!_!nstaller_!_8485!_!PassC@de_!_![.]zip

Resubmissions

20/08/2024, 06:49

240820-hlvpcssckq 10

Sharing

Copy URL Twitter E-mail

General

Target

!_!nstaller_!_8485!_!PassC@de_!_!.zip
Size

12.7MB
MD5

337c0af1b6e47c220da1a7f09eb3dd3d
SHA1

6342f038e70a47b3afbf4bf9def965751fa320ce
SHA256

b7bfeb26e6faf49f6a9c7caeeb52fe8e5bdf86613b683f364c49731628bae52b
SHA512

5f933951768e2f495d328f9c33c2ad76c20e4edecb1433b53b66ad7d89d6d52e9733034bbc9bd65c6493d56f08ef1db2fab92ab1d66e44b8639d5ba653997353
SSDEEP

393216:LD5a8DBVfrI2JwBtobC2ltP7n3z4zXjgjvLyyMN:LUWBBrfuqbJltPn4zXjeLynN

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack002/SdAppServices_x64.dll
unpack002/Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.ClassicTheme.dll
unpack002/Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.dll
unpack002/Settings/Resource/Locals/x64/AdonisUI.ClassicTheme.dll
unpack002/Settings/Resource/Locals/x64/AdonisUI.dll

Files

!_!nstaller_!_8485!_!PassC@de_!_!.zip
.zip

Password: 8485
#!Set-Up_8485--!ṖaꞨsW0rd!_$$/#!Set-Uṕ_8485--!@ṖaSSW0rd##$$.rar
.rar

