandle
WfpRIOChannelClose
WfpRIOCleanupRequestQueue
WfpRIOCloseCompletionQueue
WfpRIOCreateChannel
WfpRIOCreateCompletionQueue
WfpRIOCreateRequestQueue
WfpRIODeregisterBuffer
WfpRIOIndicateActivityThreshold
WfpRIONotify
WfpRIOReceive
WfpRIORegisterBuffer
WfpRIOResume
WfpRIOSend
WfpRIOSuspend
Sections
.text Size: 283KB - Virtual size: 282KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 124B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ReadMe(!).txt
-
Setup.exe.exe windows:6 windows x64 arch:x64
5b30998b2ec74c8918984e16a74e5411
Code Sign
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22-10-2013 12:00Not After22-10-2028 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
03:3e:d5:ed:a0:65:d1:b8:c9:1d:fc:f9:2a:6c:9b:d8Certificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18-12-2018 00:00Not After22-12-2021 12:00SubjectCN=Python Software Foundation,O=Python Software Foundation,L=Wolfeboro,ST=New Hampshire,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-01-2021 00:00Not After06-01-2031 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07-01-2016 12:00Not After07-01-2031 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
6d:7e:93:fd:da:bc:34:0e:64:d6:4e:36:b1:e8:00:13:bd:78:45:7c:42:70:38:48:18:0f:2b:38:b6:28:19:5cSigner
Actual PE Digest6d:7e:93:fd:da:bc:34:0e:64:d6:4e:36:b1:e8:00:13:bd:78:45:7c:42:70:38:48:18:0f:2b:38:b6:28:19:5cDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\_w\1\b\bin\amd64\pythonw.pdb
Imports
python310
Py_Main
vcruntime140
__current_exception
__current_exception_context
memset
__C_specific_handler
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_cexit
terminate
_configure_wide_argv
_initialize_wide_environment
_register_onexit_function
_set_app_type
_seh_filter_exe
__p___argc
__p___wargv
_c_exit
_get_wide_winmain_command_line
_exit
exit
_initterm_e
_crt_atexit
_initterm
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
_set_new_mode
kernel32
IsDebuggerPresent
GetModuleHandleW
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 372B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 44B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
WinEULA.txt
-
config.prx.exe windows:5 windows x86 arch:x86
d21794f0d47bb5c7f5977a6500854d85
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:28:14:36:98:54:a8:5f:9b:8f:90:12:67:c0:3c:f2Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17-08-2022 00:00Not After29-07-2025 23:59SubjectSERIALNUMBER=91110108680456115E,CN=Glarysoft Ltd,O=Glarysoft Ltd,ST=Beijing,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13104861696469616e204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13074265696a696e67,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:28:14:36:98:54:a8:5f:9b:8f:90:12:67:c0:3c:f2Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17-08-2022 00:00Not After29-07-2025 23:59SubjectSERIALNUMBER=91110108680456115E,CN=Glarysoft Ltd,O=Glarysoft Ltd,ST=Beijing,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13104861696469616e204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13074265696a696e67,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
cc:08:bb:49:63:6e:cf:3f:72:bf:92:cf:45:8b:91:0e:90:0f:7d:11:28:70:03:90:0a:af:8b:19:89:f5:2f:7bSigner
Actual PE Digestcc:08:bb:49:63:6e:cf:3f:72:bf:92:cf:45:8b:91:0e:90:0f:7d:11:28:70:03:90:0a:af:8b:19:89:f5:2f:7bDigest Algorithmsha256PE Digest Matchestrueb2:c8:9c:70:dd:00:70:00:00:18:3b:25:00:02:8e:c2:fc:f9:28:b7Signer
Actual PE Digestb2:c8:9c:70:dd:00:70:00:00:18:3b:25:00:02:8e:c2:fc:f9:28:b7Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\winapps\mh\trunk\exe\vc\StartupHelper\sourcecode\Release\StartupHelper.pdb
Imports
mfc90u
ord404
ord2597
ord2141
ord4131
ord6635
ord4044
ord611
ord595
ord3489
ord5664
ord4652
ord1493
ord6411
ord3355
ord1665
ord5939
ord4405
ord1607
ord3220
ord5632
ord5167
ord5324
ord1810
ord1809
ord1675
ord3353
ord6408
ord1754
ord1751
ord4345
ord1492
ord4664
ord5602
ord2074
ord5512
ord6800
ord4603
ord3743
ord5154
ord4702
ord1728
ord6466
ord5685
ord5683
ord960
ord965
ord969
ord967
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord5650
ord3140
ord4910
ord4682
ord3515
ord2593
ord5653
ord6091
ord4774
ord4815
ord5078
ord613
ord337
ord4631
ord2901
ord4741
ord1533
ord3537
ord6095
