sus[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

sus.zip
Size

12.6MB
MD5

fdef1eb589691b7fa2f0e1bafe1f1dbd
SHA1

6d93961143ac8c8104742742b841a68c41a04330
SHA256

a86d3039451a065cfe9f9418303f3d3205b0fb53d1a5b5a5d3ad7cb3a3f437ff
SHA512

563646424b923a5d7ba40af6150fb0ec8492a46fcd0386ba5d8aee5f68b6a355025e4814ffacf72116271869ff8eeedcfe92bbd05b7c66b961ca05a1e94ccf3b
SSDEEP

393216:xemDG/ZiR+JuO2cGs1wajZf8joiqw/DmCny0KPXT:xNi/ZipcGs1waV87n92T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Set_up.exe

Files

sus.zip
.zip
AcXtrnal.dll
.dll windows:6 windows x64 arch:x64

d5e684c2960f27fa0d1818bb9f6d8d03

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/04/2022, 00:00

Not After

05/04/2025, 23:59

Subject

SERIALNUMBER=91540195754285145H,CN=Wondershare Technology Group Co.\,Ltd,O=Wondershare Technology Group Co.\,Ltd,L=拉萨市,ST=西藏自治区,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c0fe8a5bfe8978fe887aae6b2bbe58cba,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/04/2022, 00:00

Not After

05/04/2025, 23:59

Subject

SERIALNUMBER=91540195754285145H,CN=Wondershare Technology Group Co.\,Ltd,O=Wondershare Technology Group Co.\,Ltd,L=拉萨市,ST=西藏自治区,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c0fe8a5bfe8978fe887aae6b2bbe58cba,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:46:01:9d:d7:15:a5:7e:44:29:02:eb:1f:eb:33:37:da:9d:cf:6f:36:bf:ab:30:74:5f:7d:48:c5:91:48:97
Signer

Actual PE Digest

29:46:01:9d:d7:15:a5:7e:44:29:02:eb:1f:eb:33:37:da:9d:cf:6f:36:bf:ab:30:74:5f:7d:48:c5:91:48:97

Digest Algorithm

sha256

PE Digest Matches

true

8e:d8:02:80:73:dd:f5:3d:38:a4:a2:46:dc:09:87:5f:ca:e2:42:07
Signer

Actual PE Digest

8e:d8:02:80:73:dd:f5:3d:38:a4:a2:46:dc:09:87:5f:ca:e2:42:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

G:\devops_agent\VBL_agent\workspace\p-ddb7778fe5724693912ec7be49ab67d7\src\6.0.0\bin\Release\AIManager.pdb

Imports

bsai

?fileinfo_size@ConvertToTextKey@VBL@@3PEBDEB
?fileinfo_md5@ConvertToTextKey@VBL@@3PEBDEB
?fileinfo_time@ConvertToTextKey@VBL@@3PEBDEB
?fileinfo_ext@ConvertToTextKey@VBL@@3PEBDEB
?task_id@ConvertToTextResponseKey@VBL@@3PEBDEB
?wait_time@ConvertToTextResponseKey@VBL@@3PEBDEB
?task_id@ToTextQueryKey@VBL@@3PEBDEB
?wait_time@ToTextQueryResponseKey@VBL@@3PEBDEB
?text@ToTextQueryResponseKey@VBL@@3PEBDEB
?state@ToTextQueryResponseKey@VBL@@3PEBDEB
?tpl_id@QuerySampleVoiceIntKey@VBL@@3PEBDEB
?speech_rate@QuerySampleVoiceIntKey@VBL@@3PEBDEB
?pitch_rate@QuerySampleVoiceIntKey@VBL@@3PEBDEB
?download_url@QuerySampleVoiceResponseCharKey@VBL@@3PEBDEB
?lang_code@ConvertToTextKey@VBL@@3PEBDEB
?localfilepath@AIDownloadFileKey@VBL@@3PEBDEB
?contents@ConvertToSpeechKey@VBL@@3PEBDEB
?voice_code@ConvertToSpeechKey@VBL@@3PEBDEB
?content@ConvertToTextKey@VBL@@3PEBDEB
?speech_rate@ConvertToSpeechKey@VBL@@3PEBDEB
?pitch_rate@ConvertToSpeechKey@VBL@@3PEBDEB
?volume@ConvertToSpeechKey@VBL@@3PEBDEB
?task_id@ConvertToSpeechResponseKey@VBL@@3PEBDEB
?wait_time@ConvertToSpeechResponseKey@VBL@@3PEBDEB
?task_id@ToSpeechQueryKey@VBL@@3PEBDEB
?wait_time@ToSpeechQueryResponseKey@VBL@@3PEBDEB
?state@ToSpeechQueryResponseKey@VBL@@3PEBDEB
?task_content@ToSpeechQueryResponseKey@VBL@@3PEBDEB
?file_link@ConvertToTextKey@VBL@@3PEBDEB
?local_audio_fullpath@ConvertToTextKey@VBL@@3PEBDEB
?transfer_mode@ConvertToTextKey@VBL@@3PEBDEB
?used_time@UserAuthResponseKey@VBL@@3PEBDEB
?total_time@UserAuthResponseKey@VBL@@3PEBDEB
?feature_code@UserAuthKey@VBL@@3PEBDEB
?long_polling_time@ConfigResponseIntKey@VBL@@3PEBDEB
?stt_sample_rate_hertz@ConfigResponseIntKey@VBL@@3PEBDEB
?stt_audio_duration_limit@ConfigResponseIntKey@VBL@@3PEBDEB
?stt_audio_size_limit@ConfigResponseIntKey@VBL@@3PEBDEB
?tts_word_offset@ConfigResponseIntKey@VBL@@3PEBDEB
?lang_code@ConvertToSpeechKey@VBL@@3PEBDEB
?word_limit@ConvertToTextKey@VBL@@3PEBDEB
createAIRequestInfo
?tts_word_limit@ConfigResponseIntKey@VBL@@3PEBDEB
createAIServiceObject
?downloadurl@AIDownloadFileKey@VBL@@3PEBDEB

bsencodemanager

createEncodeParam
createEncodeManager

datamodel

endTimeOfClip
beginTimeOfClip
queryToAudioClip
markInTimeOfClip
getDmFactoryInstance
markOutTimeOfClip

bswsid

getWsidInstance

adapter

?timelineBegin@clipKey@VBL@@3PEBDEB
?disable_video@encodeParamKey@VBL@@3PEBDEB
?timelineEnd@clipKey@VBL@@3PEBDEB
?audio_fourcc@encodeParamKey@VBL@@3PEBDEB
?audio_channels@encodeParamKey@VBL@@3PEBDEB
?audio_channel_layout@encodeParamKey@VBL@@3PEBDEB
?audio_bitrate@encodeParamKey@VBL@@3PEBDEB
?audio_samplerate@encodeParamKey@VBL@@3PEBDEB
?audio_bitspersample@encodeParamKey@VBL@@3PEBDEB
?audio_bitrate_mode@encodeParamKey@VBL@@3PEBDEB
?media_length@mediaInfoKey@VBL@@3PEBDEB
?balance@audioKey@VBL@@3PEBDEB
?mute@trackKey@VBL@@3PEBDEB
?disable_audio@encodeParamKey@VBL@@3PEBDEB

bscommonsetting

?envDefaultResConfigPath@commonSettingEnvKey@VBL@@3PEBDEB
?GetInstance@BsCommonSetting@VBL@@SAPEAV12@XZ
?envSysTempDataPath@commonSettingEnvKey@VBL@@3PEBDEB

bsnet

??1URL@VBL@@QEAA@XZ
?Decode@URL@VBL@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?FromString@URL@VBL@@SA?AU12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FileMD5@VBL@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV23@@Z
createInfoObject
?content_code@ResponseCharKey@VBL@@3PEBDEB
?content_msg@ResponseCharKey@VBL@@3PEBDEB
?content@ResponseCharKey@VBL@@3PEBDEB

vbllogger

loggerWrapper
?format@LogStream@VBL@@QEAAIPEBDZZ
?createLogStream@VblLoggerWrapper@VBL@@QEAA?AVLogStream@2@W4Severity@IBsLogger@2@PEBDH11@Z
??ILogStream@VBL@@QEAAI$$QEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
??1LogStream@VBL@@QEAA@XZ
?testSeverity@VblLoggerWrapper@VBL@@QEAA_NW4Severity@IBsLogger@2@@Z