Password: 8485
Data
Lang/en-US/ActiveXInstallService.adml
.xml
Lang/en-US/AddRemovePrograms.adml
.xml
Lang/en-US/AppCompat.adml
.xml
Lang/en-US/AppXRuntime.adml
.xml
Lang/en-US/AppxPackageManager.adml
.xml
Lang/en-US/AttachmentManager.adml
.xml
Lang/en-US/AuditSettings.adml
.xml
Lang/en-US/AutoPlay.adml
.xml
Lang/en-US/Biometrics.adml
.xml
Lang/en-US/Bits.adml
.xml
Lang/en-US/CEIPEnable.adml
.xml
Lang/en-US/COM.adml
.xml
Lang/en-US/CipherSuiteOrder.adml
.xml
Lang/en-US/Conf.adml
.xml
Lang/en-US/ControlPanel.adml
.xml
Lang/en-US/ControlPanelDisplay.adml
.xml
Lang/en-US/Cpls.adml
.xml
Lang/en-US/CredSsp.adml
.xml
Lang/en-US/CredUI.adml
.xml
Lang/en-US/CredentialProviders.adml
.xml
Lang/en-US/CtrlAltDel.adml
.xml
Lang/en-US/DCOM.adml
.xml
Lang/en-US/DFS.adml
.xml
Lang/en-US/DWM.adml
.xml
Lang/en-US/Desktop.adml
.xml
Lang/en-US/DeviceCompat.adml
.xml
Lang/en-US/DeviceInstallation.adml
.xml
Lang/en-US/DeviceSetup.adml
.xml
Lang/en-US/DigitalLocker.adml
.xml
Lang/en-US/DiskDiagnostic.adml
.xml
Lang/en-US/DiskNVCache.adml
.xml
Lang/en-US/DiskQuota.adml
.xml
Lang/en-US/DistributedLinkTracking.adml
.xml
Lang/en-US/DnsClient.adml
.xml
Lang/en-US/EAIME.adml
.xml
Lang/en-US/EarlyLaunchAM.adml
Lang/en-US/EdgeUI.adml
.xml
Lang/en-US/EncryptFilesonMove.adml
.xml
Lang/en-US/ErrorReporting.adml
.xml
Lang/en-US/EventForwarding.adml
.xml
Lang/en-US/EventLog.adml
.xml
Lang/en-US/EventViewer.adml
.xml
Lang/en-US/Explorer.adml
.xml
Lang/en-US/ExternalBoot.adml
.xml
Lang/en-US/FileHistory.adml
.xml
Lang/en-US/FileRecovery.adml
.xml
Lang/en-US/FileRevocation.adml
.xml
Lang/en-US/FileServerVSSProvider.adml
.xml
Lang/en-US/FileSys.adml
.xml
Lang/en-US/FolderRedirection.adml
.xml
Lang/en-US/FramePanes.adml
.xml
Lang/en-US/GameExplorer.adml
.xml
Lang/en-US/Globalization.adml
.xml
Lang/en-US/GroupPolicy-Server.adml
.xml
Lang/en-US/GroupPolicy.adml
.xml
Lang/en-US/GroupPolicyPreferences.adml
.xml
Lang/en-US/Help.adml
.xml
Lang/en-US/HelpAndSupport.adml
.xml
Lang/en-US/ICM.adml
.xml
Lang/en-US/IIS.adml
.xml
Lang/en-US/InetRes.adml
.xml
Lang/en-US/InkWatson.adml
.xml
Lang/en-US/KDC.adml
.xml
Lang/en-US/Kerberos.adml
.xml
Lang/en-US/LanmanServer.adml
.xml
Lang/en-US/LeakDiagnostic.adml
.xml
Lang/en-US/LinkLayerTopologyDiscovery.adml
.xml
Lang/en-US/LocationProviderAdm.adml
.xml
Lang/en-US/Logon.adml
.xml
Lang/en-US/MMC.adml
.xml
Lang/en-US/MMCSnapIns2.adml
.xml
Lang/en-US/MMCSnapins.adml
.xml
Lang/en-US/MSDT.adml
.xml
Lang/en-US/MSI.adml
.xml
Lang/en-US/MediaCenter.adml
.xml
Lang/en-US/MobilePCMobilityCenter.adml
.xml
Lang/en-US/MobilePCPresentationSettings.adml
.xml
Lang/en-US/Msi-FileRecovery.adml
.xml
Lang/en-US/NAPXPQec.adml
.xml
Lang/en-US/NCSI.adml
.xml
Lang/en-US/Netlogon.adml
.xml
Lang/en-US/NetworkConnections.adml
.xml
Lang/en-US/NetworkIsolation.adml
Lang/en-US/NetworkProjection.adml
.xml
Lang/en-US/OfflineFiles.adml
.xml
Lang/en-US/P2P-pnrp.adml
.xml
Lang/en-US/ParentalControls.adml
.xml
Lang/en-US/PeerToPeerCaching.adml
.xml
Lang/en-US/PenTraining.adml
.xml
Lang/en-US/PerformanceDiagnostics.adml
.xml
Lang/en-US/PerformancePerftrack.adml
.xml
Lang/en-US/Power.adml
.xml
Lang/en-US/PowerShellExecutionPolicy.adml
.xml
Lang/en-US/PreviousVersions.adml
.xml
Lang/en-US/Printing.adml
.xml
Lang/en-US/Printing2.adml
.xml
Lang/en-US/Programs.adml
.xml
Lang/en-US/PswdSync.adml
.xml
Lang/en-US/QOS.adml
.xml
Lang/en-US/RPC.adml
.xml
Lang/en-US/RacWmiProv.adml
.xml
Lang/en-US/Radar.adml
.xml
Lang/en-US/ReAgent.adml
.xml
Lang/en-US/Reliability.adml
.xml
Lang/en-US/RemoteAssistance.adml
.xml
Lang/en-US/RemovableStorage.adml
.xml
Lang/en-US/Scripts.adml
.xml
Lang/en-US/Securitycenter.adml
.xml
Lang/en-US/Sensors.adml
.xml
Lang/en-US/ServerManager.adml
.xml
Lang/en-US/Servicing.adml
.xml
Lang/en-US/SettingSync.adml
.xml
Lang/en-US/Setup.adml
.xml
Lang/en-US/SharedFolders.adml
.xml
Lang/en-US/Sharing.adml
.xml
Lang/en-US/Shell-CommandPrompt-RegEditTools.adml
.xml
Lang/en-US/ShellWelcomeCenter.adml
.xml
Lang/en-US/Sidebar.adml
.xml
Lang/en-US/SkyDrive.adml
.xml
Lang/en-US/Smartcard.adml
.xml
Lang/en-US/Snis.adml
.xml
Lang/en-US/Snmp.adml
.xml
Lang/en-US/SoundRec.adml
.xml
Lang/en-US/StartMenu.adml
.xml
Lang/en-US/SystemRestore.adml
.xml
Lang/en-US/TPM.adml
.xml
Lang/en-US/TabletPCInputPanel.adml
.xml
Lang/en-US/TabletShell.adml
.xml
Lang/en-US/TaskScheduler.adml
.xml
Lang/en-US/Taskbar.adml
.xml
Lang/en-US/TerminalServer-Server.adml
.xml
Lang/en-US/TerminalServer.adml
.xml
Lang/en-US/Thumbnails.adml
.xml
Lang/en-US/TouchInput.adml
.xml
Lang/en-US/UserProfiles.adml
.xml
Lang/en-US/VolumeEncryption.adml
.xml
Lang/en-US/W32Time.adml
.xml
Lang/en-US/WCM.adml
.xml
Lang/en-US/WDI.adml
.xml
Lang/en-US/WPN.adml
.xml
Lang/en-US/WinCal.adml
.xml
Lang/en-US/WinInit.adml
.xml
Lang/en-US/WinLogon.adml
.xml
Lang/en-US/Windows.adml
.xml
Lang/en-US/WindowsAnytimeUpgrade.adml
.xml
Lang/en-US/WindowsBackup.adml
.xml
Lang/en-US/WindowsColorSystem.adml
.xml
Lang/en-US/WindowsConnectNow.adml
.xml
Lang/en-US/WindowsDefender.adml
Lang/en-US/WindowsExplorer.adml
.xml
Lang/en-US/WindowsFileProtection.adml
.xml
Lang/en-US/WindowsFirewall.adml
.xml
Lang/en-US/WindowsMail.adml
.xml
Lang/en-US/WindowsMediaDRM.adml
.xml
Lang/en-US/WindowsMediaPlayer.adml
.xml
Lang/en-US/WindowsMessenger.adml
.xml
Lang/en-US/WindowsProducts.adml
.xml
Lang/en-US/WindowsRemoteManagement.adml
.xml
Lang/en-US/WindowsRemoteShell.adml
.xml
Lang/en-US/WindowsServer.adml
.xml
Lang/en-US/WindowsUpdate.adml
.xml
Lang/en-US/Winsrv.adml
.xml
Lang/en-US/WordWheel.adml
.xml
Lang/en-US/WorkFolders-Client.adml
.xml
Lang/en-US/WorkplaceJoin.adml
.xml
Lang/en-US/fthsvc.adml
.xml
Lang/en-US/hotspotauth.adml
.xml
Lang/en-US/iSCSI.adml
.xml
Lang/en-US/msched.adml
.xml
Lang/en-US/nca.adml
Lang/en-US/pca.adml
.xml
Lang/en-US/sdiageng.adml
.xml
Lang/en-US/srm-fci.adml
.xml
Lang/en-US/tcpip.adml
.xml
Lang/en-US/wlansvc.adml
.xml
Lang/en-US/wwansvc.adml
.xml
Lang/lang-1049.dll
.dll windows:6 windows x86 arch:x86

Password: 8485

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/09/2022, 00:00

Not After

17/09/2025, 23:59

Subject

CN=PIRIFORM SOFTWARE LIMITED,O=PIRIFORM SOFTWARE LIMITED,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5
Signer