ord3622
ord6187
ord6094
ord333
ord3488
ord1354
ord1353
ord2097
ord3543
ord1183
ord3486
ord4527
ord6579
ord4543
ord6577
ord2592
ord744
ord524
ord2069
ord1063
ord663
ord2146
ord1166
ord1064
ord6604
ord4530
ord2904
ord1047
ord2596
ord5008
ord1108
ord367
ord586
ord4000
ord374
ord2130
ord3577
ord2282
ord4512
ord4442
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord799
ord265
ord266
ord1272
ord1137
ord1254
ord686
ord436
ord792
ord587
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord2447
ord636
ord790
ord639
ord2208
ord6482
ord1098
ord4211
ord794
ord589
ord4043
ord4967
ord1318
ord2327
ord316
ord601
ord899
ord1315
ord938
ord1603
ord2478
ord5979
ord6687
ord285
ord5535
ord6079
ord6813
ord1552
ord2551
ord946
ord821
ord2470
ord6096
ord4541
ord4410
ord290
ord1088
ord6659
ord2243
ord6204
ord339
ord289
ord288
ord6164
ord1599
ord809
ord6013
ord935
ord936
ord2702
ord286
ord5851
ord3637
ord2106
ord811
ord280
ord2326
ord2694
ord6529
ord813
ord2537
ord600
ord1143
ord296
ord1248
ord2084
ord1250
ord801
msvcr90
memcpy
memset
towupper
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
__wargv
__argc
setlocale
_resetstkoflw
?what@exception@std@@UBEPBDXZ
_msize
_purecall
_set_errno
_get_errno
_wtoi64
realloc
_gcvt_s
_fpclass
_HUGE
iswspace
wcsrchr
wcschr
_ui64toa_s
_i64toa_s
isspace
_itoa_s
wcsncmp
wcstod
wcstol
_wcstoui64
_wcstoi64
strtol
_wtoi
wcsnlen
_wcsicmp
_scwprintf
_ultoa_s
strncmp
_strlwr_s
_recalloc
calloc
_itow_s
swprintf_s
_CxxThrowException
malloc
wcscpy_s
wcsncpy_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
free
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memmove_s
memcpy_s
kernel32
GetPrivateProfileSectionW
LocalFree
GetCurrentProcessId
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
SetLastError
LoadLibraryW
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
GetProcAddress
GetModuleHandleW
Sleep
GetTickCount
GetCommandLineW
InterlockedExchange
CreateMutexW
CloseHandle
HeapReAlloc
GetPrivateProfileIntW
HeapFree
GetProcessHeap
HeapAlloc
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameW
lstrlenW
WaitForSingleObject
HeapDestroy
HeapSize
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
user32
SendMessageW
AppendMenuW
GetSystemMenu
GetWindowRect
MessageBoxW
GetWindowLongW
SetWindowLongW
UnionRect
GetMenuBarInfo
GetMenuItemID
GetMenuItemCount
GetSysColor
OffsetRect
FrameRect
DrawFrameControl
CopyRect
EnableWindow
IsWindow
InvalidateRect
KillTimer
PtInRect
ReleaseDC
FillRect
GetDC
SystemParametersInfoW
EndPaint
BeginPaint
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
GetClientRect
LoadIconW
gdi32
CreatePen
CreateCompatibleBitmap
CreateSolidBrush
GetObjectW
SetDIBColorTable
GetTextExtentPoint32W
SetBkMode
CreateRoundRectRgn
GetCurrentObject
GetBkMode
CreatePatternBrush
SetBrushOrgEx
FillRgn
FrameRgn
SelectObject
CreateFontW
GetDIBColorTable
StretchBlt
CreateDIBSection
BitBlt
CreateCompatibleDC
DeleteDC
DeleteObject
msimg32
TransparentBlt
GradientFill
AlphaBlend
advapi32
RegQueryValueExW
RegOpenKeyExW
shell32
ShellExecuteW
CommandLineToArgvW
comctl32
_TrackMouseEvent
InitCommonControlsEx
shlwapi
PathFileExistsW
ole32
OleInitialize
CoUninitialize
CoInitialize
CoCreateInstance
oleaut32
SysAllocStringLen
VariantClear
SysAllocString
VariantInit
SysFreeString
msvcp90
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
ws2_32
WSASetLastError
GetAddrInfoW
WSAStartup
WSACleanup
closesocket
WSACloseEvent
WSASocketW
WSAGetLastError
WSAConnect
WSAEnumNetworkEvents
WSAResetEvent
WSASend
WSAGetOverlappedResult
WSARecv
WSACreateEvent
WSASetEvent
WSAEventSelect
FreeAddrInfoW
boottime
ord2
GetSetupTime
ord1
gdiplus
GdipDisposeImage
GdipFree
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipAlloc
languages
ord5
ord3
ord6
ord8
ord4
config
ord13
ord11
Sections
.text Size: 122KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
glu32.dll.dll windows:10 windows x86 arch:x86
16745349e4efc23394c44a57dd7ac7f5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
glu32.pdb
Imports
msvcrt
_callnewh
free
malloc
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
_CxxThrowException
__CxxFrameHandler3
longjmp
floor
sin
cos
sqrt
strstr
fabs
_XcptFilter
_ftol2_sse
_except_handler4_common
??1type_info@@UAE@XZ
_initterm
_amsg_exit
memcpy
memset
_setjmp3
kernel32