vblutils

?remove@FileUtil@VBL@@SA_NAEBUPath@2@@Z
?create@DirUtil@VBL@@SA_NAEBUPath@2@@Z
?wide2Utf8@StringUtil@VBL@@SA_NPEB_W_KAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?vbl_strcpy@VBL@@YAPEADPEADPEBD@Z
??0TimeSpan@VBL@@QEAA@XZ
??1TimeSpan@VBL@@QEAA@XZ
?start@TimeSpan@VBL@@QEAAXXZ
?end@TimeSpan@VBL@@QEAAPEAU12@XZ
?timeSpan@TimeSpan@VBL@@QEAA_JXZ
??0Path@VBL@@QEAA@PEBD@Z
??1Path@VBL@@QEAA@XZ
?writeContent@FileUtil@VBL@@SA_NAEBUPath@2@PEBD_K1@Z
?vbl_strlen@VBL@@YA_KPEBD@Z
??0Path@VBL@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?string@Path@VBL@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?size@FileUtil@VBL@@SA_KAEBUPath@2@@Z
?exists@FileUtil@VBL@@SA_NAEBUPath@2@@Z
?fileName@FileUtil@VBL@@SA?AUPath@2@AEBU32@@Z
?base64_encode@VBL@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBE_K_N@Z
?utf8ToWide@StringUtil@VBL@@SA_NPEBD_KAEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?now@TimeUtil@VBL@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV34@@Z
?nowSinceEpoch@TimeUtil@VBL@@SA_KXZ
?isDirectory@DirUtil@VBL@@SA_NAEBUPath@2@@Z

bsdatastructure

createVblString

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?uncaught_exception@std@@YA_NXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
_Thrd_start
_Xtime_get_ticks
_Thrd_join
_Thrd_sleep
_Thrd_id
_Mtx_init
_Mtx_destroy
_Cnd_init
_Cnd_destroy
_Cnd_wait
_Cnd_signal
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
_Mtx_current_owns
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_timedwait
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
strchr
__std_terminate
__CxxFrameHandler3
memcmp
memcpy
memmove
memset
_purecall
_CxxThrowException
__std_exception_copy
__std_exception_destroy
__RTDynamicCast
memchr

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
terminate
_register_onexit_function
_initialize_onexit_table
_initterm
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_initterm_e

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-string-l1-1-0

strpbrk
tolower
strcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
free
realloc
calloc
malloc

api-ms-win-crt-stdio-l1-1-0

fsetpos
fputc
fgetpos
fgetc
fflush
_get_stream_buffer_pointers
fwrite
__stdio_common_vsprintf
rewind
fread
fclose
_wfopen
setvbuf
__stdio_common_vsprintf_s
_fseeki64
ungetc

api-ms-win-crt-math-l1-1-0

modf
ceil

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

kernel32

GetSystemTimeAsFileTime
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
InitializeSListHead
GetCurrentThreadId

Exports

Exports

?OssThresholdSize@SpeechToTextTaskParamKey@VBL@@3PEBDEB
?accessToken@AIManagerKey@VBL@@3PEBDEB
?end@AIManagerKey@VBL@@3PEBDEB
?end@SpeechToTextTaskParamKey@VBL@@3PEBDEB
?end@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?feature_code@AIManagerKey@VBL@@3PEBDEB
?lang_code@SpeechToTextTaskParamKey@VBL@@3PEBDEB
?lang_code@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?maxword_task@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?pitch_rate@QueryTimbreSampleFileParamKey@VBL@@3PEBDEB
?pitch_rate@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?sentenceWord@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?speech_rate@QueryTimbreSampleFileParamKey@VBL@@3PEBDEB
?speech_rate@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?totalRemainder@AIManagerKey@VBL@@3PEBDEB
?tpl_id@QueryTimbreSampleFileParamKey@VBL@@3PEBDEB
?useSentence@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?usedRemainder@AIManagerKey@VBL@@3PEBDEB
?voice_code@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?volume@TextToSpeechTaskParamKey@VBL@@3PEBDEB
?word_limit@SpeechToTextTaskParamKey@VBL@@3PEBDEB
createAISpeechToTextManager
createAITextToSpeechManager
createSentenceDataList
createVbAITaskParam

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set_up.exe
.exe windows:6 windows x64 arch:x64

c595f1660e1a3c84f4d9b0761d23cd7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
AddVectoredContinueHandler
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateIoCompletionPort
CreateMutexA
CreateSemaphoreA
CreateThread
CreateWaitableTimerExW
DeleteAtom
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
FormatMessageA
FreeEnvironmentStringsW
GetAtomNameA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetHandleInformation
GetLastError
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
RaiseFailFastException
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetLastError
SetProcessAffinityMask
SetProcessPriorityBoost
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthread
_beginthreadex
_cexit
_commode
_endthreadex
_errno
_fmode
_initterm
_lock
_memccpy
_onexit
_setjmp
_strdup
_ultoa
_unlock
abort
calloc
exit
fprintf
fputc
free
fwrite
localeconv
longjmp
malloc
memcpy
memmove
memset
printf
realloc
signal
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

_cgo_dummy_export

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 575KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x32.dll
.dll windows:6 windows x64 arch:x64

0f8ba489987e9caa288c632b4b5c3786

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:1c:77:48:63:e3:ba:8e:7b:8b:f7:55:97:87:47:ae
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

06/09/2022, 00:00

Not After

05/09/2025, 23:59

Subject

CN=BLACKBIRD SECURE BROWSING LTD,O=BLACKBIRD SECURE BROWSING LTD,ST=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:1e:9e:08:7b:1c:08:54:42:ba:2c:c9:13:fb:b5:a7:9e:f6:6a:91:a9:72:e6:e4:0a:e1:20:fb:ec:d5:4f:aa
Signer

Actual PE Digest

79:1e:9e:08:7b:1c:08:54:42:ba:2c:c9:13:fb:b5:a7:9e:f6:6a:91:a9:72:e6:e4:0a:e1:20:fb:ec:d5:4f:aa

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-3.10\Release\pythoncom.pdb

Imports

oleaut32

VariantCopyInd
SafeArrayGetElement
SafeArrayPutElement
SysStringLen
SafeArrayCreate
VariantChangeType
LHashValOfNameSys
UnRegisterTypeLi
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
QueryPathOfRegTypeLi
RegisterActiveObject
CreateTypeLi
CreateTypeLib2
GetActiveObject
RevokeActiveObject
SafeArrayGetDim
GetRecordInfoFromTypeInfo
SafeArrayGetUBound
SafeArrayGetLBound
GetRecordInfoFromGuids
SafeArrayGetRecordInfo
SafeArrayUnaccessData
SafeArrayAccessData
SysAllocString
VariantInit
VariantClear
SetErrorInfo
CreateErrorInfo
SysFreeString
GetErrorInfo
SafeArrayDestroy

ole32

CoInitialize
RevokeDragDrop
GetRunningObjectTable
CoGetObject
CoEnableCallCancellation
ProgIDFromCLSID
MkParseDisplayName
CoRevokeClassObject
OleFlushClipboard
CreateItemMoniker
CreateFileMoniker
CoFreeUnusedLibraries
CreatePointerMoniker
CoGetInterfaceAndReleaseStream
OleGetClipboard
OleLoadFromStream
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
RegisterDragDrop
CoResumeClassObjects
OleInitialize
CoDisableCallCancellation
CoReleaseMarshalData
CoUninitialize
OleIsCurrentClipboard
CoRegisterClassObject
OleSetClipboard
StringFromGUID2
DoDragDrop
CoMarshalInterface
CoTaskMemFree
OleLoad
CoTreatAsClass
CoCreateFreeThreadedMarshaler
CoCreateInstance
CreateBindCtx
CoCreateGuid
CoTaskMemAlloc
GetClassFile
OleSaveToStream
StgOpenStorageOnILockBytes
StgCreateDocfile
StgOpenStorage
ReadClassStg
CreateStreamOnHGlobal
WriteClassStm
CreateILockBytesOnHGlobal
WriteClassStg
CoGetCallContext
StgCreateDocfileOnILockBytes
PropVariantClear
StgIsStorageFile
ReadClassStm
ReleaseStgMedium

user32

PeekMessageW
DispatchMessageW
GetMessageW
PostThreadMessageW
TranslateMessage
wsprintfW