Actual PE Digest

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/lang-1058.dll
.dll windows:6 windows x86 arch:x86

Password: 8485

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/09/2022, 00:00

Not After

17/09/2025, 23:59

Subject

CN=PIRIFORM SOFTWARE LIMITED,O=PIRIFORM SOFTWARE LIMITED,L=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4
Signer

Actual PE Digest

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ObjectDock.exe.config
.xml
SdAppServices_x64.dll
.dll windows:6 windows x64 arch:x64

Password: 8485

15027fcca928a02026d128c2183b3129

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\Jenkins\SAS Redistributable\workspace\src\Binary\Release\SdAppServices_x64.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetLastError
GetTickCount
GlobalFree
AddAtomA
Sleep
WaitForMultipleObjects
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadFile
GetCurrentDirectoryW
CreateProcessA
SetHandleInformation
CreatePipe
GetCurrentProcessId
ResetEvent
SetEvent
CreateEventW
FreeLibraryAndExitThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
ReleaseMutex
WaitForSingleObject
GetComputerNameW
CreateMutexW
lstrlenA
lstrcmpA
GetComputerNameA
FileTimeToSystemTime
FindClose
FindFirstFileW
LocalFree
LocalAlloc
GetModuleFileNameW
GetModuleHandleExA
CreateDirectoryW
SetFilePointerEx
ReadConsoleW
DeleteFileW
GetConsoleMode
GetConsoleCP
WriteFile
HeapFree
ExitProcess
SetEndOfFile
HeapReAlloc
HeapAlloc
GetModuleHandleExW
ExitThread
CreateThread
FlushFileBuffers
GetTimeZoneInformation
GetStdHandle
GetACP
CloseHandle
GetFileAttributesA
MoveFileExW
GetFullPathNameW
HeapSize
WriteConsoleW
GetModuleFileNameA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCurrentThreadId
RtlPcToFileHeader
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwindEx
FreeLibrary
LoadLibraryExW
CreateFileW
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime

user32

GetLastInputInfo
DispatchMessageW
TranslateMessage
CallMsgFilterW
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
EnableWindow

advapi32

RegQueryValueExW
GetNamedSecurityInfoW
CryptGenRandom
CryptAcquireContextA
CryptEncrypt
CryptDecrypt
CryptSetKeyParam
CryptImportKey
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
CreateWellKnownSid
RegOpenKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA
SetNamedSecurityInfoW
SetEntriesInAclW

shell32

ShellExecuteExW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoSetProxyBlanket

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

shlwapi

PathAppendW
PathRemoveFileSpecW
PathFileExistsW

iphlpapi

GetAdaptersInfo

crypt32

CryptStringToBinaryW
CryptBinaryToStringW

winhttp

WinHttpReadData
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpSetOption
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpConnect
WinHttpSetTimeouts
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCreateUrl
WinHttpCloseHandle
WinHttpCrackUrl

Exports

Exports

sas_AAAA
sas_AAAB
sas_AAAC
sas_AAAD
sas_AAAE

Sections

.text
Size: 938KB - Virtual size: 937KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/.pak
Settings/2.pak
Settings/Resource/CMap/Identity-H
Settings/Resource/CMap/Identity-V
Settings/Resource/CMap/UCS2-GBK-EUC
Settings/Resource/CMap/UniKS-UTF16-H
Settings/Resource/CMap/UniKS-UTF16-V
Settings/Resource/Font/AdobePIStd.otf
Settings/Resource/Font/CourierStd-Bold.otf
Settings/Resource/Font/CourierStd-BoldOblique.otf
Settings/Resource/Font/CourierStd-Oblique.otf
Settings/Resource/Font/CourierStd.otf
Settings/Resource/Font/MinionPro-Bold.otf
Settings/Resource/Font/MinionPro-BoldIt.otf
Settings/Resource/Font/MinionPro-It.otf
Settings/Resource/Font/MinionPro-Regular.otf
Settings/Resource/Font/MyriadPro-Bold.otf
Settings/Resource/Font/MyriadPro-BoldIt.otf
Settings/Resource/Font/MyriadPro-It.otf
Settings/Resource/Font/MyriadPro-Regular.otf
Settings/Resource/Font/Pfm/CMap/Identity-H
Settings/Resource/Font/Pfm/CMap/Identity-V
Settings/Resource/Font/Pfm/CMap/UCS2-GBK-EUC
Settings/Resource/Font/Pfm/CMap/UniKS-UTF16-H
Settings/Resource/Font/Pfm/CMap/UniKS-UTF16-V
Settings/Resource/Font/Pfm/Font/AdobePIStd.otf
Settings/Resource/Font/Pfm/Font/CourierStd-Bold.otf
Settings/Resource/Font/Pfm/Font/CourierStd-BoldOblique.otf
Settings/Resource/Font/Pfm/Font/CourierStd-Oblique.otf
Settings/Resource/Font/Pfm/Font/CourierStd.otf
Settings/Resource/Font/Pfm/Font/MinionPro-Bold.otf
Settings/Resource/Font/Pfm/Font/MinionPro-BoldIt.otf
Settings/Resource/Font/Pfm/Font/MinionPro-It.otf
Settings/Resource/Font/Pfm/Font/MinionPro-Regular.otf
Settings/Resource/Font/Pfm/Font/MyriadPro-Bold.otf
Settings/Resource/Font/Pfm/Font/MyriadPro-BoldIt.otf
Settings/Resource/Font/Pfm/Font/MyriadPro-It.otf
Settings/Resource/Font/Pfm/Font/MyriadPro-Regular.otf
Settings/Resource/Font/Pfm/Font/Pfm/SY______.PFM
Settings/Resource/Font/Pfm/Font/Pfm/zx______.pfm
Settings/Resource/Font/Pfm/Font/Pfm/zy______.pfm
Settings/Resource/Font/Pfm/Font/SY______.PFB
Settings/Resource/Font/Pfm/Font/ZX______.PFB
Settings/Resource/Font/Pfm/Font/ZY______.PFB
Settings/Resource/Font/Pfm/Locals/am.pak
Settings/Resource/Font/Pfm/Locals/ar.pak
Settings/Resource/Font/Pfm/Locals/fi.pak
Settings/Resource/Font/Pfm/Locals/fil.pak
Settings/Resource/Font/Pfm/Locals/fr.pak
Settings/Resource/Font/Pfm/Locals/gu.pak
Settings/Resource/Font/Pfm/Locals/he.pak
Settings/Resource/Font/Pfm/Locals/hi.pak
Settings/Resource/Font/Pfm/Locals/hr.pak
Settings/Resource/Font/Pfm/Locals/hu.pak
Settings/Resource/Font/Pfm/Locals/id.pak
Settings/Resource/Font/Pfm/Locals/lt.pak
Settings/Resource/Font/Pfm/Locals/lv.pak
Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.ClassicTheme.dll
.dll windows:4 windows x86 arch:x86