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
LocalReAlloc
GetModuleHandleA
lstrlenA
lstrlenW
DebugBreak
LocalFree
LocalAlloc
user32
LoadStringA
LoadStringW
opengl32
glOrtho
glMultMatrixf
glScalef
glTranslatef
glMultMatrixd
glTranslated
glGetString
glNormal3f
glTexCoord2f
glVertex3f
glGetError
glPixelStorei
glTexImage2D
glTexImage1D
glGetIntegerv
glGetFloatv
glEvalMesh2
glMap2f
glEvalCoord2f
glMapGrid2d
glPolygonMode
glEvalPoint2
glPushAttrib
glDisable
glEvalMesh1
glEvalCoord1f
glPopAttrib
glBegin
glEnd
glMap1f
glEnable
glMapGrid1f
Exports
Exports
gluBeginCurve
gluBeginPolygon
gluBeginSurface
gluBeginTrim
gluBuild1DMipmaps
gluBuild2DMipmaps
gluCylinder
gluDeleteNurbsRenderer
gluDeleteQuadric
gluDeleteTess
gluDisk
gluEndCurve
gluEndPolygon
gluEndSurface
gluEndTrim
gluErrorString
gluErrorUnicodeStringEXT
gluGetNurbsProperty
gluGetString
gluGetTessProperty
gluLoadSamplingMatrices
gluLookAt
gluNewNurbsRenderer
gluNewQuadric
gluNewTess
gluNextContour
gluNurbsCallback
gluNurbsCurve
gluNurbsProperty
gluNurbsSurface
gluOrtho2D
gluPartialDisk
gluPerspective
gluPickMatrix
gluProject
gluPwlCurve
gluQuadricCallback
gluQuadricDrawStyle
gluQuadricNormals
gluQuadricOrientation
gluQuadricTexture
gluScaleImage
gluSphere
gluTessBeginContour
gluTessBeginPolygon
gluTessCallback
gluTessEndContour
gluTessEndPolygon
gluTessNormal
gluTessProperty
gluTessVertex
gluUnProject
Sections
.text Size: 211KB - Virtual size: 210KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
gnsdk_fp.dll.dll windows:6 windows x86 arch:x86
b7c8993f10dec27599332ce85a1de38a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
gnsdk_fp.pdb
Imports
kernel32
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcess
GetProcAddress
LoadLibraryA
CloseHandle
RaiseException
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetCurrentThreadId
SetThreadPriority
FileTimeToLocalFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetStdHandle
GetFileType
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
CreateFileW
WriteConsoleW
DecodePointer
DeleteFileW
GetFileAttributesW
GetFileSize
MoveFileW
Exports
Exports
g_gcsl_log_callback
g_gcsl_log_enabled_pkgs
g_gcsl_signal_callback
g_gcsl_thread_registrants
g_gcsl_thread_store_key
gcsl_fs_marker_end
gcsl_fs_marker_initialize
gcsl_fs_marker_start
gcsl_memory_alloc
gcsl_memory_alloc2
gcsl_memory_alloc_count
gcsl_memory_alloc_max
gcsl_memory_alloc_trace
gcsl_memory_alloc_trace_set
gcsl_memory_calloc
gcsl_memory_calloc2
gcsl_memory_checkpoint_report
gcsl_memory_checkpoint_set
gcsl_memory_dup
gcsl_memory_dup2
gcsl_memory_free
gcsl_memory_heap_dump
gcsl_memory_heap_max
gcsl_memory_heap_now
gcsl_memory_heap_warn
gcsl_memory_initialize
gcsl_memory_marker_end
gcsl_memory_marker_initialize
gcsl_memory_marker_start
gcsl_memory_memcmp
gcsl_memory_memcpy
gcsl_memory_memmove
gcsl_memory_memset
gcsl_memory_name_set
gcsl_memory_realloc
gcsl_memory_realloc2
gcsl_memory_register_provider_interface
gcsl_memory_shutdown
gcsl_memory_sizeof
gcsl_time_marker_end
gcsl_time_marker_initialize
gcsl_time_marker_start
gnsdk_fp_data_addref
gnsdk_fp_data_get_info
gnsdk_fp_data_release
gnsdk_fp_data_render
gnsdk_fp_fingerprinter_audio_create
gnsdk_fp_fingerprinter_audio_done
gnsdk_fp_fingerprinter_audio_write
gnsdk_fp_fingerprinter_audio_write_ex
gnsdk_fp_fingerprinter_release
gnsdk_fp_fingerprinter_video_create
gnsdk_fp_fingerprinter_video_done
gnsdk_fp_fingerprinter_video_write
gnsdk_fp_get_build_date
gnsdk_fp_get_version
gnsdk_fp_initialize
gnsdk_fp_shutdown
gnsdk_fp_string_free
Sections
.text Size: 157KB - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
navette.dwg
-
opengl64.dll.exe windows:6 windows x64 arch:x64
12c058d908f07eb19d3f1f0a4bb41bef
Code Sign
0d:fe:7b:a4:82:f0:76:db:90:bc:c2:2b:2c:48:7c:bdCertificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before25-02-2021 00:00Not After29-02-2024 23:59SubjectCN=Epic Games Inc.,O=Epic Games Inc.,L=Cary,ST=North Carolina,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22-10-2013 12:00Not After22-10-2028 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-05-2019 00:00Not After18-01-2038 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03-05-2023 00:00Not After02-08-2034 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