python310

PyMem_Malloc
PyObject_Repr
PyExc_NotImplementedError
PyErr_WarnEx
_Py_FalseStruct
PyExc_PendingDeprecationWarning
PyLong_AsUnsignedLongMask
PyModule_Create2
_Py_NoneStruct
PyErr_NewException
_Py_TrueStruct
Py_FrozenFlag
PyBytes_FromString
PyMapping_HasKey
PyDict_SetItem
PyLong_FromVoidPtr
PyRun_SimpleFileExFlags
PySys_SetObject
Py_Initialize
Py_IsInitialized
PyList_Append
PySys_SetArgv
PyEval_InitThreads
PyUnicode_FromFormat
PyObject_GenericSetAttr
PyExc_IndexError
_PyArg_Parse_SizeT
PySequence_Tuple
PyLong_FromUnsignedLong
_PyBytes_Resize
PyFloat_AsDouble
PyLong_AsUnsignedLongLong
PyFloat_FromDouble
PyFloat_Type
PyDict_GetItemString
PyObject_IsTrue
PyUnicode_AsUnicode
PyLong_AsUnsignedLong
PyLong_AsSsize_t
PyLong_FromSsize_t
PyObject_SetAttrString
PyLong_FromUnsignedLongLong
PyLong_FromLongLong
PyExc_OverflowError
PyMemoryView_Type
PyLong_AsDouble
_PyLong_Sign
PyObject_HasAttrString
PyObject_Str
PyByteArray_Type
PyNumber_Float
_PyLong_NumBits
PyEval_CallObjectWithKeywords
PyCapsule_IsValid
PyCapsule_GetPointer
PyCapsule_New
PyLong_Type
PyErr_NoMemory
PyMem_Free
PyObject_RichCompareBool
PyList_New
PyModule_GetDict
PyType_Ready
PyUnicode_Concat
PyUnicode_FromString
_Py_NotImplementedStruct
PyUnicode_AsUTF8
PyErr_ExceptionMatches
PyBool_FromLong
PyObject_Size
PyNumber_Check
PyTuple_SetItem
PySequence_Check
PyTuple_Size
PyTuple_GetItem
PyLong_FromDouble
_Py_VaBuildValue_SizeT
PyExc_AttributeError
PyLong_AsVoidPtr
PyDict_GetItem
PyObject_IsInstance
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyLong_AsLongLong
_PyObject_CallFunction_SizeT
PyType_Type
PySeqIter_New
PyObject_IsSubclass
_Py_NewReference
PyExc_StopIteration
PyTuple_New
PyErr_SetNone
PyObject_GenericGetAttr
PySequence_GetItem
PySequence_Size
PyEval_RestoreThread
PyObject_Call
PyErr_Print
PyExc_TypeError
PyNumber_Long
PyGILState_Ensure
PyFile_WriteObject
PyDict_New
PyErr_Clear
_PyObject_CallMethod_SizeT
PyObject_GetAttrString
PyLong_AsLong
PyErr_Fetch
_PyArg_ParseTuple_SizeT
_Py_Dealloc
PyErr_Restore
PyErr_Format
PyGILState_Release
PySys_GetObject
PyExc_MemoryError
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModule
_Py_BuildValue_SizeT
PyErr_GivenExceptionMatches
PyErr_SetObject
PyBytes_FromStringAndSize
PyErr_SetString
PyType_IsSubtype
PyDict_SetItemString

pywintypes310

?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
??0PyWinBufferView@@QEAA@XZ
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinExc_COMError@@3PEAU_object@@EA
??1PyWinBufferView@@QEAA@XZ
?ok@PyWinBufferView@@QEAA_NXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
?PyWinObject_FreeBstr@@YAXPEA_W@Z
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??1PyWin_AutoFreeBstr@@QEAA@XZ
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_WH@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z

kernel32

FormatMessageW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualAlloc
VirtualFree
VirtualProtect
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
DisableThreadLibraryCalls
GetCurrentThreadId
LoadLibraryW
GetModuleHandleW
GetProcAddress
OutputDebugStringW

vcruntime140

__std_terminate
_purecall
__C_specific_handler
memcpy
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list
__CxxFrameHandler3

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vswprintf
__acrt_iob_func
fopen
fclose
__stdio_common_vfprintf
__stdio_common_vfwprintf

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_seh_filter_dll
_register_onexit_function
__p___wargv
_initterm
terminate
_initialize_onexit_table
_configure_narrow_argv
_initterm_e
_crt_at_quick_exit
_cexit
_execute_onexit_table
_crt_atexit