Password: 8485

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\src\AdonisUI.ClassicTheme\obj\Release\net45\AdonisUI.ClassicTheme.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.ClassicTheme.xml
.xml
Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.dll
.dll windows:4 windows x86 arch:x86

Password: 8485

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\src\AdonisUI\obj\Release\net45\AdonisUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Font/Pfm/Locals/x64/AdonisUI.xml
.xml
Settings/Resource/Font/Pfm/Locals/x64/SQLite.Interop.dll
.dll windows:6 windows x64 arch:x64

Password: 8485

a42f73521c784fa06f1d886fcbcefcba

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30
Signer

Actual PE Digest

cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30

Digest Algorithm

sha512

PE Digest Matches

true

3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fd
Signer

Actual PE Digest

3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo

wintrust

WinVerifyTrust

kernel32

TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
WriteConsoleW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
AreFileApisANSI
SetEnvironmentVariableA
RaiseException
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
lstrcmpiW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW

user32

wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI00b5de0dbe05adc8
SI00f2097672333949
SI013768ea228eaf06
SI03ee1370ff2172fd
SI050169b0f137dcac
SI061f9351f6b79d40
SI066df4a47deb7b95
SI075258fe7332f5c9
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0b65268e19d3b81d
SI0e7c9abcb195c68c
SI0f556a49067bf550
SI0fe7fecb92f1b44b
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI15d5f41c81892f13
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI24f5c83eaddd65e8
SI252aeb4a9d3dc2ff
SI2b074e8cf29cb472
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI349980d776ee39ac
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3974af1f94b94613
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI57335d3e329eea8d
SI5887bf867911838d
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI64119fb980b7e962
SI6479b9cf07b87f67
SI674c3bc07fc17979
SI6901b186cfd089f2
SI690ffdcfd9cda629
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI6e6c544c028b2de9
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI72b05b1ad5f34d61
SI75fe921d50a95fe0
SI768767362ea03a94
SI77ffe3fede90bfbb
SI783104ea11038afc
SI79f6c64948ab63d2
SI7a4943591207dd14
SI7b97ee05aa1e64c7
SI7c373366af3ee2f7
SI7cd7250399b1ea60
SI7da3b9691a73b4a2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8dd2c969f2a6a31e
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9bf461db9bf83c22
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SI9ea49276dcf9849f
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa1d7e21a548b910c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIa8e1a742a358dc07
SIa9b758d3ae2e9aea
SIab3ed5feb3c43f0c
SIada7f27769d7f95b
SIae9562605f0b7c06
SIb391996b7b633820
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIb84ee16d149e7562
SIb94a6bc97d77e69f
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc0bb4eab77f5a999
SIc21d402df09e0c69
SIc26100c97b176329
SIc28b5d2d1f102994
SIc2d8715ee8c9e908
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIc5d5610a73781fac
SIc8c63d94dd03040b
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd2334250b08e199
SIcd6b4ac0aeff7202
SId00f524badf4f5cf
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdbbe1b52f304f379
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIdca7c218fe9393fb
SIde347320a2d725fa
SIdeb28053ce71d5b4
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe2cb515ade8c0235
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIeea5cda6d9846aa5
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8090240c1414098
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfcfad09d1b0a60ec
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Font/Pfm/Locals/x86/BouncyCastle.Crypto.dll
.dll windows:4 windows x86 arch:x86

Password: 8485

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:d7:ef:74:a9:ff:03:a2:20:b6:ed:bb:39:9d:14:c1
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/03/2020, 00:00

Not After

23/03/2023, 12:00

Subject

SERIALNUMBER=5101633,CN=Claire Novotny LLC,O=Claire Novotny LLC,L=New York,ST=New York,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13084e657720596f726b,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:a3:c5:7e:59:87:21:c6:7b:dd:bc:9b:b2:2d:4f:d1:d2:a5:cc:63:04:1d:78:fb:93:6c:0e:40:16:85:b2:61
Signer

Actual PE Digest

f6:a3:c5:7e:59:87:21:c6:7b:dd:bc:9b:b2:2d:4f:d1:d2:a5:cc:63:04:1d:78:fb:93:6c:0e:40:16:85:b2:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BouncyCastle.Crypto.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Font/Pfm/Locals/x86/BouncyCastle.Crypto.xml
.xml
Settings/Resource/Font/Pfm/Locals/x86/SQLite.Interop.dll
.dll windows:6 windows x86 arch:x86

39ace63b362beb47a2a7a8202a5c4f2d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61
Signer