0d:fe:7b:a4:82:f0:76:db:90:bc:c2:2b:2c:48:7c:bdCertificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before25-02-2021 00:00Not After29-02-2024 23:59SubjectCN=Epic Games Inc.,O=Epic Games Inc.,L=Cary,ST=North Carolina,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22-10-2013 12:00Not After22-10-2028 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12-01-2016 00:00Not After11-01-2031 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23-12-2017 00:00Not After22-03-2029 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0c:52:fd:13:81:7d:a3:86:5d:e4:84:46:8c:35:09:a5:26:83:ae:ac:37:64:c9:0f:42:89:b7:70:65:88:10:dfSigner
Actual PE Digest0c:52:fd:13:81:7d:a3:86:5d:e4:84:46:8c:35:09:a5:26:83:ae:ac:37:64:c9:0f:42:89:b7:70:65:88:10:dfDigest Algorithmsha256PE Digest Matchestrueb4:28:b6:ea:a9:f1:d8:dd:26:dd:e6:4d:49:5f:06:c6:e0:8c:f6:c4Signer
Actual PE Digestb4:28:b6:ea:a9:f1:d8:dd:26:dd:e6:4d:49:5f:06:c6:e0:8c:f6:c4Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
CrashReportClient.pdb
Imports
xinput1_3
ord3
ord2
advapi32
CryptReleaseContext
OpenProcessToken
RegDeleteTreeW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegSetValueExW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptAcquireContextW
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyExW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegCloseKey
RegCreateKeyExW
user32
WindowFromPoint
ClipCursor
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
SetForegroundWindow
SetWindowTextW
GetWindowRect
MessageBoxW
ScreenToClient
GetWindowLongW
GetTopWindow
EnumDisplayDevicesW
GetKeyboardLayout
DisableProcessWindowsGhosting
TranslateMessage
DispatchMessageW
GetMessageExtraInfo
SendMessageW
DefWindowProcW
GetRawInputDeviceList
RegisterRawInputDevices
GetRawInputDeviceInfoA
ReleaseDC
GetWindowInfo
EnumDisplayMonitors
SetWindowLongPtrW
GetProcessWindowStation
GetUserObjectInformationW
GetCursorPos
SetCursor
SetCursorPos
ClientToScreen
RegisterClassW
UnregisterClassW
CreateWindowExW
GetClipCursor
DestroyWindow
ShowWindow
SetLayeredWindowAttributes
FlashWindowEx
GetWindowPlacement
SetWindowPlacement
IsIconic
IsZoomed
GetDC
GetForegroundWindow
SetActiveWindow
UpdateWindow
EnableMenuItem
GetSystemMenu
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
MonitorFromRect
ShowCursor
AdjustWindowRectEx
GetClientRect
SetWindowRgn
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
MonitorFromPoint
SystemParametersInfoW
EnumDisplaySettingsW
CreateIconIndirect
LoadImageW
LoadIconW
LoadCursorFromFileW
LoadCursorW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetClassLongPtrW
RegisterClassExW
MoveWindow
MsgWaitForMultipleObjects
SetRect
IsWindow
GetWindowLongPtrW
SetWindowLongW
EnableWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
RegisterTouchWindow
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetKeyState
GetFocus
EndDialog
DialogBoxParamW
SetWindowPos
PostQuitMessage
UnregisterHotKey
RegisterHotKey
PeekMessageW
GetActiveWindow
GetRawInputData
SetFocus
gdi32
PtInRegion
SelectObject
CreateCompatibleDC
DeleteDC
GetTextExtentPoint32W
SwapBuffers
SetPixelFormat
ChoosePixelFormat
GetTextMetricsW
CreateFontW
CreateBitmap
GetDeviceCaps
CreateFontIndirectW
CreateRectRgn
CreateRoundRectRgn
DeleteObject
crypt32
CertGetCertificateContextProperty
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertOpenSystemStoreW
CertGetNameStringW
CertEnumCertificatesInStore
ws2_32
accept
bind
closesocket
connect
ioctlsocket
getpeername
getsockname
__WSAFDIsSet
htonl
htons
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
gethostname
WSAStartup
WSACleanup
WSAGetLastError
getaddrinfo
freeaddrinfo
getnameinfo
WSAIoctl
WSASetLastError
getsockopt
inet_pton
wldap32
ord143
ord46
ord211
ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord60
normaliz
IdnToAscii
dxgi
CreateDXGIFactory1
d3d11
D3D11CreateDevice
d3dcompiler_43
D3DCompile
D3DReflect
dbghelp
SymFunctionTableAccess64
MiniDumpWriteDump
SymRefreshModuleList
StackWalk64
SymFromAddr
SymInitializeW
SymGetLineFromAddr64
SymGetModuleBase64
SymGetModuleInfo64
SymSetOptions
SymGetModuleInfoW64
SymGetOptions
winmm
timeBeginPeriod
kernel32
FreeEnvironmentStringsW
GetEnvironmentStringsW
VerSetConditionMask
RtlCaptureStackBackTrace
CreateToolhelp32Snapshot
K32GetProcessMemoryInfo