Exports

Exports

??0CPyFactory@@QEAA@AEBU_GUID@@@Z
??0CPyFactory@@QEAA@AEBV0@@Z
??0PyComEnumProviderTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z0@Z
??0PyComEnumTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyComTypeObject@@QEAA@PEBDPEAV0@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyGOleWindow@@IEAA@PEAU_object@@@Z
??0PyGOleWindow@@QEAA@$$QEAV0@@Z
??0PyGOleWindow@@QEAA@AEBV0@@Z
??0PyGPersist@@IEAA@PEAU_object@@@Z
??0PyGPersist@@QEAA@$$QEAV0@@Z
??0PyGPersist@@QEAA@AEBV0@@Z
??0PyGatewayBase@@IEAA@PEAU_object@@@Z
??0PyGatewayBase@@QEAA@AEBV0@@Z
??0PyIBase@@IEAA@XZ
??0PyIBase@@QEAA@AEBV0@@Z
??0PyIBindCtx@@IEAA@PEAUIUnknown@@@Z
??0PyIBindCtx@@QEAA@AEBV0@@Z
??0PyIClassFactory@@IEAA@PEAUIUnknown@@@Z
??0PyIClassFactory@@QEAA@AEBV0@@Z
??0PyIConnectionPoint@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPoint@@QEAA@AEBV0@@Z
??0PyIConnectionPointContainer@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPointContainer@@QEAA@AEBV0@@Z
??0PyIDispatch@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatch@@QEAA@AEBV0@@Z
??0PyIDispatchEx@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatchEx@@QEAA@AEBV0@@Z
??0PyIEnumMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumMoniker@@QEAA@AEBV0@@Z
??0PyIEnumVARIANT@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumVARIANT@@QEAA@AEBV0@@Z
??0PyIMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIMoniker@@QEAA@AEBV0@@Z
??0PyIOleWindow@@IEAA@PEAUIUnknown@@@Z
??0PyIOleWindow@@QEAA@AEBV0@@Z
??0PyIPersist@@IEAA@PEAUIUnknown@@@Z
??0PyIPersist@@QEAA@AEBV0@@Z
??0PyIPersistStream@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStream@@QEAA@AEBV0@@Z
??0PyIPersistStreamInit@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStreamInit@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo2@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo2@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo@@QEAA@AEBV0@@Z
??0PyIServiceProvider@@IEAA@PEAUIUnknown@@@Z
??0PyIServiceProvider@@QEAA@AEBV0@@Z
??0PyIStream@@IEAA@PEAUIUnknown@@@Z
??0PyIStream@@QEAA@AEBV0@@Z
??0PyITypeComp@@IEAA@PEAUIUnknown@@@Z
??0PyITypeComp@@QEAA@AEBV0@@Z
??0PyITypeInfo@@IEAA@PEAUIUnknown@@@Z
??0PyITypeInfo@@QEAA@AEBV0@@Z
??0PyITypeLib@@IEAA@PEAUIUnknown@@@Z
??0PyITypeLib@@QEAA@AEBV0@@Z
??0PyIUnknown@@IEAA@PEAUIUnknown@@@Z
??0PyIUnknown@@QEAA@AEBV0@@Z
??0PyOleArgNotFound@@QEAA@XZ
??0PyOleEmpty@@QEAA@XZ
??0PyOleMissing@@QEAA@XZ
??0PyOleNothing@@QEAA@XZ
??0PySTGMEDIUM@@QEAA@PEAUtagSTGMEDIUM@@@Z
??0PythonOleArgHelper@@QEAA@XZ
??1CPyFactory@@QEAA@XZ
??1PyComEnumProviderTypeObject@@QEAA@XZ
??1PyComEnumTypeObject@@QEAA@XZ
??1PyComTypeObject@@QEAA@XZ
??1PyGOleWindow@@UEAA@XZ
??1PyGPersist@@UEAA@XZ
??1PyGatewayBase@@MEAA@XZ
??1PyIBase@@MEAA@XZ
??1PyIBindCtx@@MEAA@XZ
??1PyIClassFactory@@MEAA@XZ
??1PyIConnectionPoint@@MEAA@XZ
??1PyIConnectionPointContainer@@MEAA@XZ
??1PyIDispatch@@MEAA@XZ
??1PyIDispatchEx@@MEAA@XZ
??1PyIEnumMoniker@@MEAA@XZ
??1PyIEnumVARIANT@@MEAA@XZ
??1PyIMoniker@@MEAA@XZ
??1PyIOleWindow@@MEAA@XZ
??1PyIPersist@@MEAA@XZ
??1PyIPersistStream@@MEAA@XZ
??1PyIPersistStreamInit@@MEAA@XZ
??1PyIProvideClassInfo2@@MEAA@XZ
??1PyIProvideClassInfo@@MEAA@XZ
??1PyIServiceProvider@@MEAA@XZ
??1PyIStream@@MEAA@XZ
??1PyITypeComp@@MEAA@XZ
??1PyITypeInfo@@MEAA@XZ
??1PyITypeLib@@MEAA@XZ
??1PyIUnknown@@MEAA@XZ
??1PySTGMEDIUM@@QEAA@XZ
??1PythonOleArgHelper@@QEAA@XZ
??4CPyFactory@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyGOleWindow@@QEAAAEAV0@$$QEAV0@@Z
??4PyGOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyGPersist@@QEAAAEAV0@$$QEAV0@@Z
??4PyGPersist@@QEAAAEAV0@AEBV0@@Z
??4PyGatewayBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBindCtx@@QEAAAEAV0@AEBV0@@Z
??4PyIClassFactory@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPoint@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPointContainer@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatch@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatchEx@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumVARIANT@@QEAAAEAV0@AEBV0@@Z
??4PyIMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyIPersist@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStream@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStreamInit@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo2@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo@@QEAAAEAV0@AEBV0@@Z
??4PyIServiceProvider@@QEAAAEAV0@AEBV0@@Z
??4PyIStream@@QEAAAEAV0@AEBV0@@Z
??4PyITypeComp@@QEAAAEAV0@AEBV0@@Z
??4PyITypeInfo@@QEAAAEAV0@AEBV0@@Z
??4PyITypeLib@@QEAAAEAV0@AEBV0@@Z
??4PyIUnknown@@QEAAAEAV0@AEBV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@AEBV0@@Z
??4PyOleEmpty@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleEmpty@@QEAAAEAV0@AEBV0@@Z
??4PyOleMissing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleMissing@@QEAAAEAV0@AEBV0@@Z
??4PyOleNothing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleNothing@@QEAAAEAV0@AEBV0@@Z
??4PySTGMEDIUM@@QEAAAEAV0@AEBV0@@Z
??4PythonOleArgHelper@@QEAAAEAV0@AEBV0@@Z
??_7CPyFactory@@6B@
??_7PyGOleWindow@@6B@
??_7PyGOleWindow@@6BIDispatchEx@@@
??_7PyGOleWindow@@6BIInternalUnwrapPythonObject@@@
??_7PyGOleWindow@@6BISupportErrorInfo@@@
??_7PyGPersist@@6B@
??_7PyGPersist@@6BIDispatchEx@@@
??_7PyGPersist@@6BIInternalUnwrapPythonObject@@@
??_7PyGPersist@@6BISupportErrorInfo@@@
??_7PyGatewayBase@@6BIDispatchEx@@@
??_7PyGatewayBase@@6BIInternalUnwrapPythonObject@@@
??_7PyGatewayBase@@6BISupportErrorInfo@@@
??_7PyIBase@@6B@
??_7PyIBindCtx@@6B@
??_7PyIClassFactory@@6B@
??_7PyIConnectionPoint@@6B@
??_7PyIConnectionPointContainer@@6B@
??_7PyIDispatch@@6B@
??_7PyIDispatchEx@@6B@
??_7PyIEnumMoniker@@6B@
??_7PyIEnumVARIANT@@6B@
??_7PyIMoniker@@6B@
??_7PyIOleWindow@@6B@
??_7PyIPersist@@6B@
??_7PyIPersistStream@@6B@
??_7PyIPersistStreamInit@@6B@
??_7PyIProvideClassInfo2@@6B@
??_7PyIProvideClassInfo@@6B@
??_7PyIServiceProvider@@6B@
??_7PyIStream@@6B@
??_7PyITypeComp@@6B@
??_7PyITypeInfo@@6B@
??_7PyITypeLib@@6B@
??_7PyIUnknown@@6B@
??_FPySTGMEDIUM@@QEAAXXZ
?AddRef@CPyFactory@@UEAAKXZ
?AddRef@PyGOleWindow@@MEAAKXZ
?AddRef@PyGPersist@@MEAAKXZ
?AddRef@PyGatewayBase@@UEAAKXZ
?Advise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?Bind@PyITypeComp@@QEAAPEAU_object@@PEA_WG@Z
?BindToObject@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindToStorage@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindType@PyITypeComp@@QEAAPEAU_object@@PEA_W@Z
?Clone@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Close@PySTGMEDIUM@@QEAAXXZ
?Commit@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ComposeWith@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?ContextSensitiveHelp@PyGOleWindow@@MEAAJH@Z
?ContextSensitiveHelp@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PySTGMEDIUM@@QEAAHPEAUtagSTGMEDIUM@@@Z
?CreateInstance@CPyFactory@@UEAAJPEAUIUnknown@@AEBU_GUID@@PEAPEAX@Z
?CreateInstance@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?CreateNewPythonInstance@CPyFactory@@IEAAJAEBU_GUID@@0PEAPEAU_object@@@Z
?DeleteMemberByDispID@PyGatewayBase@@UEAAJJ@Z
?DeleteMemberByDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DeleteMemberByName@PyGatewayBase@@UEAAJPEA_WK@Z
?DeleteMemberByName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DropOwnership@PySTGMEDIUM@@QEAAXXZ
?Enum@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?EnumConnectionPoints@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?EnumConnections@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?EnumObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?FindConnectionPoint@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?GetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetClassID@PyGPersist@@MEAAJPEAU_GUID@@@Z
?GetClassID@PyIPersist@@SAPEAU_object@@PEAU2@0@Z
?GetClassInfoW@PyIProvideClassInfo@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionInterface@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionPointContainer@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetContainingTypeLib@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetDispID@PyGatewayBase@@UEAAJPEA_WKPEAJ@Z
?GetDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetDisplayName@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?GetDocumentation@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetDocumentation@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetFuncDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetGUID@PyIProvideClassInfo2@@SAPEAU_object@@PEAU2@0@Z
?GetI@PyIBindCtx@@SAPEAUIBindCtx@@PEAU_object@@@Z
?GetI@PyIClassFactory@@SAPEAUIClassFactory@@PEAU_object@@@Z
?GetI@PyIConnectionPoint@@SAPEAUIConnectionPoint@@PEAU_object@@@Z
?GetI@PyIConnectionPointContainer@@SAPEAUIConnectionPointContainer@@PEAU_object@@@Z
?GetI@PyIDispatch@@SAPEAUIDispatch@@PEAU_object@@@Z
?GetI@PyIDispatchEx@@SAPEAUIDispatchEx@@PEAU_object@@@Z
?GetI@PyIEnumMoniker@@SAPEAUIEnumMoniker@@PEAU_object@@@Z
?GetI@PyIEnumVARIANT@@SAPEAUIEnumVARIANT@@PEAU_object@@@Z
?GetI@PyIMoniker@@SAPEAUIMoniker@@PEAU_object@@@Z
?GetI@PyIOleWindow@@SAPEAUIOleWindow@@PEAU_object@@@Z
?GetI@PyIPersist@@SAPEAUIPersist@@PEAU_object@@@Z
?GetI@PyIPersistStream@@SAPEAUIPersistStream@@PEAU_object@@@Z
?GetI@PyIPersistStreamInit@@SAPEAUIPersistStreamInit@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo2@@SAPEAUIProvideClassInfo2@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo@@SAPEAUIProvideClassInfo@@PEAU_object@@@Z
?GetI@PyIServiceProvider@@SAPEAUIServiceProvider@@PEAU_object@@@Z
?GetI@PyIStream@@SAPEAUIStream@@PEAU_object@@@Z
?GetI@PyITypeComp@@SAPEAUITypeComp@@PEAU_object@@@Z
?GetI@PyITypeInfo@@SAPEAUITypeInfo@@PEAU_object@@@Z
?GetI@PyITypeLib@@SAPEAUITypeLib@@PEAU_object@@@Z
?GetI@PyIUnknown@@SAPEAUIUnknown@@PEAU_object@@@Z
?GetIDsOfNames@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEA_WIKPEAJ@Z
?GetIDsOfNames@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetIID@PyGOleWindow@@MEAA?AU_GUID@@XZ
?GetIID@PyGPersist@@MEAA?AU_GUID@@XZ
?GetIID@PyGatewayBase@@UEAA?AU_GUID@@XZ
?GetImplTypeFlags@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetLibAttr@PyITypeLib@@QEAAPEAU_object@@XZ
?GetMemberName@PyGatewayBase@@UEAAJJPEAPEA_W@Z
?GetMemberName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetMemberProperties@PyGatewayBase@@UEAAJJKPEAK@Z
?GetMemberProperties@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetNameSpaceParent@PyGatewayBase@@UEAAJPEAPEAUIUnknown@@@Z