Actual PE Digest

3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61

Digest Algorithm

sha512

PE Digest Matches

true

18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:df
Signer

Actual PE Digest

18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:df

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo

wintrust

WinVerifyTrust

kernel32

TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
WriteConsoleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SetEnvironmentVariableA
AreFileApisANSI
DecodePointer
SetStdHandle
RaiseException
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
MapViewOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI00b5de0dbe05adc8
SI00f2097672333949
SI03ee1370ff2172fd
SI066df4a47deb7b95
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0e7c9abcb195c68c
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI252aeb4a9d3dc2ff
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI674c3bc07fc17979
SI6901b186cfd089f2
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI75fe921d50a95fe0
SI768767362ea03a94
SI783104ea11038afc
SI79f6c64948ab63d2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIae9562605f0b7c06
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc26100c97b176329
SIc28b5d2d1f102994
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd6b4ac0aeff7202
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIde347320a2d725fa
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
_SI013768ea228eaf06@8
_SI050169b0f137dcac@12
_SI061f9351f6b79d40@8
_SI075258fe7332f5c9@0
_SI0b65268e19d3b81d@12
_SI0f556a49067bf550@8
_SI0fe7fecb92f1b44b@12
_SI15d5f41c81892f13@8
_SI24f5c83eaddd65e8@4
_SI2b074e8cf29cb472@16
_SI349980d776ee39ac@12
_SI3974af1f94b94613@12
_SI57335d3e329eea8d@12
_SI5887bf867911838d@12
_SI64119fb980b7e962@12
_SI6479b9cf07b87f67@8
_SI690ffdcfd9cda629@8
_SI6e6c544c028b2de9@4
_SI72b05b1ad5f34d61@12
_SI77ffe3fede90bfbb@32
_SI7a4943591207dd14@4
_SI7b97ee05aa1e64c7@12
_SI7c373366af3ee2f7@4
_SI7cd7250399b1ea60@4
_SI7da3b9691a73b4a2@12
_SI8dd2c969f2a6a31e@12
_SI9bf461db9bf83c22@8
_SI9ea49276dcf9849f@12
_SIa1d7e21a548b910c@4
_SIa8e1a742a358dc07@8
_SIa9b758d3ae2e9aea@12
_SIab3ed5feb3c43f0c@0
_SIada7f27769d7f95b@4
_SIb391996b7b633820@36
_SIb84ee16d149e7562@12
_SIb94a6bc97d77e69f@8
_SIc0bb4eab77f5a999@20
_SIc21d402df09e0c69@8
_SIc2d8715ee8c9e908@4
_SIc5d5610a73781fac@12
_SIc8c63d94dd03040b@44
_SIcd2334250b08e199@112
_SId00f524badf4f5cf@20
_SIdbbe1b52f304f379@4
_SIdca7c218fe9393fb@24
_SIdeb28053ce71d5b4@12
_SIe2cb515ade8c0235@12
_SIeea5cda6d9846aa5@12
_SIf8090240c1414098@4
_SIfcfad09d1b0a60ec@20
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Font/Pfm/SY______.PFM
Settings/Resource/Font/Pfm/SaslPrep/SaslPrepProfile_norm_bidi.spp
Settings/Resource/Font/Pfm/TypeSupport/Unicode/ICU/icudt26l.dat
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Adobe/symbol.txt
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Adobe/zdingbat.txt
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CENTEURO.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CORPCHAR.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CROATIAN.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CYRILLIC.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/GREEK.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ICELAND.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ROMAN.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ROMANIAN.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/SYMBOL.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/TURKISH.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/UKRAINE.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1250.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1251.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1252.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1253.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1254.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1257.TXT
Settings/Resource/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1258.TXT
Settings/Resource/Font/Pfm/opengl64.dll
Settings/Resource/Font/Pfm/resources.pak
Settings/Resource/Font/Pfm/zx______.pfm
Settings/Resource/Font/Pfm/zy______.pfm
Settings/Resource/Font/SY______.PFB
Settings/Resource/Font/ZX______.PFB
Settings/Resource/Font/ZY______.PFB
Settings/Resource/Locals/am.pak
Settings/Resource/Locals/ar.pak
Settings/Resource/Locals/fi.pak
Settings/Resource/Locals/fil.pak
Settings/Resource/Locals/fr.pak
Settings/Resource/Locals/gu.pak
Settings/Resource/Locals/he.pak
Settings/Resource/Locals/hi.pak
Settings/Resource/Locals/hr.pak
Settings/Resource/Locals/hu.pak
Settings/Resource/Locals/id.pak
Settings/Resource/Locals/lt.pak
Settings/Resource/Locals/lv.pak
Settings/Resource/Locals/x64/AdonisUI.ClassicTheme.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\src\AdonisUI.ClassicTheme\obj\Release\net45\AdonisUI.ClassicTheme.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Locals/x64/AdonisUI.ClassicTheme.xml
.xml
Settings/Resource/Locals/x64/AdonisUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\src\AdonisUI\obj\Release\net45\AdonisUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Locals/x64/AdonisUI.xml
.xml
Settings/Resource/Locals/x64/SQLite.Interop.dll
.dll windows:6 windows x64 arch:x64

a42f73521c784fa06f1d886fcbcefcba

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30
Signer

Actual PE Digest

cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30

Digest Algorithm

sha512

PE Digest Matches

true

3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fd
Signer

Actual PE Digest

3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo

wintrust

WinVerifyTrust

kernel32

TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
WriteConsoleW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
AreFileApisANSI
SetEnvironmentVariableA
RaiseException
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
lstrcmpiW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW

user32

wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI00b5de0dbe05adc8
SI00f2097672333949
SI013768ea228eaf06
SI03ee1370ff2172fd
SI050169b0f137dcac
SI061f9351f6b79d40
SI066df4a47deb7b95
SI075258fe7332f5c9
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0b65268e19d3b81d
SI0e7c9abcb195c68c
SI0f556a49067bf550
SI0fe7fecb92f1b44b
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI15d5f41c81892f13
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI24f5c83eaddd65e8
SI252aeb4a9d3dc2ff
SI2b074e8cf29cb472
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI349980d776ee39ac
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3974af1f94b94613
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI57335d3e329eea8d
SI5887bf867911838d
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI64119fb980b7e962
SI6479b9cf07b87f67
SI674c3bc07fc17979
SI6901b186cfd089f2
SI690ffdcfd9cda629
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI6e6c544c028b2de9
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI72b05b1ad5f34d61
SI75fe921d50a95fe0
SI768767362ea03a94
SI77ffe3fede90bfbb
SI783104ea11038afc
SI79f6c64948ab63d2
SI7a4943591207dd14
SI7b97ee05aa1e64c7
SI7c373366af3ee2f7
SI7cd7250399b1ea60
SI7da3b9691a73b4a2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8dd2c969f2a6a31e
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9bf461db9bf83c22
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SI9ea49276dcf9849f
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa1d7e21a548b910c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIa8e1a742a358dc07
SIa9b758d3ae2e9aea
SIab3ed5feb3c43f0c
SIada7f27769d7f95b
SIae9562605f0b7c06
SIb391996b7b633820
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIb84ee16d149e7562
SIb94a6bc97d77e69f
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc0bb4eab77f5a999
SIc21d402df09e0c69
SIc26100c97b176329
SIc28b5d2d1f102994
SIc2d8715ee8c9e908
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIc5d5610a73781fac
SIc8c63d94dd03040b
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd2334250b08e199
SIcd6b4ac0aeff7202
SId00f524badf4f5cf
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdbbe1b52f304f379
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIdca7c218fe9393fb
SIde347320a2d725fa
SIdeb28053ce71d5b4
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe2cb515ade8c0235
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIeea5cda6d9846aa5
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8090240c1414098
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfcfad09d1b0a60ec
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Locals/x86/BouncyCastle.Crypto.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:d7:ef:74:a9:ff:03:a2:20:b6:ed:bb:39:9d:14:c1
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/03/2020, 00:00

Not After

23/03/2023, 12:00

Subject

SERIALNUMBER=5101633,CN=Claire Novotny LLC,O=Claire Novotny LLC,L=New York,ST=New York,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13084e657720596f726b,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:a3:c5:7e:59:87:21:c6:7b:dd:bc:9b:b2:2d:4f:d1:d2:a5:cc:63:04:1d:78:fb:93:6c:0e:40:16:85:b2:61
Signer

Actual PE Digest

f6:a3:c5:7e:59:87:21:c6:7b:dd:bc:9b:b2:2d:4f:d1:d2:a5:cc:63:04:1d:78:fb:93:6c:0e:40:16:85:b2:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BouncyCastle.Crypto.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/Resource/Locals/x86/BouncyCastle.Crypto.xml
.xml
Settings/Resource/Locals/x86/SQLite.Interop.dll
.dll windows:6 windows x86 arch:x86

39ace63b362beb47a2a7a8202a5c4f2d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61
Signer

Actual PE Digest

3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61

Digest Algorithm

sha512

PE Digest Matches

true

18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:df
Signer

Actual PE Digest

18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:df

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo

wintrust

WinVerifyTrust

kernel32

TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
WriteConsoleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SetEnvironmentVariableA
AreFileApisANSI
DecodePointer
SetStdHandle
RaiseException
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
MapViewOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI00b5de0dbe05adc8
SI00f2097672333949
SI03ee1370ff2172fd
SI066df4a47deb7b95
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0e7c9abcb195c68c
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI252aeb4a9d3dc2ff
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI674c3bc07fc17979
SI6901b186cfd089f2
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI75fe921d50a95fe0
SI768767362ea03a94
SI783104ea11038afc
SI79f6c64948ab63d2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIae9562605f0b7c06
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc26100c97b176329
SIc28b5d2d1f102994
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd6b4ac0aeff7202
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIde347320a2d725fa
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
_SI013768ea228eaf06@8
_SI050169b0f137dcac@12
_SI061f9351f6b79d40@8
_SI075258fe7332f5c9@0
_SI0b65268e19d3b81d@12
_SI0f556a49067bf550@8
_SI0fe7fecb92f1b44b@12
_SI15d5f41c81892f13@8
_SI24f5c83eaddd65e8@4
_SI2b074e8cf29cb472@16
_SI349980d776ee39ac@12
_SI3974af1f94b94613@12
_SI57335d3e329eea8d@12
_SI5887bf867911838d@12
_SI64119fb980b7e962@12
_SI6479b9cf07b87f67@8
_SI690ffdcfd9cda629@8
_SI6e6c544c028b2de9@4
_SI72b05b1ad5f34d61@12
_SI77ffe3fede90bfbb@32
_SI7a4943591207dd14@4
_SI7b97ee05aa1e64c7@12
_SI7c373366af3ee2f7@4
_SI7cd7250399b1ea60@4
_SI7da3b9691a73b4a2@12
_SI8dd2c969f2a6a31e@12
_SI9bf461db9bf83c22@8
_SI9ea49276dcf9849f@12
_SIa1d7e21a548b910c@4
_SIa8e1a742a358dc07@8
_SIa9b758d3ae2e9aea@12
_SIab3ed5feb3c43f0c@0
_SIada7f27769d7f95b@4
_SIb391996b7b633820@36
_SIb84ee16d149e7562@12
_SIb94a6bc97d77e69f@8
_SIc0bb4eab77f5a999@20
_SIc21d402df09e0c69@8
_SIc2d8715ee8c9e908@4
_SIc5d5610a73781fac@12
_SIc8c63d94dd03040b@44
_SIcd2334250b08e199@112
_SId00f524badf4f5cf@20
_SIdbbe1b52f304f379@4
_SIdca7c218fe9393fb@24
_SIdeb28053ce71d5b4@12
_SIe2cb515ade8c0235@12
_SIeea5cda6d9846aa5@12
_SIf8090240c1414098@4
_SIfcfad09d1b0a60ec@20
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/library.dll
Settings/opengl.sys
Setup.exe
.exe windows:6 windows x64 arch:x64