K32GetModuleFileNameExW
K32EnumProcessModulesEx
SystemTimeToFileTime
FileTimeToSystemTime
MoveFileW
CopyFileW
ReOpenFile
UnmapViewOfFile
MapViewOfFile
VirtualFree
VirtualProtect
VirtualAlloc
GetSystemInfo
GlobalMemoryStatusEx
GetProcessId
ResumeThread
SuspendThread
OpenThread
GetCurrentProcessId
SetCurrentDirectoryW
GetLongPathNameW
GetTempPathW
OutputDebugStringW
SetThreadErrorMode
PeekNamedPipe
QueryPerformanceFrequency
SetEvent
ReleaseSemaphore
GetEnvironmentVariableW
CreateFileMappingW
GetCurrentDirectoryW
Sleep
GetCurrentProcess
LoadLibraryExA
VirtualQuery
CreateSemaphoreA
GetProcessTimes
TerminateProcess
GetExitCodeProcess
LocalFree
SwitchToThread
VerifyVersionInfoA
GetModuleHandleA
GetSystemDirectoryA
ExpandEnvironmentStringsA
WaitForMultipleObjects
WaitForSingleObjectEx
SleepEx
InitializeCriticalSectionEx
GetTickCount64
FormatMessageA
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
WideCharToMultiByte
MultiByteToWideChar
CreateFiber
DeleteFiber
SwitchToFiber
CreateEventW
GetDateFormatEx
GetTimeFormatEx
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
CreateThread
GetSystemTime
GetSystemTimeAsFileTime
GetLocalTime
GetCurrentThread
SetThreadPriority
ResolveLocaleName
GetCurrencyFormatEx
GetNumberFormatEx
LocaleNameToLCID
LCIDToLocaleName
GetUserGeoID
GetVersionExW
CreateProcessW
GetLogicalProcessorInformationEx
GetNativeSystemInfo
GetGeoInfoW
GetDynamicTimeZoneInformation
GetLocaleInfoEx
FreeLibrary
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
LoadResource
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetACP
GetThreadContext
GetEnvironmentVariableA
GetStartupInfoW
LoadLibraryA
VirtualUnlock
GetLargePageMinimum
FlsSetValue
FlsAlloc
GetModuleHandleExA
SetErrorMode
MulDiv
GlobalFree
SetConsoleWindowInfo
SetConsoleTextAttribute
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
AttachConsole
FreeConsole
AllocConsole
GlobalLock
GlobalUnlock
GlobalAlloc
GetVersion
GetProcessHandleCount
CreateWaitableTimerW
SetWaitableTimer
Process32NextW
DebugBreak
LockResource
Process32FirstW
GetConsoleWindow
SetConsoleCtrlHandler
GetUserDefaultLocaleName
GetUserPreferredUILanguages
GetSystemPowerStatus
VerifyVersionInfoW
GetComputerNameW
QueryFullProcessImageNameW
lstrlenW
FormatMessageW
SetThreadAffinityMask
LoadLibraryW
FindResourceW
InitializeCriticalSection
SetCriticalSectionSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentThreadId
GetStdHandle
GetCommandLineW
FindClose
FindFirstFileW
GetFileType
OpenProcess
WriteConsoleW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InitializeSRWLock
AcquireSRWLockShared
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
HeapSetInformation
SetHandleInformation
CreatePipe
CreateDirectoryW
CreateFileW
DeleteFileW
FindNextFileW
FlushFileBuffers
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFinalPathNameByHandleW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointer
SetFileTime
WriteFile
CloseHandle
RaiseException
GetLastError
SetLastError
GetOverlappedResult
ResetEvent
WaitForSingleObject
SizeofResource
comdlg32
ChooseFontW
shell32
ShellExecuteW
ShellExecuteExW
SHGetKnownFolderPath
SHGetFolderPathW
SHCreateItemFromParsingName
ole32
RevokeDragDrop
ReleaseStgMedium
CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitialize
OleInitialize
RegisterDragDrop
CoTaskMemFree
OleUninitialize
oleaut32
VariantCopy
SafeArrayCreateVector
SafeArrayPutElement
SysAllocString
SysFreeString
iphlpapi
GetAdaptersAddresses
setupapi
SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Device_IDW
dwmapi
DwmExtendFrameIntoClientArea
DwmGetCompositionTimingInfo
DwmSetWindowAttribute
DwmIsCompositionEnabled
imm32
ImmGetDescriptionW
ImmGetIMEFileNameW
ImmGetProperty
ImmCreateContext
ImmDestroyContext
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
uiautomationcore
UiaRaiseAutomationPropertyChangedEvent
UiaRaiseAutomationEvent
UiaReturnRawElementProvider
UiaHostProviderFromHwnd
UiaClientsAreListening
winhttp
WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser
opengl32
glPolygonMode
glScissor
glStencilFunc
glStencilMask
glStencilOp
glGetString
glTexImage2D
glTexParameteri
glTexSubImage2D
glGenTextures
glViewport
glEnable
glDisable
wglCreateContext
glBlendFunc
glPixelStorei
wglDeleteContext
wglGetProcAddress