?GetNames@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetNextDispID@PyGatewayBase@@UEAAJKJPEAJ@Z
?GetNextDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetRefTypeInfo@PyITypeInfo@@QEAAPEAU_object@@K@Z
?GetRefTypeOfImplType@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetRunningObjectTable@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetSizeMax@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?GetTypeAttr@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfo@PyGatewayBase@@UEAAJIKPEAPEAUITypeInfo@@@Z
?GetTypeInfo@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfo@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetTypeInfoCount@PyGatewayBase@@UEAAJPEAI@Z
?GetTypeInfoCount@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfoCount@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfoOfGuid@PyITypeLib@@QEAAPEAU_object@@AEBU_GUID@@@Z
?GetTypeInfoType@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetVarDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetWindow@PyGOleWindow@@MEAAJPEAPEAUHWND__@@@Z
?GetWindow@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?Hash@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?InitNew@PyIPersistStreamInit@@SAPEAU_object@@PEAU2@0@Z
?InterfaceSupportsErrorInfo@PyGatewayBase@@UEAAJAEBU_GUID@@@Z
?Invoke@PyGatewayBase@@UEAAJJAEBU_GUID@@KGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAI@Z
?Invoke@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeEx@PyGatewayBase@@UEAAJJKGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAUIServiceProvider@@@Z
?InvokeEx@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?InvokeTypes@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeViaPolicy@PyGatewayBase@@MEAAJPEBDPEAPEAU_object@@0ZZ
?IsDirty@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?IsSystemMoniker@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?Load@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?LockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?LockServer@CPyFactory@@UEAAJH@Z
?LockServer@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?MakeBstrToObj@@YAPEAU_object@@QEA_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_WH@Z
?MakeObjToVariant@PythonOleArgHelper@@QEAAHPEAU_object@@PEAUtagVARIANT@@0@Z
?MakePythonArgumentTuples@@YAHPEAPEAU_object@@PEAPEAVPythonOleArgHelper@@01PEAUtagDISPPARAMS@@@Z
?MakeVariantToObj@PythonOleArgHelper@@QEAAPEAU_object@@PEAUtagVARIANT@@@Z
?Next@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Next@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?ParseTypeInformation@PythonOleArgHelper@@QEAAHPEAU_object@@@Z
?PyCom_BstrFromPyObject@@YAHPEAU_object@@PEAPEA_WH@Z
?PyCom_BuildInternalPyException@@YAPEAU_object@@PEAD@Z
?PyCom_BuildPyException@@YAPEAU_object@@JPEAUIUnknown@@AEBU_GUID@@@Z
?PyCom_BuildPyExceptionFromEXCEPINFO@@YAPEAU_object@@JPEAUtagEXCEPINFO@@I@Z
?PyCom_CheckIEnumNextResult@@YAJJAEBU_GUID@@@Z
?PyCom_DLLAddRef@@YAXXZ
?PyCom_DLLReleaseRef@@YAXXZ
?PyCom_EnableQuitMessage@@YAXK@Z
?PyCom_ExcepInfoFromPyException@@YAXPEAUtagEXCEPINFO@@@Z
?PyCom_ExcepInfoFromPyObject@@YAHPEAU_object@@PEAUtagEXCEPINFO@@PEAJ@Z
?PyCom_HandleIEnumNoSequence@@YAJAEBU_GUID@@@Z
?PyCom_InterfaceFromPyInstanceOrObject@@YAHPEAU_object@@AEBU_GUID@@PEAPEAXH@Z
?PyCom_IsGatewayRegistered@@YAHAEBU_GUID@@@Z
?PyCom_LogF@@YAXPEB_WZZ
?PyCom_LoggerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerNonServerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerWarning@@YAXPEAU_object@@PEB_WZZ
?PyCom_PyObjectAsSTATPROPSETSTG@@YAHPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectAsSTATSTG@@YAHPEAU_object@@PEAUtagSTATSTG@@K@Z
?PyCom_PyObjectAsSTGOPTIONS@@YAHPEAU_object@@PEAPEAUtagSTGOPTIONS@@@Z
?PyCom_PyObjectFromExcepInfo@@YAPEAU_object@@PEBUtagEXCEPINFO@@@Z
?PyCom_PyObjectFromSAFEARRAY@@YAPEAU_object@@PEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_PyObjectFromSTATPROPSETSTG@@YAPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectFromSTATSTG@@YAPEAU_object@@PEAUtagSTATSTG@@@Z
?PyCom_RegisterClientType@@YAHPEAU_typeobject@@PEBU_GUID@@@Z
?PyCom_RegisterExtensionSupport@@YAHPEAU_object@@PEBUPyCom_InterfaceSupportInfo@@H@Z
?PyCom_RegisterGatewayObject@@YAJAEBU_GUID@@P6AJPEAU_object@@PEAVPyGatewayBase@@PEAPEAX0@ZPEBD@Z
?PyCom_SAFEARRAYFromPyObject@@YAHPEAU_object@@PEAPEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_SetAndLogCOMErrorFromPyException@@YAJPEBDAEBU_GUID@@@Z
?PyCom_SetAndLogCOMErrorFromPyExceptionEx@@YAJPEAU_object@@PEBDAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromPyException@@YAJAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromSimple@@YAJJAEBU_GUID@@PEB_W@Z
?PyGatewayConstruct@PyGOleWindow@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGPersist@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGatewayBase@@SAJPEAU_object@@PEAV1@PEAPEAXAEBU_GUID@@@Z
?PyObConstruct@PyIBindCtx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIClassFactory@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPoint@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPointContainer@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatch@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatchEx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumVARIANT@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIOleWindow@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersist@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStreamInit@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo2@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIServiceProvider@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeComp@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeLib@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIUnknown@@SAPEAV1@PEAUIUnknown@@@Z
?PyObject_AsCurrency@@YAHPEAU_object@@PEATtagCY@@@Z
?PyObject_AsOLEMENUGROUPWIDTHS@@YAHPEAU_object@@PEAUtagOleMenuGroupWidths@@@Z
?PyObject_AsPROPVARIANT@@YAHPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromCurrency@@YAPEAU_object@@AEATtagCY@@@Z
?PyObject_FromOLEMENUGROUPWIDTHS@@YAPEAU_object@@PEBUtagOleMenuGroupWidths@@@Z
?PyObject_FromPROPVARIANT@@YAPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromPROPVARIANTs@@YAPEAU_object@@PEAUtagPROPVARIANT@@K@Z
?PyObject_FromSTGMEDIUM@@YAPEAVPySTGMEDIUM@@PEAUtagSTGMEDIUM@@@Z
?PyOleArgNotFoundType@@3U_typeobject@@A
?PyOleEmptyType@@3U_typeobject@@A
?PyOleMissingType@@3U_typeobject@@A
?PyOleNothingType@@3U_typeobject@@A
?QueryInterface@CPyFactory@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGOleWindow@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGPersist@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyIUnknown@@SAPEAU_object@@PEAU2@0@Z
?QueryService@PyIServiceProvider@@SAPEAU_object@@PEAU2@0@Z
?Read@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RegisterObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?Release@CPyFactory@@UEAAKXZ
?Release@PyGOleWindow@@MEAAKXZ
?Release@PyGPersist@@MEAAKXZ
?Release@PyGatewayBase@@UEAAKXZ
?Reset@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Reset@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Revert@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RevokeObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SafeRelease@PyIUnknown@@SAXPEAV1@@Z
?Save@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?Seek@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?SetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SetPythonCOMError@PyIConnectionPoint@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIDispatchEx@@SAPEAU_object@@PEAU2@J@Z
?SetSize@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Stat@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ThisAsIID@PyGOleWindow@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGPersist@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGatewayBase@@UEAAPEAXU_GUID@@@Z
?Type@PySTGMEDIUM@@2U_typeobject@@A
?Unadvise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?UnlockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Unwrap@PyGatewayBase@@UEAAJPEAPEAU_object@@@Z
?Write@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?cmp@PyIBase@@SAHPEAU_object@@0@Z
?compare@PyIBase@@UEAAHPEAU_object@@@Z
?compare@PyIUnknown@@UEAAHPEAU_object@@@Z
?dealloc@PyIBase@@SAXPEAU_object@@@Z
?deallocFunc@PySTGMEDIUM@@SAXPEAU_object@@@Z
?getattr@PyIBase@@UEAAPEAU_object@@PEAD@Z
?getattro@PyIBase@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySTGMEDIUM@@SAPEAU_object@@PEAU2@0@Z
?is_interface_type@PyComTypeObject@@SAHPEAU_object@@@Z
?is_object@PyIBase@@QEAAHPEAVPyComTypeObject@@@Z
?is_object@PyIBase@@SAHPEAU_object@@PEAVPyComTypeObject@@@Z
?iter@PyComEnumProviderTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyIBase@@UEAAPEAU_object@@XZ
?iternext@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iternext@PyIBase@@UEAAPEAU_object@@XZ
?methods@PySTGMEDIUM@@2PAUPyMethodDef@@A
?repr@PyIBase@@SAPEAU_object@@PEAU2@@Z
?repr@PyIBase@@UEAAPEAU_object@@XZ
?repr@PyIUnknown@@UEAAPEAU_object@@XZ
?richcmp@PyIBase@@SAPEAU_object@@PEAU2@0H@Z
?setattr@PyIBase@@UEAAHPEADPEAU_object@@@Z
?setattro@PyIBase@@SAHPEAU_object@@00@Z
?szErrMsgObjectReleased@PyIUnknown@@2PEADEA
?type@PyIBindCtx@@2VPyComTypeObject@@A
?type@PyIClassFactory@@2VPyComTypeObject@@A
?type@PyIConnectionPoint@@2VPyComTypeObject@@A
?type@PyIConnectionPointContainer@@2VPyComTypeObject@@A
?type@PyIDispatch@@2VPyComTypeObject@@A
?type@PyIDispatchEx@@2VPyComTypeObject@@A
?type@PyIEnumMoniker@@2VPyComEnumTypeObject@@A
?type@PyIEnumVARIANT@@2VPyComEnumTypeObject@@A
?type@PyIMoniker@@2VPyComEnumProviderTypeObject@@A
?type@PyIOleWindow@@2VPyComTypeObject@@A
?type@PyIPersist@@2VPyComTypeObject@@A
?type@PyIPersistStream@@2VPyComTypeObject@@A
?type@PyIPersistStreamInit@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo2@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo@@2VPyComTypeObject@@A
?type@PyIServiceProvider@@2VPyComTypeObject@@A
?type@PyIStream@@2VPyComTypeObject@@A
?type@PyITypeComp@@2VPyComTypeObject@@A
?type@PyITypeInfo@@2VPyComTypeObject@@A
?type@PyITypeLib@@2VPyComTypeObject@@A
?type@PyIUnknown@@2VPyComTypeObject@@A
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServerEx
DllUnregisterServerEx
PyCom_CoInitialize
PyCom_CoInitializeEx
PyCom_CoUninitialize
PyCom_InterfaceFromPyObject
PyCom_MakeOlePythonCall
PyCom_PyObjectFromIUnknown
PyCom_PyObjectFromVariant
PyCom_VariantFromPyObject
PyInit_pythoncom