7f95589388d51e82edf11ba184ed6b39

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:92:61:fa:48:6b:16:10:71:3a:4c:b9:ec:7e:6c:42
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/03/2022, 00:00

Not After

23/04/2025, 23:59

Subject

CN=STARDOCK SYSTEMS\, INC.,O=STARDOCK SYSTEMS\, INC.,L=Plymouth,ST=Michigan,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8c:d3:a3:2e:cb:52:c9:b2:0d:88:24:28:39:da:81:00:3f:66:c7:7f
Signer

Actual PE Digest

8c:d3:a3:2e:cb:52:c9:b2:0d:88:24:28:39:da:81:00:3f:66:c7:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\jeffb\Dropbox\_LocalMachines\Windows\Object Desktop\Object Dock\Debug\ObjectDock.pdb

Imports

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

winmm

PlaySoundW

version

GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW

shlwapi

PathFileExistsW
PathFindExtensionW
PathIsDirectoryW
StrStrIW
PathCanonicalizeW
PathUnquoteSpacesW
PathMakeSystemFolderW
ColorRGBToHLS
ColorHLSToRGB
PathRemoveArgsW
SHAutoComplete
PathRelativePathToW
ord172
ord174
ord219
ord16

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

crypt32

CryptVerifyMessageSignature
CertGetNameStringW
CertFreeCertificateContext

uxtheme

CloseThemeData
OpenThemeData

msimg32

AlphaBlend

imagehlp

ImageGetCertificateData
ImageGetCertificateHeader

propsys

PropVariantToBSTR

comctl32

ImageList_GetIconSize
ImageList_DrawEx
InitCommonControlsEx
ord17
ImageList_ReplaceIcon
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_Draw

kernel32

GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
ReadFile
WriteFile
OutputDebugStringW
CreateMutexW
GetCurrentProcess
CreateThread
GetCurrentThread
GetCurrentThreadId
TerminateThread
SuspendThread
ResumeThread
CreateProcessW
SetPriorityClass
OpenProcess
GetSystemTime
GetTickCount
GetVersionExW
SetProcessWorkingSetSize
GetModuleFileNameA
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalFree
LocalFree
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
IsBadReadPtr
GetComputerNameW
K32EnumProcessModules
K32GetModuleFileNameExW
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
SetThreadPriority
ExpandEnvironmentStringsW
WaitForSingleObject
GetSystemInfo
GetDriveTypeW
QueryPerformanceCounter
ExitThread
GetWindowsDirectoryW
SetLastError
GetCurrentProcessId
SearchPathW
GetLocalTime
GetPrivateProfileStringW
FindFirstChangeNotificationW
FindNextChangeNotification
GetLogicalDriveStringsW
WaitForMultipleObjects
GetExitCodeThread
WritePrivateProfileSectionW
GetPrivateProfileStructW
WritePrivateProfileStructW
GetModuleHandleExA
MultiByteToWideChar
IsBadCodePtr
lstrcpynW
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
QueryPerformanceFrequency
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetPackageId
GetPackageFamilyName
GetPackagePath
GetPackagePathByFullName
GetApplicationUserModelId
PackageFullNameFromId
GetPackagesByPackageFamily
lstrcpyW
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetFilePointer
LoadLibraryExW
EnumResourceNamesW
GetTempPathW
OpenEventW
CreateRemoteThread
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
GetPrivateProfileIntW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
VirtualQuery
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
GetLastError
GetFileSize
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetModuleFileNameW
FreeLibrary
CloseHandle
CreateFileW
GetModuleHandleExW
GetStdHandle
GetFileType
WriteConsoleW
HeapSize
WritePrivateProfileStringW
HeapValidate
ExitProcess
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapQueryInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
GetDateFormatW

user32

GetMessagePos
GetMessageTime
SendMessageTimeoutW
GetWindowPlacement
GetSystemMenu
EnableMenuItem
AppendMenuW
GetWindowModuleFileNameW
GetWindowRgn
keybd_event
GetMenuDefaultItem
AllowSetForegroundWindow
CallWindowProcA
IsWindowEnabled
GetDoubleClickTime
CheckMenuRadioItem
DrawTextExW
RegisterClassExA
DrawMenuBar
DrawEdge
CopyIcon
GetMenuStringW
LookupIconIdFromDirectory
CreateIconFromResource
SetClassLongPtrW
GetWindowLongW
PtInRect
EqualRect
IsRectEmpty
OffsetRect
InflateRect
CopyRect
SetRect
FillRect
GetSysColorBrush
GetSysColor
ClientToScreen
GetCursor
SetCursor
ShowCursor
RemovePropW
GetPropW
GetClassLongPtrW
GetAncestor
SetWindowRgn
GetWindowDC
GetForegroundWindow
UpdateWindow
DrawTextW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
CheckMenuItem
CreatePopupMenu
LoadMenuW
GetSystemMetrics
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
GetKeyState
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
IsIconic
IsWindowVisible
SetWindowPos
UpdateLayeredWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
AttachThreadInput
PostThreadMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
wsprintfW
wvsprintfW
LoadStringW
LoadImageW
DestroyCursor
EnumChildWindows
IntersectRect
GetMenu
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetLayeredWindowAttributes
GetCapture
DragDetect
SetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
InsertMenuW
GetSubMenu
SetWindowLongW
RegisterClipboardFormatW
GetIconInfo
SystemParametersInfoW
EnumDisplayDevicesW
IsDialogMessageW
DrawIconEx
LoadCursorW
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetWindowThreadProcessId
GetClassNameW
DestroyMenu
EnumWindows
DeregisterShellHookWindow
RegisterShellHookWindow
FindWindowExW
ValidateRect
FindWindowW
SetPropW
GetWindowLongPtrW
GetDC
ReleaseDC
MonitorFromPoint
SendMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
IsWindow
ShowWindow
MoveWindow
CreateDialogParamW
DialogBoxParamW
EndDialog
GetDlgItem
SetFocus
EnableWindow
DrawIcon
SetForegroundWindow
BeginPaint
EndPaint
InvalidateRect
RedrawWindow
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
MessageBoxW
GetCursorPos
ScreenToClient
WindowFromPoint
SetWindowLongPtrW
GetParent
LoadIconW
DestroyIcon