wglMakeCurrent
glBindTexture
glAlphaFunc
glDeleteTextures
glTexEnvi
msvcp140
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
_Thrd_yield
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
dbgeng
DebugCreate
bcrypt
BCryptGenRandom
vcruntime140
__intrinsic_setjmp
__current_exception_context
__current_exception
__RTDynamicCast
__std_type_info_name
__std_type_info_compare
__RTtypeid
__CxxFrameHandler3
strchr
longjmp
__std_exception_destroy
__std_exception_copy
__std_terminate
memchr
_set_purecall_handler
__C_specific_handler
wcsrchr
strstr
wcschr
_CxxThrowException
_purecall
memcpy
memmove
memset
wcsstr
memcmp
strrchr
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-convert-l1-1-0
strtod
_wtof
_wtoi64
_wtoi
atoi
wcstod
_wcstoui64
_wcstoi64
_strtoi64
atof
strtol
strtoul
strtoll
wcstoul
api-ms-win-crt-utility-l1-1-0
srand
div
rand
qsort
bsearch
api-ms-win-crt-stdio-l1-1-0
__p__commode
__stdio_common_vfprintf
fputs
fwrite
_read
_write
_close
_open
setbuf
fread
ferror
fclose
_setmode
_fileno
clearerr
_lseeki64
_set_fmode
feof
fseek
ftell
__acrt_iob_func
__stdio_common_vsprintf
fgets
__stdio_common_vsscanf
_wfopen
fopen
__stdio_common_vfwprintf
__stdio_common_vswprintf
fputc
fflush
api-ms-win-crt-string-l1-1-0
isxdigit
tolower
isalpha
strpbrk
wcsncmp
isalnum
_strdup
strcspn
_strnicmp
_stricmp
wcsncpy
isdigit
iswdigit
iswspace
strcmp
isupper
islower
isgraph
strncmp
isspace
strncat
toupper
strncpy
strspn
isprint
iswpunct
iswlower
iswxdigit
iswalpha
iswalnum
api-ms-win-crt-heap-l1-1-0
_heapchk
_set_new_mode
_aligned_free
_aligned_malloc
realloc
_get_heap_handle
calloc
free
malloc
api-ms-win-crt-math-l1-1-0
floor
logf
truncf
floorf
ceil
fmod
ceilf
_dsign
__setusermatherr
_dtest
trunc
modf
_isnan
round
asin
frexp
powf
_finite
cosf
sinf
atan
atan2
cos
log
sin
pow
sqrt
tan
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
_getpid
_errno
exit
_invalid_parameter_noinfo_noreturn
_cexit
_crt_atexit
_register_onexit_function
_set_app_type
_initialize_onexit_table
_exit
raise
__sys_nerr
_initterm
strerror
_initterm_e
_beginthreadex
abort
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_register_thread_local_exe_atexit_callback
signal
terminate
strerror_s
_get_narrow_winmain_command_line
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-conio-l1-1-0
_cputs
api-ms-win-crt-time-l1-1-0
__tzname
_tzset
_gmtime64_s
_gmtime64
_time64
__timezone
api-ms-win-crt-filesystem-l1-1-0
_stat64
_fstat64
_stat64i32
_fstat64i32
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Exports
Exports
png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_current_pass_number
png_get_current_row_number
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_name
png_get_io_chunk_type
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_16
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig
Sections
.text Size: 11.6MB - Virtual size: 11.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.uedbg Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.4MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 582KB - Virtual size: 582KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 109KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
python310.dll.dll windows:6 windows x64 arch:x64
1ba87c09c523d7de2b8992a559808c95
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:ddCertificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before17-01-2022 00:00Not After15-01-2025 23:59SubjectCN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before21-09-2022 00:00Not After21-11-2033 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
27:70:8f:7d:fc:b4:ac:5a:37:46:d3:4e:f2:f6:f8:77:3f:24:6d:7a:a7:e5:58:16:2d:e0:23:c9:4a:23:16:24Signer
Actual PE Digest27:70:8f:7d:fc:b4:ac:5a:37:46:d3:4e:f2:f6:f8:77:3f:24:6d:7a:a7:e5:58:16:2d:e0:23:c9:4a:23:16:24Digest Algorithmsha256PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\_w\1\b\bin\amd64\python310.pdb
Imports
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
ws2_32
getsockopt
send
WSAGetLastError
api-ms-win-core-path-l1-1-0
PathCchSkipRoot
PathCchCombineEx
PathCchCanonicalizeEx
advapi32
AdjustTokenPrivileges
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegDeleteKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegSetValueExW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
RegEnumKeyExW
LookupPrivilegeValueA
RegCloseKey
RegCreateKeyW
RegSetValueW
RegEnumValueW
RegDeleteValueW
RegConnectRegistryW
RegLoadKeyW
kernel32
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsFree
GetStringTypeW
GetLocaleInfoA
GetACP
RemoveVectoredExceptionHandler
SetErrorMode
RaiseException
AddVectoredExceptionHandler
GetCurrentProcess
SetFilePointer
SetEndOfFile
UnmapViewOfFile
DuplicateHandle
GetLastError
FlushViewOfFile
CloseHandle
GetSystemInfo
CreateFileMappingA
GetFileSize
MapViewOfFile
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
Process32First
SetHandleInformation
GetConsoleScreenBufferInfo
SetLastError
GetHandleInformation
FindNextFileW
GetStdHandle
DeviceIoControl
TerminateProcess
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
SetEnvironmentVariableW
CreatePipe
CreateHardLinkW
FindClose
GetVolumePathNameW
CreateFileW
GetFileAttributesW
OpenProcess
SetFileAttributesW
CreateToolhelp32Snapshot
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
DeleteFileW
Process32Next
LoadLibraryW
GetActiveProcessorCount
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
MoveFileExW
GetModuleHandleW
CreateSymbolicLinkW
GetSystemTimeAsFileTime
GetFileType
GetProcessTimes
GenerateConsoleCtrlEvent
SetEvent
CreateEventA
Sleep
GetTimeZoneInformation
GetCurrentThread
WaitForSingleObjectEx
ResetEvent
GetThreadTimes
GetFullPathNameW
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WriteConsoleW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
TlsGetValue
ReadFile
CancelIo
SetNamedPipeHandleState
WaitNamedPipeA
CreateNamedPipeA
WriteFile
GetModuleFileNameW
WaitForMultipleObjects
InitializeProcThreadAttributeList
PeekNamedPipe
WaitForSingleObject
OpenFileMappingW
GetModuleHandleA
GetVersion
LCMapStringEx
UpdateProcThreadAttribute
CreateFileA
DeleteProcThreadAttributeList
GetOverlappedResult
ExitProcess
CreateProcessW
CreateFileMappingW
VirtualQuery
ConnectNamedPipe
GetExitCodeProcess
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
LoadLibraryExW
GetErrorMode
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
FormatMessageW
FreeLibrary
LocalFree
GetConsoleOutputCP
GetConsoleCP
OutputDebugStringW
GetSystemTimeAdjustment
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExW
TlsSetValue
HeapFree
GetCurrentThreadId
TlsAlloc
HeapAlloc
GetProcessHeap
vcruntime140
memchr
wcschr
wcsrchr
strchr
strrchr
__C_specific_handler
__std_type_info_destroy_list
memcmp
memset
memcpy
memmove
api-ms-win-crt-math-l1-1-0
_fdopen
atan
sin
cos
pow
log10
sinh
log
asin
erf
fmod
acos
fabs
tan
nextafter
cosh
floor
sqrt
ceil
atan2
_finite
exp
_isnan
copysign
round
modf
ldexp
hypot
frexp
tanh
erfc
api-ms-win-crt-locale-l1-1-0
localeconv
setlocale
api-ms-win-crt-string-l1-1-0
strcmp
toupper
wcsnlen
_wcsicmp
wcscpy_s
wcstok_s
_stricmp
wcsncpy
isxdigit
wcscat_s
strcspn
strncmp
isdigit
isalnum
tolower
wcscmp
strncpy
wcsncmp
wcsncpy_s
wcscoll
wcsxfrm
api-ms-win-crt-runtime-l1-1-0
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_errno
abort
_cexit
_seh_filter_dll
_wsystem
_set_thread_local_invalid_parameter_handler
_initterm_e
_getpid
_initterm
_beginthreadex
_set_abort_behavior
strerror
raise
__sys_errlist
__sys_nerr
_endthreadex
signal
_exit
exit
__fpe_flt_rounds
api-ms-win-crt-stdio-l1-1-0
fclose
__acrt_iob_func
_open_osfhandle
setvbuf
fread
getc
__stdio_common_vswprintf
__stdio_common_vfprintf
rewind
ungetc
_wopen
_locking
_commit
_kbhit
_setmode
__stdio_common_vsprintf
ftell
feof
fgets
_get_osfhandle
ferror
fputs
fflush
clearerr
_isatty
_fileno
_lseek
_dup2
fputc
_close
_wfopen
_lseeki64
_open
_read
_dup
_write
fwrite
_chsize_s
api-ms-win-crt-convert-l1-1-0
wcstol
strtoul
strtol
mbstowcs
wcstombs
api-ms-win-crt-time-l1-1-0
_mktime64
__timezone
_time64
clock
strftime
_gmtime64_s
_tzset
_localtime64_s
__daylight
api-ms-win-crt-environment-l1-1-0
_wgetcwd
_wputenv
getenv
__p__wenviron
_wputenv_s
_wgetenv
api-ms-win-crt-process-l1-1-0
_cwait
_wspawnve
_wexecv
_wexecve
_wspawnv
api-ms-win-crt-heap-l1-1-0
free
_heapmin
realloc
calloc
malloc
api-ms-win-crt-conio-l1-1-0
_putwch
_getwch
_getwche
_getche
_putch
_ungetwch
_ungetch
_getch
api-ms-win-crt-filesystem-l1-1-0
_umask
_wstat64i32
Exports
Exports
PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyAsyncGen_New