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64.dll
xNet.dll
.dll windows:6 windows x64 arch:x64

ef98e964cdf77bbe8cde3c189b89321e

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:1c:77:48:63:e3:ba:8e:7b:8b:f7:55:97:87:47:ae
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

06/09/2022, 00:00

Not After

05/09/2025, 23:59

Subject

CN=BLACKBIRD SECURE BROWSING LTD,O=BLACKBIRD SECURE BROWSING LTD,ST=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:45:70:f9:3e:6b:c9:14:02:67:a3:d8:09:f6:ee:8f:ca:c4:49:07:d6:06:3c:c2:9a:72:b2:3c:d1:2f:e0:cd
Signer

Actual PE Digest

4b:45:70:f9:3e:6b:c9:14:02:67:a3:d8:09:f6:ee:8f:ca:c4:49:07:d6:06:3c:c2:9a:72:b2:3c:d1:2f:e0:cd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-3.10\Release\pywintypes.pdb

Imports

advapi32

IsValidAcl
GetAuditedPermissionsFromAclW
GetLengthSid
InitializeAcl
AddAuditAccessAce
AddAce
DeleteAce
SetEntriesInAclW
GetAce
GetExplicitEntriesFromAclW
GetEffectiveRightsFromAclW
RegCloseKey
SetSecurityDescriptorGroup
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetAclInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSidIdentifierAuthority
InitializeSid
CopySid
GetSidSubAuthority
AllocateAndInitializeSid
GetSidSubAuthorityCount
EqualSid
IsTextUnicode

user32

wsprintfW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoCreateGuid
CLSIDFromProgID
StringFromGUID2

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SysFreeString

python310

PyMem_Malloc
PyEval_ReleaseThread
Py_MakePendingCalls
PyExc_Exception
PyErr_SetObject
PyModule_AddIntConstant
PyRun_StringFlags
PyMemoryView_FromObject
PyLong_FromUnsignedLong
PyThreadState_New
PyLong_AsUnsignedLongMask
PyModule_GetDict
PyObject_GetBuffer
PyModule_Create2
PyUnicode_Type
PyByteArray_FromStringAndSize
PyDict_GetItemString
PyObject_CallObject
PyEval_InitThreads
PyThreadState_Clear
PyCallable_Check
PyThreadState_Swap
_Py_FatalErrorFunc
PyEval_AcquireThread
PyMemoryView_FromBuffer
PyBuffer_Release
PyThreadState_Delete
PyUnicode_AsWideChar
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyLong_FromUnsignedLongLong
PyErr_Occurred
PyErr_WarnEx
PyBuffer_FillInfo
PyEval_RestoreThread
PyObject_Print
_Py_TrueStruct
PyMem_Free
_Py_HashPointer
PyObject_GenericSetAttr
PyErr_Fetch
PyErr_Restore
_Py_FalseStruct
PyEval_SaveThread
PyBytes_FromStringAndSize
PyExc_AttributeError
PyExc_WindowsError
PyBytes_AsStringAndSize
PyBytes_FromString
PyArg_ParseTuple
PyExc_TypeError
_Py_NewReference
PyArg_ParseTupleAndKeywords
PyExc_NotImplementedError
PyTuple_SetItem
PySequence_Check
PyDict_New
PyDict_SetItem
PyMapping_Check
PyErr_Clear
PyObject_GetAttrString
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyTuple_New
_Py_NoneStruct
PyExc_MemoryError
Py_BuildValue
PyLong_FromLong
PyObject_GenericGetAttr
PySequence_GetItem
PyMapping_Items
PySequence_Size
PyUnicode_EncodeCodePage
PyBytes_Size
PyList_Append
PyList_New
PyUnicode_FromWideChar
PyUnicode_DecodeMBCS
PyUnicode_AsUnicode
PyBytes_AsString
PyEval_CallObjectWithKeywords
PyLong_FromLongLong
PyNumber_Long
PyNumber_Check
PyObject_HasAttrString
PyCapsule_Import
PyObject_CallMethod
PyTuple_Size
PyType_Ready
PyErr_BadArgument
PyLong_AsLong
PyType_IsSubtype
PyDict_SetItemString
PyImport_ImportModule
PySequence_Tuple
PyErr_NoMemory
_PyArg_ParseTuple_SizeT
_Py_BuildValue_SizeT
PyBool_FromLong
PyUnicode_AsUTF8
_Py_NotImplementedStruct
PyExc_PendingDeprecationWarning
PyObject_Call