gdi32

SaveDC
SetGraphicsMode
GetTextExtentPoint32W
CreateFontIndirectW
Polyline
RestoreDC
GetTextColor
ModifyWorldTransform
DPtoLP
SetWindowOrgEx
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
CreatePatternBrush
CreatePen
OffsetViewportOrgEx
EnumFontFamiliesExW
CreateSolidBrush
StretchBlt
SetDIBits
GetDIBits
SetViewportOrgEx
TextOutW
MoveToEx
GetObjectW
CreateDIBSection
GetTextMetricsW
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
SelectObject
OffsetRgn
LineTo
CombineRgn
BitBlt
DeleteObject
GetDeviceCaps
GetRgnBox
GetCurrentObject
ExtCreateRegion
DeleteDC
CreateRectRgn
GetStockObject

comdlg32

GetOpenFileNameW
ChooseColorW

advapi32

OpenProcessToken
RegDeleteValueW
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
GetUserNameW
LookupPrivilegeValueW
GetTokenInformation
AdjustTokenPrivileges

shell32

SHGetPropertyStoreForWindow
DragFinish
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHQueryRecycleBinW
SHEmptyRecycleBinW
SHBrowseForFolderW
Shell_NotifyIconW
DragQueryFileW

ole32

CoInitializeEx
StringFromGUID2
CoLockObjectExternal
CoDisconnectObject
ReleaseStgMedium
DoDragDrop
CoMarshalInterThreadInterfaceInStream
RegisterDragDrop
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
StgCreateDocfile
CoGetInterfaceAndReleaseStream
CoTaskMemFree
RevokeDragDrop
OleCreate
OleSetContainedObject
PropVariantClear
CLSIDFromString
OleInitialize

gdiplus

GdipSetImageAttributesGamma
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipDrawPath
GdipFillPath
GdipCreateFont
GdipDeleteFont
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetPenLineCap197819
GdipDrawLine
GdipGetTextRenderingHint
GdipResetWorldTransform
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipFillRectangle
GdipDeleteBrush
GdipResetClip
GdipSetClipRectI
GdipDrawImageRectRectI
GdipDrawImageI
GdipImageRotateFlip
GdipDrawLineI
GdipSetInterpolationMode
GdipReleaseDC
GdipGetDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipDeletePen
GdipCreatePen1
GdipFree
GdipAlloc
GdipCloneBrush
GdipCreateSolidFill
GdipAddPathStringI
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipSetCompositingMode
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipSetSmoothingMode
GdipGetImageEncoders
GdipGraphicsClear
GdipGetImageEncodersSize

Exports

Exports

DockletBrowseForImage
DockletDefaultConfigDialog
DockletDoAttentionAnimation
DockletDoClickAnimation
DockletGetLabel
DockletGetRect
DockletGetRelativeFolder
DockletGetRootFolder
DockletIsVisible
DockletLoadGDIPlusImage
DockletLockMouseEffect
DockletQueryDockAlign
DockletQueryDockEdge
DockletRemoveSelf
DockletSetDockAlign
DockletSetDockEdge
DockletSetImage
DockletSetImageFile
DockletSetImageOverlay
DockletSetLabel
DotNetCallback
EntryPt

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 695KB - Virtual size: 695KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
flync
hjcdafc

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 8485

Password: 8485

Password: 8485

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bbCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5Signer

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 160B

.rsrc Size: 247KB - Virtual size: 246KB

Password: 8485

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bbCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4Signer

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 160B

.rsrc Size: 251KB - Virtual size: 250KB

Password: 8485

15027fcca928a02026d128c2183b3129

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

iphlpapi

crypt32

winhttp

Exports

Exports

Sections

.text Size: 938KB - Virtual size: 937KB

.rdata Size: 338KB - Virtual size: 337KB

.data Size: 27KB - Virtual size: 39KB

.pdata Size: 42KB - Virtual size: 42KB

.gfids Size: 1024B - Virtual size: 732B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

47:61:59:f6:b7:42:45:ca:c9:25:78:ae:bc:3c:f6:ba:c3:c2:15:e8:6d:ed:75:4a:cd:f7:6c:5e:97:9a:9e:e5
Signer

.rdata
Size: 512B - Virtual size: 160B

.rsrc
Size: 247KB - Virtual size: 246KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:75:e1:f7:ec:9b:d8:a6:7a:3f:61:89:c6:3e:97:bb
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

79:ad:e0:64:e4:e6:2d:91:c0:f1:bf:7f:f7:1a:3d:a5:01:8f:45:2b:7e:ff:ba:4b:f0:59:d2:18:e7:a8:32:e4
Signer

.rdata
Size: 512B - Virtual size: 160B

.rsrc
Size: 251KB - Virtual size: 250KB

.text
Size: 938KB - Virtual size: 937KB

.rdata
Size: 338KB - Virtual size: 337KB

.data
Size: 27KB - Virtual size: 39KB

.pdata
Size: 42KB - Virtual size: 42KB

.gfids
Size: 1024B - Virtual size: 732B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 284KB - Virtual size: 284KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 161KB - Virtual size: 161KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30
Signer

3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fd
Signer