PyAsyncGen_Type
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCMethod_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_Addr2Line
PyCode_New
PyCode_NewEmpty
PyCode_NewWithPosOnlyArgs
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyCompile_OpcodeStackEffect
PyCompile_OpcodeStackEffectWithJump
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyConfig_InitPythonConfig
PyConfig_Read
PyConfig_SetArgv
PyConfig_SetBytesArgv
PyConfig_SetBytesString
PyConfig_SetString
PyConfig_SetWideStringList
PyContextToken_Type
PyContextVar_Get
PyContextVar_New
PyContextVar_Reset
PyContextVar_Set
PyContextVar_Type
PyContext_Copy
PyContext_CopyCurrent
PyContext_Enter
PyContext_Exit
PyContext_New
PyContext_Type
PyCoro_New
PyCoro_Type
PyDescr_IsData
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetDefault
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ProgramTextObject
PyErr_RangedSyntaxLocationObject
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcFromWindowsErrWithUnicodeFilename
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromErrnoWithUnicodeFilename
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetFromWindowsErrWithUnicodeFilename
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_SyntaxLocationObject
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnExplicitFormat
PyErr_WarnExplicitObject
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_OpenCode
PyFile_OpenCodeObject
PyFile_SetOpenCodeHook
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_BlockPop
PyFrame_BlockSetup
PyFrame_FastToLocals
PyFrame_FastToLocalsWithError
PyFrame_GetBack
PyFrame_GetCode
PyFrame_GetLineNumber
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Check
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_New
PyGen_NewWithQualName
PyGen_Type
PyGetSetDescr_Type
PyHash_GetFuncDef
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyIndex_Check
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_Head
PyInterpreterState_Main
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_GetAllocator
PyMem_Malloc
PyMem_RawCalloc
PyMem_RawFree
PyMem_RawMalloc
PyMem_RawRealloc
PyMem_Realloc
PyMem_SetAllocator
PyMem_SetupDebugHooks
PyMemberDescr_Type
PyMember_GetOne
PyMember_SetOne
PyMemoryView_FromBuffer
PyMemoryView_FromMemory
PyMemoryView_FromObject
PyMemoryView_GetContiguous
PyMemoryView_Type
PyMethodDescr_Type
PyMethod_Function
PyMethod_New
PyMethod_Self
PyMethod_Type
PyModuleDef_Init
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 234KB - Virtual size: 295KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PyRuntim Size: 1024B - Virtual size: 608B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
smith.mkv
-
vcruntime140.dll.dll windows:6 windows x64 arch:x64
7f07fd94e5bb907093556781cc464017
Code Sign
33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7Certificate
IssuerCN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02-02-2023 22:33Not After31-01-2024 22:33SubjectCN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before01-05-2013 20:44Not After01-05-2028 20:54SubjectCN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3eCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before16-02-2023 20:10Not After31-01-2024 20:10SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
a7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8cSigner
Actual PE Digesta7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8cDigest Algorithmsha256PE Digest Matchestruea7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8cSigner
Actual PE Digesta7:db:b4:ba:b8:a5:7d:70:a2:02:57:5c:42:c1:5a:eb:68:ac:ec:52:07:b1:ec:4c:29:ac:93:24:9e:d4:f6:8cDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
terminate
abort
api-ms-win-crt-heap-l1-1-0
calloc
malloc
free
api-ms-win-crt-string-l1-1-0
strcpy_s
strncmp
wcsncmp
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf
__stdio_common_vsprintf_s
api-ms-win-crt-convert-l1-1-0
atol
kernel32
GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
Exports
Exports
_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr
Sections
.text Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 976B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 416B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