kernel32

LocalFree
CloseHandle
SetLastError
lstrlenW
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalAlloc
FormatMessageW
GetLastError
TlsAlloc
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsFree
DosDateTimeToFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

vcruntime140

memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_copy
__C_specific_handler
__std_terminate
__CxxFrameHandler3
memcpy
memcmp
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vfprintf

api-ms-win-crt-time-l1-1-0

_mktime64

api-ms-win-crt-string-l1-1-0

wcsncpy
strncpy
strcmp
_wcsdup

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

floor

Exports

Exports

??0PyACL@@QEAA@HH@Z
??0PyACL@@QEAA@PEAU_ACL@@@Z
??0PyDEVMODEA@@QEAA@G@Z
??0PyDEVMODEA@@QEAA@PEAU_devicemodeA@@@Z
??0PyDEVMODEA@@QEAA@XZ
??0PyDEVMODEW@@QEAA@G@Z
??0PyDEVMODEW@@QEAA@PEAU_devicemodeW@@@Z
??0PyDEVMODEW@@QEAA@XZ
??0PyHANDLE@@QEAA@AEBV0@@Z
??0PyHANDLE@@QEAA@PEAX@Z
??0PyHKEY@@QEAA@$$QEAV0@@Z
??0PyHKEY@@QEAA@AEBV0@@Z
??0PyHKEY@@QEAA@PEAX@Z
??0PyIID@@QEAA@AEBU_GUID@@@Z
??0PyOVERLAPPED@@QEAA@PEBVsMyOverlapped@0@@Z
??0PyOVERLAPPED@@QEAA@XZ
??0PySECURITY_ATTRIBUTES@@QEAA@AEBU_SECURITY_ATTRIBUTES@@@Z
??0PySECURITY_ATTRIBUTES@@QEAA@XZ
??0PySECURITY_DESCRIPTOR@@QEAA@PEAX@Z
??0PySECURITY_DESCRIPTOR@@QEAA@_J@Z
??0PySID@@QEAA@HPEAX@Z
??0PySID@@QEAA@PEAX@Z
??0PyWAVEFORMATEX@@QEAA@AEBUtWAVEFORMATEX@@@Z
??0PyWAVEFORMATEX@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@AEBU_OVERLAPPED@@@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@XZ
??1PyACL@@QEAA@XZ
??1PyDEVMODEA@@IEAA@XZ
??1PyDEVMODEW@@IEAA@XZ
??1PyHANDLE@@UEAA@XZ
??1PyHKEY@@UEAA@XZ
??1PyOVERLAPPED@@QEAA@XZ
??1PySECURITY_ATTRIBUTES@@QEAA@XZ
??1PySECURITY_DESCRIPTOR@@QEAA@XZ
??1PySID@@QEAA@XZ
??1PyWAVEFORMATEX@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
??1PyWin_AutoFreeBstr@@QEAA@XZ
??4PyACL@@QEAAAEAV0@AEBV0@@Z
??4PyDEVMODEA@@QEAAAEAV0@AEBV0@@Z
??4PyDEVMODEW@@QEAAAEAV0@AEBV0@@Z
??4PyHANDLE@@QEAAAEAV0@AEBV0@@Z
??4PyHKEY@@QEAAAEAV0@$$QEAV0@@Z
??4PyHKEY@@QEAAAEAV0@AEBV0@@Z
??4PyIID@@QEAAAEAV0@$$QEAV0@@Z
??4PyIID@@QEAAAEAV0@AEBV0@@Z
??4PyOVERLAPPED@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_ATTRIBUTES@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_DESCRIPTOR@@QEAAAEAV0@AEBV0@@Z
??4PySID@@QEAAAEAV0@AEBV0@@Z
??4PyWAVEFORMATEX@@QEAAAEAV0@AEBV0@@Z
??4PyWin_AutoFreeBstr@@QEAAAEAV0@AEBV0@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@$$QEAV01@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@AEBV01@@Z
??BPyHANDLE@@QEAAPEAXXZ
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
??_7PyHANDLE@@6B@
??_7PyHKEY@@6B@
??_FPyIID@@QEAAXXZ
??_FPySECURITY_DESCRIPTOR@@QEAAXXZ
??_FPyWin_AutoFreeBstr@@QEAAXXZ
?AddAccessAllowedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddMandatoryAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Clear@PyDEVMODEA@@SAPEAU_object@@PEAU2@0@Z
?Clear@PyDEVMODEW@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@UEAAHXZ
?Close@PyHKEY@@UEAAHXZ
?DeleteAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Detach@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?GetACL@PyACL@@QEAAPEAU_ACL@@XZ
?GetAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAceCount@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclRevision@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclSize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetDEVMODE@PyDEVMODEA@@QEAAPEAU_devicemodeA@@XZ
?GetDEVMODE@PyDEVMODEW@@QEAAPEAU_devicemodeW@@XZ
?GetLength@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetLength@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetOverlapped@PyOVERLAPPED@@QEAAPEAU_OVERLAPPED@@XZ
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?GetSA@PySECURITY_ATTRIBUTES@@QEAAPEAU_SECURITY_ATTRIBUTES@@XZ
?GetSD@PySECURITY_DESCRIPTOR@@QEAAPEAXXZ
?GetSID@PySID@@QEAAPEAXXZ
?GetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSidIdentifierAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthorityCount@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetTypeName@PyHANDLE@@UEAAPEBDXZ
?GetTypeName@PyHKEY@@UEAAPEBDXZ
?Initialize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySID@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIID@@QEAAHAEAV1@@Z
?IsEqual@PyIID@@QEAAHAEBU_GUID@@@Z
?IsEqual@PyIID@@QEAAHPEAU_object@@@Z
?IsSelfRelative@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PyACL@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySID@@SAPEAU_object@@PEAU2@0@Z
?PyACLType@@3U_typeobject@@A
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
?PyDEVMODEAType@@3U_typeobject@@A
?PyDEVMODEWType@@3U_typeobject@@A
?PyGetAuditedPermissionsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetEffectiveRightsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetExplicitEntriesFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyHANDLEType@@3U_typeobject@@A
?PyIIDType@@3U_typeobject@@A
?PyOVERLAPPEDType@@3U_typeobject@@A
?PyObject_FromWIN32_FIND_DATAA@@YAPEAU_object@@PEAU_WIN32_FIND_DATAA@@@Z
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PySECURITY_ATTRIBUTESType@@3U_typeobject@@A
?PySECURITY_DESCRIPTORType@@3U_typeobject@@A
?PySIDType@@3U_typeobject@@A
?PySetEntriesInAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PySocket_AsSOCKET@@YAHPEAU_object@@PEA_K@Z
?PyWAVEFORMATEXType@@3U_typeobject@@A
?PyWinCoreString_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinExc_COMError@@3PEAU_object@@EA
?PyWinGlobals_Ensure@@YAHXZ
?PyWinGlobals_Free@@YAXXZ
?PyWinInterpreterLock_Acquire@@YAXXZ
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinMethod_NewACL@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewHANDLE@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewOVERLAPPED@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_ATTRIBUTES@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTimeStamp@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewWAVEFORMATEX@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsACL@@YAHPEAU_object@@PEAPEAU_ACL@@H@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsCharArray@@YAHPEAU_object@@PEAPEAPEADPEAKH@Z
?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsOVERLAPPED@@YAHPEAU_object@@PEAPEAU_OVERLAPPED@@H@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEA_K@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinObject_AsPfnAllocatedWCHAR@@YAHPEAU_object@@P6APEAXK@ZPEAPEA_WHPEAK@Z
?PyWinObject_AsPyOVERLAPPED@@YAHPEAU_object@@PEAPEAVPyOVERLAPPED@@H@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?PyWinObject_AsResourceIdW@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSID@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_AsString@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsWAVEFORMATEX@@YAHPEAU_object@@PEAPEAUtWAVEFORMATEX@@H@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_FreeBstr@@YAXPEA_W@Z
?PyWinObject_FreeCharArray@@YAXPEAPEADK@Z
?PyWinObject_FreeMultipleString@@YAXPEAD@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_FreeResourceId@@YAXPEAD@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinObject_FreeString@@YAXPEAD@Z
?PyWinObject_FreeString@@YAXPEA_W@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEAD@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_WH@Z
?PyWinObject_FromOVERLAPPED@@YAPEAU_object@@PEBU_OVERLAPPED@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_FromSECURITY_ATTRIBUTES@@YAPEAU_object@@AEBU_SECURITY_ATTRIBUTES@@@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSID@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinObject_FromTimeStamp@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinThreadState_Clear@@YAXXZ
?PyWinThreadState_Ensure@@YAHXZ
?PyWinThreadState_Free@@YAXXZ
?PyWinTimeObject_Fromtime_t@@YAPEAU_object@@_J@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWin_CopyString@@YAPEADPEBD@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWin_InterpreterState@@3PEAU_is@@EA
?PyWin_MakePendingCalls@@YAXXZ
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWin_RegisterErrorMessageModule@@YAHKKPEAUHINSTANCE__@@@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_SetBasicCOMError@@YAPEAU_object@@J@Z
?SetACL@PyACL@@QEAAHPEAU_ACL@@@Z
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?SetSD@PySECURITY_DESCRIPTOR@@QEAAHPEAX@Z
?SetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?asStr@PyHANDLE@@QEAAPEAU_object@@XZ
?binaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?deallocFunc@PyACL@@SAXPEAU_object@@@Z
?deallocFunc@PyDEVMODEA@@SAXPEAU_object@@@Z
?deallocFunc@PyDEVMODEW@@SAXPEAU_object@@@Z
?deallocFunc@PyHANDLE@@SAXPEAU_object@@@Z
?deallocFunc@PyIID@@SAXPEAU_object@@@Z
?deallocFunc@PyOVERLAPPED@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_ATTRIBUTES@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_DESCRIPTOR@@SAXPEAU_object@@@Z
?deallocFunc@PySID@@SAXPEAU_object@@@Z
?deallocFunc@PyWAVEFORMATEX@@SAXPEAU_object@@@Z
?get_DeviceName@PyDEVMODEA@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DeviceName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DriverData@PyDEVMODEA@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DriverData@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_FormName@PyDEVMODEA@@SAPEAU_object@@PEAU2@PEAX@Z
?get_FormName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_handle@PyHANDLE@@SAPEAU_object@@PEAU2@PEAX@Z
?getattro@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySECURITY_ATTRIBUTES@@SAPEAU_object@@PEAU2@0@Z
?getbufferinfo@PySECURITY_DESCRIPTOR@@SAHPEAU_object@@PEAUbufferinfo@@H@Z
?getbufferinfo@PySID@@SAHPEAU_object@@PEAUbufferinfo@@H@Z
?getset@PyDEVMODEA@@2PAUPyGetSetDef@@A
?getset@PyDEVMODEW@@2PAUPyGetSetDef@@A
?getset@PyHANDLE@@2PAUPyGetSetDef@@A
?hash@PyHANDLE@@QEAA_JXZ
?hash@PyIID@@QEAA_JXZ
?hashFunc@PyHANDLE@@SA_JPEAU_object@@@Z
?hashFunc@PyIID@@SA_JPEAU_object@@@Z
?hashFunc@PyOVERLAPPED@@SA_JPEAU_object@@@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?intFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?len@PyWinBufferView@@QEAAKXZ
?longFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?members@PyDEVMODEA@@2PAUPyMemberDef@@A
?members@PyDEVMODEW@@2PAUPyMemberDef@@A
?members@PyOVERLAPPED@@2PAUPyMemberDef@@A
?members@PySECURITY_ATTRIBUTES@@2PAUPyMemberDef@@A
?members@PyWAVEFORMATEX@@2PAUPyMemberDef@@A
?methods@PyACL@@2PAUPyMethodDef@@A
?methods@PyDEVMODEA@@2PAUPyMethodDef@@A
?methods@PyDEVMODEW@@2PAUPyMethodDef@@A
?methods@PyHANDLE@@2PAUPyMethodDef@@A
?methods@PySECURITY_ATTRIBUTES@@2PAUPyMethodDef@@A
?methods@PySECURITY_DESCRIPTOR@@2PAUPyMethodDef@@A
?methods@PySID@@2PAUPyMethodDef@@A
?modify_in_place@PyDEVMODEA@@QEAAXXZ
?modify_in_place@PyDEVMODEW@@QEAAXXZ
?nonzeroFunc@PyHANDLE@@SAHPEAU_object@@@Z
?ok@PyWinBufferView@@QEAA_NXZ
?print@PyHANDLE@@QEAAHPEAU_iobuf@@H@Z
?printFunc@PyHANDLE@@SAHPEAU_object@@PEAU_iobuf@@H@Z
?ptr@PyWinBufferView@@QEAAPEAXXZ
?release@PyWinBufferView@@QEAAXXZ
?repr@PyIID@@QEAAPEAU_object@@XZ
?reprFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?richcompare@PyHANDLE@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PyIID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PySID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompareFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyIID@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PySID@@SAPEAU_object@@PEAU2@0H@Z
?set_DeviceName@PyDEVMODEA@@SAHPEAU_object@@0PEAX@Z
?set_DeviceName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_DriverData@PyDEVMODEA@@SAHPEAU_object@@0PEAX@Z
?set_DriverData@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_FormName@PyDEVMODEA@@SAHPEAU_object@@0PEAX@Z
?set_FormName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?setattro@PyOVERLAPPED@@SAHPEAU_object@@00@Z
?setattro@PySECURITY_ATTRIBUTES@@SAHPEAU_object@@00@Z
?str@PyIID@@QEAAPEAU_object@@XZ
?strFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?strFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?strFunc@PySID@@SAPEAU_object@@PEAU2@@Z
?ternaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@00@Z
?tp_new@PyDEVMODEA@@SAPEAU_object@@PEAU_typeobject@@PEAU2@1@Z
?tp_new@PyDEVMODEW@@SAPEAU_object@@PEAU_typeobject@@PEAU2@1@Z
?unaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
DllMain
PyInit_pywintypes

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5e684c2960f27fa0d1818bb9f6d8d03

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

29:46:01:9d:d7:15:a5:7e:44:29:02:eb:1f:eb:33:37:da:9d:cf:6f:36:bf:ab:30:74:5f:7d:48:c5:91:48:97Signer

8e:d8:02:80:73:dd:f5:3d:38:a4:a2:46:dc:09:87:5f:ca:e2:42:07Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bsai

bsencodemanager

datamodel

bswsid

adapter

bscommonsetting

bsnet

vbllogger

vblutils

bsdatastructure

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 43KB - Virtual size: 44KB

.pdata Size: 19KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 720B

.reloc Size: 6KB - Virtual size: 6KB

c595f1660e1a3c84f4d9b0761d23cd7a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

02:f9:35:06:df:d7:1c:8a:5a:61:52:70:29:1c:75:25
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

29:46:01:9d:d7:15:a5:7e:44:29:02:eb:1f:eb:33:37:da:9d:cf:6f:36:bf:ab:30:74:5f:7d:48:c5:91:48:97
Signer

8e:d8:02:80:73:dd:f5:3d:38:a4:a2:46:dc:09:87:5f:ca:e2:42:07
Signer

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 43KB - Virtual size: 44KB

.pdata
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 720B

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 327KB - Virtual size: 327KB

.rdata
Size: 4.8MB - Virtual size: 4.8MB

.pdata
Size: 115KB - Virtual size: 114KB

.xdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 575KB

.edata
Size: 512B - Virtual size: 78B

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 85KB - Virtual size: 85KB

.reloc
Size: 84KB - Virtual size: 83KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

12:1c:77:48:63:e3:ba:8e:7b:8b:f7:55:97:87:47:ae
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

79:1e:9e:08:7b:1c:08:54:42:ba:2c:c9:13:fb:b5:a7:9e:f6:6a:91:a9:72:e6:e4:0a:e1:20:fb:ec:d5:4f:aa
Signer

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 214KB - Virtual size: 214KB

.data
Size: 49KB - Virtual size: 82KB

.pdata
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 1024B - Virtual size: 876B

.reloc
Size: 8KB - Virtual size: 8KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

12:1c:77:48:63:e3:ba:8e:7b:8b:f7:55:97:87:47:ae
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate