a68dacd5f82034f4df0b977fba4d14b0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a68dacd5f82034f4df0b977fba4d14b0N.exe
Size

5.0MB
MD5

a68dacd5f82034f4df0b977fba4d14b0
SHA1

14ffb40a0b3767481beefd7d57bdfca457aac990
SHA256

c1a2a5ed86f4d5a9efbc1654a29ab208073845e0246130191202db4ae34c59ff
SHA512

4554aee934f11de0e803cbcf10685b46d5c9d73bddfbe2efd899a446dd37da4298cf45971e44b7b81216a7686708ac1c98a29d4fd777b62e54c4deb312ff77f2
SSDEEP

98304:Xiz2ccRHQHRw7IhfLBf5Aur3HG7vbvs1Y/WALZR66eRNXZb4ofs53lXx2sik2:Xiz26y7burHG7DWALZktRNXR4ofs53vW

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
a68dacd5f82034f4df0b977fba4d14b0N.exe
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/$PLUGINSDIR/nsProcess.dll
unpack001/IDMan.exe
unpack001/idmindex.dll

Files

a68dacd5f82034f4df0b977fba4d14b0N.exe
.exe windows:4 windows x86 arch:x86

9dda1a1d1f8a1d13ae0297b47046b26e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
WriteFile
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CopyFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

68b7023f8923dd087549802f8fa631c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode

user32

CharNextExA
CharNextW
CharPrevW
FindWindowExW
wsprintfW
SendMessageW

kernel32

GetCommandLineW
lstrcpynW
ExitProcess
GetCurrentProcess
GetModuleHandleA
GetProcAddress
Sleep
TerminateProcess
GlobalReAlloc
MultiByteToWideChar
IsDBCSLeadByteEx
ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
CreateProcessW
GetStartupInfoW
CreatePipe
GetVersion
DeleteFileW
lstrcmpiW
lstrlenW
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 927B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMEdgeExt.crx
.zip
_locales/ar/messages.json
_locales/de/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fa/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/it/messages.json
_locales/nl/messages.json
_locales/pl/messages.json
_locales/pt/messages.json
_locales/ru/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/vn/messages.json
_locales/zh_cn/messages.json
_locales/zh_tw/messages.json
_metadata/verified_contents.json
background.js
.js
captured.html
.js
content.js
.js
debug.js
.js
document.js
.js
images/headBkgd.gif
.gif
images/headTitle.gif
.gif
images/logo128.png
.png
images/logo16.png
.png
images/logo16x.png
.png
images/logo32.png
.png
images/logo32x.png
.png
images/logo48.png
.png
images/logoTonec.gif
.gif
manifest.json
welcome.html
welcome.js
.js
IDMFType.dat
IDMFType64.dll
.dll windows:5 windows x64 arch:x64

f811252742cee99958ced610cdfd96ef

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2010, 00:00

Not After

01/06/2013, 23:59

Subject

CN=Tonec Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Secure Application Development,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3b:17:36:10:d3:f1:9e:b0:b4:cd:13:9f:ed:8e:66:47:32:f8:61:32
Signer

Actual PE Digest

3b:17:36:10:d3:f1:9e:b0:b4:cd:13:9f:ed:8e:66:47:32:f8:61:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

x:\Projects\FileType\x64\Release\IDMFType64.pdb

Imports

msvcrt

realloc
islower
isupper
toupper
isspace
asctime
_strnicmp
strncmp
memcpy
__C_specific_handler
_CxxThrowException
_snprintf
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_XcptFilter
_initterm
_amsg_exit
_vsnprintf
strchr
strcspn
_stricmp
tolower
malloc
strncpy
_gmtime64
_ctime64
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
fclose
fseek
fread
fopen
free
__CxxFrameHandler

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
Sleep
VirtualProtect
GetSystemTimeAsFileTime

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

IDMExtensionForMimeType
IDMFileType

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMGCExt.crx
.zip
_locales/ar/messages.json
_locales/de/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fa/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/it/messages.json
_locales/nl/messages.json
_locales/pl/messages.json
_locales/pt/messages.json
_locales/ru/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/vn/messages.json
_locales/zh_cn/messages.json
_locales/zh_tw/messages.json
_metadata/verified_contents.json
background.js
.js
captured.html
.js
content.js
.js
debug.js
.js
document.js
.js
images/headBkgd.gif
.gif
images/headTitle.gif
.gif
images/logo128.png
.png
images/logo16.png
.png
images/logo16x.png
.png
images/logo32.png
.png
images/logo32x.png
.png
images/logo48.png
.png
images/logoTonec.gif
.gif
manifest.json
welcome.html
welcome.js
.js
IDMGCExt59.crx
.zip
_locales/ar/messages.json
_locales/de/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fa/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/it/messages.json
_locales/nl/messages.json
_locales/pl/messages.json
_locales/pt/messages.json
_locales/ru/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/vn/messages.json
_locales/zh_cn/messages.json
_locales/zh_tw/messages.json
background.js
.js
captured.html
.js
content.js
.js
debug.js
.js
document.js
.js
images/headBkgd.gif
.gif
images/headTitle.gif
.gif
images/logo128.png
.png
images/logo16.png
.png
images/logo16x.png
.png
images/logo32.png
.png
images/logo32x.png
.png
images/logo48.png
.png
images/logoTonec.gif
.gif
manifest.json
welcome.html
welcome.js
.js
IDMGetAll.dll
.dll regsvr32 windows:5 windows x86 arch:x86

44de3c890bc6860cd0fac57fb1bd1c86

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4a:5b:49:b4:ab:8d:52:e8:3f:26:2f:37:bb:66:09:1c:4d:c1:10:47:7e:89:7f:e2:00:eb:58:fd:a1:1b:e6
Signer

Actual PE Digest

0c:4a:5b:49:b4:ab:8d:52:e8:3f:26:2f:37:bb:66:09:1c:4d:c1:10:47:7e:89:7f:e2:00:eb:58:fd:a1:1b:e6

Digest Algorithm

sha256

PE Digest Matches

true

46:93:71:35:d5:7e:46:d1:47:4b:d9:c2:3b:de:4f:9f:99:98:be:9e
Signer

Actual PE Digest

46:93:71:35:d5:7e:46:d1:47:4b:d9:c2:3b:de:4f:9f:99:98:be:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCombineUrlA
InternetGetCookieA

msvcrt

_amsg_exit
_initterm
_XcptFilter
_onexit
_lock
__dllonexit
_unlock
realloc
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_ismbblead
isalpha
_memicmp
_purecall
malloc
memcmp
_wcsicmp
sprintf
strlen
strcpy
wcscpy
wcsncpy
wcscat
wcsncat
_CxxThrowException
free
??2@YAPAXI@Z
wcsstr
strstr
strrchr
strpbrk
atoi
_ismbcdigit
wcslen
vsprintf
memset
memcpy
??_U@YAPAXI@Z
_mbclen
_mbsinc
_mbsstr
_mbschr
??_V@YAXPAX@Z
??3@YAXPAX@Z
__CxxFrameHandler
_errno
strchr
wcschr

kernel32

GetModuleHandleW
GetSystemInfo
VirtualQuery
GetVersion
lstrlenA
InterlockedDecrement
GetProcAddress
MultiByteToWideChar
InterlockedIncrement
GetLastError
GetModuleHandleA
GetCurrentThreadId
lstrlenW
VirtualAlloc
VirtualProtect
GetProcessHeap
HeapFree
WideCharToMultiByte
InterlockedCompareExchange
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
RtlUnwind
OutputDebugStringA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
GetModuleFileNameA
DisableThreadLibraryCalls
lstrcmpiA
DeleteCriticalSection

user32

CharNextW
CharNextA
MessageBoxA

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SafeArrayDestroy
SysAllocString
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysStringLen
VarBstrCat
SafeArrayPutElement
SysAllocStringLen
SafeArrayCreate
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMGetAll64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

381ecb1e5320448e597c487d572438dc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

78:28:c7:31:58:08:bc:87:17:71:0e:13:fa:3c:0b:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18/05/2016, 00:00

Not After

15/07/2019, 23:59

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:b9:55:fb:88:8e:2d:d6:c8:31:92:d7:e7:88:28:62
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16/05/2016, 00:00

Not After

15/07/2019, 23:59

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

62:3f:42:45:4f:ab:11:b3:ba:01:fa:b7:22:90:8a:57:5f:fe:54:a3:f1:5a:8e:18:88:38:60:b8:4d:a2:b6:a3
Signer

Actual PE Digest

62:3f:42:45:4f:ab:11:b3:ba:01:fa:b7:22:90:8a:57:5f:fe:54:a3:f1:5a:8e:18:88:38:60:b8:4d:a2:b6:a3

Digest Algorithm

sha256

PE Digest Matches

true

d2:da:d6:b5:63:29:47:97:d6:06:eb:9b:c9:8e:16:af:17:70:c5:31
Signer

Actual PE Digest

d2:da:d6:b5:63:29:47:97:d6:06:eb:9b:c9:8e:16:af:17:70:c5:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\IDMGetAll\64bit\ReleaseMinDependency\IDMGetAll.pdb

Imports

wininet

InternetGetCookieA
InternetCombineUrlA

kernel32

GetCurrentThreadId
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiA
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
GetModuleHandleA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetProcessHeap
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcAddress
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
Sleep
TerminateProcess
FreeLibrary
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

CharNextW
MessageBoxA
CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SafeArrayCreate
SafeArrayDestroy
SysAllocStringLen
SafeArrayPutElement
VarBstrCat
SysStringLen
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysAllocString

msvcr90

__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
??3@YAXPEAX@Z
??_V@YAXPEAX@Z
_mbschr
_mbsstr
_mbsinc
_mbclen
??_U@YAPEAX_K@Z
memcpy
memset
vsprintf
wcslen
_ismbcdigit
atoi
__CxxFrameHandler3
strpbrk
strrchr
strstr
wcschr
wcsstr
??2@YAPEAX_K@Z
free
_CxxThrowException
wcsncat
wcscat
wcsncpy
wcscpy
strcpy
strlen
sprintf
_wcsicmp
memcmp
_mbsnbcpy_s
malloc
memcpy_s
strcpy_s
wcsncpy_s
strcat_s
__C_specific_handler
_resetstkoflw
_purecall
_recalloc
strchr
_memicmp
isalpha

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMGrHlp.exe
.exe windows:5 windows x86 arch:x86

055720b1d71187bd221e80b79d690573

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:7f:38:d4:72:5d:fc:f4:28:16:da:03:a5:a3:5b:f6:c7:8e:a4:54:0b:e0:68:a3:10:82:09:50:c5:48:94:58
Signer

Actual PE Digest

1f:7f:38:d4:72:5d:fc:f4:28:16:da:03:a5:a3:5b:f6:c7:8e:a4:54:0b:e0:68:a3:10:82:09:50:c5:48:94:58

Digest Algorithm

sha256

PE Digest Matches

true

8e:6e:76:8d:2e:4e:0b:8b:f6:79:ec:54:f3:35:25:fd:0b:c0:7d:39
Signer

Actual PE Digest

8e:6e:76:8d:2e:4e:0b:8b:f6:79:ec:54:f3:35:25:fd:0b:c0:7d:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\IDM_projects\IDMGrHlp3_VS9\Release\IDMGrHlp.pdb

Imports

wininet

InternetCombineUrlA

shell32

ShellExecuteA

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
HeapFree
RtlUnwind
RaiseException
HeapAlloc
GetCommandLineA
GetStartupInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
HeapSize
HeapCreate
VirtualFree
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
FileTimeToLocalFileTime
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetTickCount
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
GlobalFlags
WritePrivateProfileStringA
FileTimeToSystemTime
GetModuleHandleW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleFileNameW
GetThreadLocale
InterlockedIncrement
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GetProcessHeap
GlobalFindAtomA
lstrcmpW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
FreeLibrary
lstrcmpA
FormatMessageA
MulDiv
lstrlenA
SetLastError
LocalFree
LoadLibraryA
GetProcAddress
InterlockedDecrement
GetVersionExA
GetModuleHandleA
CreateThread
SleepEx
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SetUnhandledExceptionFilter
GetCurrentThreadId
ExitProcess
CreateFileW
GetFileSize
WriteFile
SetFilePointer
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
GetLastError
GlobalFree
MultiByteToWideChar
lstrlenW
IsValidCodePage

user32

InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
DestroyMenu
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
CharNextA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
GetMenuCheckMarkDimensions
CharUpperA
ReleaseCapture
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
KillTimer
SetTimer
IsWindow
UnregisterClassA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
MessageBoxA
PostQuitMessage
GetDesktopWindow
SetWindowsHookExA
GetClassNameA
GetWindowTextA
PostMessageA
CallNextHookEx
GetSystemMetrics
LoadIconA
EnableWindow
UpdateWindow
GetClientRect
GetWindowRect
IsIconic
SendMessageA
DrawIcon
PostThreadMessageA
UnhookWindowsHookEx
SetCapture
SetFocus

gdi32

ExtTextOutA
ExtSelectClipRgn
DeleteDC
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
TextOutA
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
GetStockObject
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
Escape

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemAlloc
CreateBindCtx
CoInitialize
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocStringLen
VarBstrCmp
SysAllocString
SysAllocStringByteLen

urlmon

CoInternetGetSession
CreateURLMoniker

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMIECC.dll
.dll regsvr32 windows:5 windows x86 arch:x86

9ad6800ca980a94ee8d0defa7db6be51

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:88:12:c4:2a:2b:60:a5:e2:5c:cf:24:4c:08:df:40:54:d1:33:dc:55:eb:bd:6e:04:74:aa:67:64:c0:bf:28
Signer

Actual PE Digest

9a:88:12:c4:2a:2b:60:a5:e2:5c:cf:24:4c:08:df:40:54:d1:33:dc:55:eb:bd:6e:04:74:aa:67:64:c0:bf:28

Digest Algorithm

sha256

PE Digest Matches

true

66:e4:22:58:87:5e:e1:be:3b:04:93:fb:39:7e:c0:d4:37:bb:4e:74
Signer

Actual PE Digest

66:e4:22:58:87:5e:e1:be:3b:04:93:fb:39:7e:c0:d4:37:bb:4e:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
InternetCrackUrlA
InternetGetCookieA
InternetCombineUrlW
GetUrlCacheEntryInfoA
InternetCombineUrlA

ws2_32

ntohl

kernel32

LoadLibraryA
LoadLibraryW
InterlockedDecrement
GetLocaleInfoA
GetProcAddress
GetStringTypeW
GetModuleHandleA
GetCurrentProcessId
SetEvent
GetCurrentThreadId
CreateThread
GetModuleFileNameA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
lstrcmpiA
TlsGetValue
GetModuleHandleW
TlsSetValue
CloseHandle
TlsFree
CreateMutexA
GetModuleFileNameW
TlsAlloc
IsDBCSLeadByte
GlobalUnlock
GlobalLock
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetWindowsDirectoryA
GetCurrentProcess
lstrcpynA
ResetEvent
CreateEventA
WaitForMultipleObjects
Sleep
GetVersionExA
ReadFile
FlushFileBuffers
SetStdHandle
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
WriteFile
HeapReAlloc
VirtualFree
HeapDestroy
HeapCreate
ExitProcess
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
FindFirstFileA
FindNextFileA
MulDiv
FindClose
MultiByteToWideChar
GetFileAttributesA
GetLastError
lstrlenA
WaitForSingleObject
ReleaseMutex
GetSystemTimeAsFileTime
lstrlenW
WideCharToMultiByte
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
CompareStringA
CompareStringW
HeapAlloc
HeapFree
GetProcessHeap
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetLastError
GetCommandLineA
GetTimeZoneInformation
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
RtlUnwind

user32

PostMessageA
PostQuitMessage
ScreenToClient
GetWindowRect
IntersectRect
GetSystemMetrics
GetClientRect
CharLowerBuffA
SendMessageA
IsWindow
ReleaseDC
GetParent
GetCursorPos
GetAsyncKeyState
GetKeyboardState
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetKeyState
MessageBoxW
MessageBoxA
CharNextW
CharNextA
SetPropA
LoadIconA
LoadCursorA
RegisterClassA
GetPropA
RemovePropA
PtInRect
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowTextLengthW
GetWindowTextW
GetClassNameA
FindWindowExA
GetDC

gdi32

TranslateCharsetInfo
GetDeviceCaps
GetStockObject

advapi32

RegDeleteKeyA
RegOpenKeyExW
RegNotifyChangeKeyValue
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
RegRestoreKeyA
RegLoadKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueExW
RegQueryValueExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoGetClassObject

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
VariantClear
VarBstrCmp
SafeArrayDestroy
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysFreeString
SysStringLen
GetErrorInfo
SysAllocStringLen

shlwapi

UrlUnescapeA

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetListenerState
InstallNSH

Sections

.text
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMIECC64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

47f341eea0690e7ecba148b5cff3304d

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:8e:f3:41:b2:e6:38:49:5f:cb:5c:b8:cf:fc:4e:42:31:41:79:54:1f:1b:cc:bc:c1:dd:5b:03:62:45:28:59
Signer

Actual PE Digest

cd:8e:f3:41:b2:e6:38:49:5f:cb:5c:b8:cf:fc:4e:42:31:41:79:54:1f:1b:cc:bc:c1:dd:5b:03:62:45:28:59

Digest Algorithm

sha256

PE Digest Matches

true

bc:76:3f:bd:4a:8b:51:24:5d:3f:d1:40:48:05:de:12:37:b6:cc:5c
Signer

Actual PE Digest

bc:76:3f:bd:4a:8b:51:24:5d:3f:d1:40:48:05:de:12:37:b6:cc:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\IDMIECC2\64bit\ReleaseMinDependency\IDMIECC64.pdb

Imports

wininet

InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
InternetCrackUrlA
InternetGetCookieA
InternetCombineUrlW
GetUrlCacheEntryInfoA
InternetCombineUrlA

ws2_32

ntohl

kernel32

GetVersionExA
GetProcAddress
GetLocaleInfoA
GetStringTypeW
GetModuleHandleA
GetCurrentProcessId
SetEvent
GetCurrentThreadId
CreateThread
GetModuleFileNameA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiA
TlsGetValue
GetModuleHandleW
TlsSetValue
CloseHandle
TlsFree
CreateMutexA
GetModuleFileNameW
TlsAlloc
IsDBCSLeadByte
GlobalUnlock
GlobalLock
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LoadLibraryA
GetWindowsDirectoryA
GetCurrentProcess
lstrcpynA
ResetEvent
CreateEventA
WaitForMultipleObjects
Sleep
SetEnvironmentVariableA
FindFirstFileA
ReadFile
FlushFileBuffers
SetStdHandle
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
HeapReAlloc
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
WriteFile
HeapDestroy
HeapCreate
HeapSetInformation
ExitProcess
HeapSize
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FindNextFileA
FindClose
MulDiv
LoadLibraryW
lstrlenA
MultiByteToWideChar
GetFileAttributesA
GetLastError
WaitForSingleObject
ReleaseMutex
lstrlenW
WideCharToMultiByte
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualProtect
SetEndOfFile
CompareStringA
CompareStringW
VirtualAlloc
GetSystemInfo
VirtualQuery
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlsAlloc
SetLastError
FlsFree
FlsGetValue
GetSystemTimeAsFileTime
HeapAlloc
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
GetProcessHeap
HeapFree
FlsSetValue
GetCommandLineA
EncodePointer
DecodePointer
GetTimeZoneInformation

user32

PostMessageA
PostQuitMessage
ScreenToClient
GetWindowRect
IntersectRect
GetSystemMetrics
GetClientRect
CharLowerBuffA
SendMessageA
IsWindow
ReleaseDC
GetParent
GetCursorPos
GetAsyncKeyState
GetKeyboardState
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetKeyState
MessageBoxW
MessageBoxA
CharNextW
CharNextA
SetPropA
LoadIconA
LoadCursorA
RegisterClassA
GetPropA
RemovePropA
PtInRect
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowTextLengthW
GetWindowTextW
GetClassNameA
FindWindowExA
GetDC

gdi32

TranslateCharsetInfo
GetDeviceCaps
GetStockObject

advapi32

RegRestoreKeyA
RegOpenKeyExW
RegNotifyChangeKeyValue
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
RegLoadKeyA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueExW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoGetClassObject

oleaut32

SafeArrayGetUBound
VariantInit
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayGetElement
SafeArrayDestroy
VarBstrCmp
VarBstrCat
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
GetErrorInfo
SafeArrayGetLBound

shlwapi

UrlUnescapeA

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetListenerState
InstallNSH

Sections

.text
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMIntegrator64.exe
.exe windows:5 windows x64 arch:x64

686f67c6bb9e40fa1405ff4a6eeebeb4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:52:b0:c3:74:b8:a1:79:30:85:13:15:53:07:44:08:04:a6:3d:00:8f:b4:29:65:c8:d8:c3:fd:a9:b3:1c:2f
Signer

Actual PE Digest

59:52:b0:c3:74:b8:a1:79:30:85:13:15:53:07:44:08:04:a6:3d:00:8f:b4:29:65:c8:d8:c3:fd:a9:b3:1c:2f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

X:\Projects\IDMIntegrator\Release_x64\IDMIntegrator64.pdb

Imports

msvcrt

_fmode
__set_app_type
_initterm
_wcmdln
_commode
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
__C_specific_handler
wcsstr
_wcslwr
_errno
__CxxFrameHandler
_fstat
__setusermatherr
_amsg_exit
_wstat
_stat
__iob_func
?terminate@@YAXXZ

kernel32

VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
OutputDebugStringA
FreeLibrary
GetModuleHandleW
GetProcAddress
ResetEvent
LoadLibraryW
CloseHandle
GetLastError
CreateEventW
GetVersionExW
GetFileAttributesW
WaitForSingleObject
CreateMutexW
WaitForMultipleObjects
GetModuleFileNameW
GetCurrentProcess
Sleep

user32

wsprintfW
GetForegroundWindow

advapi32

RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteExW

Exports

Exports

__acrt_iob_func
_fstat64i32
_stat64i32
_wstat64i32

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMMsgHost.exe
.exe windows:5 windows x86 arch:x86

3a6cc6f7d4eacbe32971343a675d95e9

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:9d:6a:bb:6a:66:2b:c1:9e:34:54:41:78:cc:a4:65:8a:7d:78:64:10:e6:36:ac:84:a3:23:8d:6d:25:6b:cd
Signer

Actual PE Digest

59:9d:6a:bb:6a:66:2b:c1:9e:34:54:41:78:cc:a4:65:8a:7d:78:64:10:e6:36:ac:84:a3:23:8d:6d:25:6b:cd

Digest Algorithm

sha256

PE Digest Matches

true

6f:5d:d5:6a:b9:db:af:c6:56:66:48:a3:ad:55:b2:61:a9:33:56:1d
Signer

Actual PE Digest

6f:5d:d5:6a:b9:db:af:c6:56:66:48:a3:ad:55:b2:61:a9:33:56:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\Projects\IDMRelease\6.38.20\IDMMsgHost\Release_Win32\IDMMsgHost.pdb

Imports

msvcrt

_lock
_onexit
??1type_info@@UAE@XZ
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_controlfp
memcpy
memset
_itoa
_itow
wcsncmp
_wcsnicmp
_unlock
_wcsicmp
malloc
free
realloc
_iob
__CxxFrameHandler
_fstat
_wstat
_stat
?terminate@@YAXXZ
__dllonexit
_CxxThrowException

kernel32

GetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
OpenMutexW
CreateSemaphoreW
GetCurrentProcessId
GetOverlappedResult
ResetEvent
CreateThread
LoadLibraryW
TerminateThread
SetEvent
ProcessIdToSessionId
CreateEventW
CreateFileW
WaitForSingleObject
WaitForMultipleObjects
WriteFile
ReleaseSemaphore
GetStdHandle
SetLastError
CancelIo
ReadFile
GetProcessTimes
CloseHandle
OpenProcess
GetVersionExW
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleW
GetProcAddress

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit

Exports

Exports

__acrt_iob_func
_fstat32
_stat32
_wstat32

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMMsgHost.json
IDMMsgHostMoz.json
IDMNetMon.dll
.dll windows:6 windows x86 arch:x86

2a7992251c285a385544c05377340f0a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:64:94:51:a0:16:40:5f:da:81:6f:dc:45:7f:a5:63:2c:82:96:db:56:78:85:e8:d3:a4:a7:78:cf:9c:c3:02
Signer

Actual PE Digest

58:64:94:51:a0:16:40:5f:da:81:6f:dc:45:7f:a5:63:2c:82:96:db:56:78:85:e8:d3:a4:a7:78:cf:9c:c3:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMNetMon\Release_Win32\IDMNetMon.pdb

Imports

psapi

GetModuleBaseNameW
EnumProcesses

ws2_32

htons
send
WSAGetLastError
recv
getpeername
ntohl
WSACleanup
WSACloseEvent
socket
WSACreateEvent
WSAStartup
accept
WSAEnumNetworkEvents
ntohs
listen
WSAEventSelect
getsockname
bind
shutdown
closesocket

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

_wcsnicmp
wcsncmp
_wcsicmp
_snwprintf
strcpy
strncpy
strstr
sscanf
fgets
wcsncat
wcsrchr
wcsncpy
_strnicmp
strncmp
wcsspn
wcspbrk
strspn
strpbrk
malloc
strlen
fclose
fread
_wfopen
free
realloc
tolower
_iob
strchr
wcschr
_vsnwprintf
_wcslwr
_strupr
_strlwr
_purecall
_time64
_wstat64
_fstat64
_fileno
fprintf
fwrite
isspace
isalpha
isalnum
_memicmp
_itoa
_i64toa
_itow
_wtoi
memcpy
isupper
islower
isdigit
toupper
memmove
memset
_unlock
_errno
_fstat
_wstat
_stat
_vsnprintf
__dllonexit
_stricmp
_except_handler3
__RTDynamicCast
_CxxThrowException
floor
_amsg_exit
_initterm
_XcptFilter
??1type_info@@UAE@XZ
_onexit
_lock
memchr

kernel32

GetLastError
MultiByteToWideChar
GetVersion
VirtualQuery
GetModuleHandleW
GetProcAddress
VirtualAlloc
VirtualProtect
GetProcessHeap
WideCharToMultiByte
HeapFree
GetSystemInfo
GetSystemDefaultLangID
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetSystemTime
ReadProcessMemory
OutputDebugStringA
GetLocaleInfoW
WriteFile
ReadFile
SetLastError
FreeLibrary
LoadLibraryExW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
CreateEventW
ProcessIdToSessionId
GetOverlappedResult
ResetEvent
ConnectNamedPipe
CreateNamedPipeW
ExitThread
TerminateThread
GetExitCodeThread
ResumeThread
CreateMutexW
DeviceIoControl
GetTickCount
GetCurrentThreadId
WaitForSingleObject
SetEvent
CreateThread
DisableThreadLibraryCalls
LoadLibraryW
GetSystemDirectoryW
GetProcessTimes
QueryDosDeviceW
GetLogicalDriveStringsW
GetModuleFileNameW
GetCurrentProcessId
CloseHandle
OpenProcess
GetCurrentProcess
GetVersionExW
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc

user32

PeekMessageW
TranslateMessage
PostThreadMessageW
MsgWaitForMultipleObjects
SetWinEventHook
SetWindowsHookExW
UnhookWinEvent
UnhookWindowsHookEx
GetWindowThreadProcessId
GetForegroundWindow
CallNextHookEx
MonitorFromWindow
GetMonitorInfoW
EnumChildWindows
MessageBoxW
GetClassNameW
FindWindowExW
SendMessageW
GetClientRect
ShowWindow
GetWindowRect
ClientToScreen
OffsetRect
PostMessageW
ReleaseDC
GetDC
FindWindowW
GetParent
EnumWindows
DispatchMessageW
GetWindowTextW
GetWindowTextLengthW
IsRectEmpty
GetWindowInfo
GetAncestor

gdi32

TranslateCharsetInfo
GetDeviceCaps

advapi32

RegDeleteValueW
CryptReleaseContext
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegEnumValueW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysStringLen
SysAllocString
VariantInit
VariantClear
SysFreeString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SysAllocStringLen
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
VarBstrFromUI4
VarBstrCat
SafeArrayDestroy

Exports

Exports

ControlMonitoring
__acrt_iob_func
_fstat32
_stat32
_wstat32
llroundf
lroundf

Sections

.text
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMNetMon64.dll
.dll windows:6 windows x64 arch:x64

2c894224b04ab8be2ce132da5751bbbc

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:d5:df:eb:e3:de:4b:ca:94:69:c1:26:e6:78:0d:75:b3:9b:9c:ab:07:68:17:eb:09:f5:5e:6f:63:e6:f5:0c
Signer

Actual PE Digest

e9:d5:df:eb:e3:de:4b:ca:94:69:c1:26:e6:78:0d:75:b3:9b:9c:ab:07:68:17:eb:09:f5:5e:6f:63:e6:f5:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMNetMon\Release_x64\IDMNetMon64.pdb

Imports

psapi

EnumProcesses
GetModuleBaseNameW

ws2_32

htons
send
WSAGetLastError
recv
getpeername
shutdown
closesocket
bind
ntohl
WSACleanup
WSACloseEvent
socket
WSACreateEvent
WSAStartup
accept
WSAEnumNetworkEvents
ntohs
listen
getsockname
WSAEventSelect

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

isalnum
isalpha
isspace
fwrite
fprintf
_fileno
_fstat64
_wstat64
_time64
_purecall
tolower
_stricmp
_wcsnicmp
wcsncmp
_wcsicmp
_snwprintf
strcpy
strncpy
strstr
strchr
sscanf
fgets
wcsncat
wcsrchr
wcsncpy
_strnicmp
strncmp
wcsspn
wcspbrk
_vsnwprintf
_itoa
strspn
strpbrk
_vscprintf
_resetstkoflw
malloc
__C_specific_handler
strlen
fclose
fread
_wfopen
free
realloc
_wcslwr
_strupr
_strlwr
_i64toa
_itow
_wtoi
memcpy
isupper
islower
isdigit
toupper
memmove
memset
memcmp
_errno
_fstat
_wstat
_stat
__iob_func
_vsnprintf
_memicmp
memchr
_amsg_exit
_initterm
_XcptFilter
??1type_info@@UEAA@XZ
_onexit
_lock
__dllonexit
_unlock
??0bad_cast@@QEAA@AEBV0@@Z
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@PEBD@Z
??0exception@@QEAA@AEBV0@@Z
??0bad_typeid@@QEAA@AEBV0@@Z
??0__non_rtti_object@@QEAA@AEBV0@@Z
??1__non_rtti_object@@UEAA@XZ
_CxxThrowException
??0__non_rtti_object@@QEAA@PEBD@Z
_vscwprintf
strcmp

kernel32

GetModuleFileNameW
GetCurrentProcessId
CloseHandle
IsWow64Process
OpenProcess
GetVersionExW
FindClose
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
WideCharToMultiByte
GetLastError
GetLogicalDriveStringsW
MultiByteToWideChar
Sleep
QueryDosDeviceW
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlPcToFileHeader
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetSystemTime
ReadProcessMemory
OutputDebugStringA
GetLocaleInfoW
WriteFile
ReadFile
SetLastError
FreeLibrary
LoadLibraryExW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
CreateEventW
ProcessIdToSessionId
GetOverlappedResult
ResetEvent
ConnectNamedPipe
CreateNamedPipeW
ExitThread
TerminateThread
GetExitCodeThread
ResumeThread
CreateMutexW
DeviceIoControl
GetTickCount
GetCurrentThreadId
WaitForSingleObject
SetEvent
CreateThread
DisableThreadLibraryCalls
LoadLibraryW
GetSystemDirectoryW
GetProcessTimes
GetCurrentProcess
GetProcAddress
GetModuleHandleW

user32

PeekMessageW
TranslateMessage
PostThreadMessageW
MsgWaitForMultipleObjects
SetWinEventHook
SetWindowsHookExW
UnhookWinEvent
UnhookWindowsHookEx
GetWindowThreadProcessId
GetForegroundWindow
CallNextHookEx
MonitorFromWindow
GetMonitorInfoW
EnumChildWindows
MessageBoxW
GetClassNameW
FindWindowExW
SendMessageW
GetClientRect
ShowWindow
GetWindowRect
ClientToScreen
OffsetRect
PostMessageW
ReleaseDC
GetDC
FindWindowW
GetParent
EnumWindows
DispatchMessageW
GetWindowTextW
GetWindowTextLengthW
IsRectEmpty
GetWindowInfo
GetAncestor

gdi32

TranslateCharsetInfo
GetDeviceCaps

advapi32

RegDeleteValueW
CryptReleaseContext
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegEnumValueW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysStringLen
SysAllocString
VariantInit
VariantClear
SysFreeString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SysAllocStringLen
SafeArrayUnlock
SafeArrayLock
VarBstrFromUI4
VarBstrCat
SafeArrayGetDim
SafeArrayCreate

Exports

Exports

ControlMonitoring
__acrt_iob_func
_fstat64i32
_stat64i32
_wstat64i32
llroundf
lroundf

Sections

.text
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMOpExt.nex
.zip
_locales/ar/messages.json
_locales/de/messages.json
_locales/en/messages.json
_locales/es/messages.json
_locales/fa/messages.json
_locales/fr/messages.json
_locales/he/messages.json
_locales/it/messages.json
_locales/nl/messages.json
_locales/pl/messages.json
_locales/pt/messages.json
_locales/ru/messages.json
_locales/th/messages.json
_locales/tr/messages.json
_locales/vn/messages.json
_locales/zh_cn/messages.json
_locales/zh_tw/messages.json
background.js
.js
captured.html
.js
content.js
.js
debug.js
.js
document.js
.js
images/headBkgd.gif
.gif
images/headTitle.gif
.gif
images/logo128.png
.png
images/logo16.png
.png
images/logo16x.png
.png
images/logo32.png
.png
images/logo32x.png
.png
images/logo48.png
.png
images/logoTonec.gif
.gif
manifest.json
welcome.html
welcome.js
.js
IDMShellExt.dll
.dll regsvr32 windows:6 windows x86 arch:x86

c5566aa576dfd045a7e2b834464f1a2e

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:52:d1:14:e9:05:be:66:55:76:ca:99:11:86:36:8e:b1:af:e7:52:c1:ab:d3:16:1c:9a:f9:30:b8:a4:dd:9f
Signer

Actual PE Digest

7b:52:d1:14:e9:05:be:66:55:76:ca:99:11:86:36:8e:b1:af:e7:52:c1:ab:d3:16:1c:9a:f9:30:b8:a4:dd:9f

Digest Algorithm

sha256

PE Digest Matches

true

99:8c:a7:ab:ac:b1:fd:c3:ea:90:db:60:43:68:85:bb:20:f0:e9:72
Signer

Actual PE Digest

99:8c:a7:ab:ac:b1:fd:c3:ea:90:db:60:43:68:85:bb:20:f0:e9:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMShellExt\Release_Win32\IDMShellExt.pdb

Imports

shell32

ord526
SHLoadNonloadedIconOverlayIdentifiers
SHChangeNotify

shlwapi

ord219

msvcrt

_onexit
_XcptFilter
_initterm
_amsg_exit
_lock
wcsrchr
__dllonexit
_wcsicmp
malloc
free
_iob
_fstat
_wstat
_stat
_unlock

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
GetTickCount
FreeLibrary
CreateThread
LoadLibraryW
Sleep
CreateEventW
LeaveCriticalSection
WaitForMultipleObjects
EnterCriticalSection
CloseHandle
DisableThreadLibraryCalls
GetLastError
GetVersionExW
InitializeCriticalSection
GetModuleFileNameW
GetCurrentProcess
GetModuleHandleW
GetProcAddress

advapi32

RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegNotifyChangeKeyValue
CreateWellKnownSid
CheckTokenMembership
GetTokenInformation
RegCloseKey
RegEnumKeyW

Exports

Exports

ControlMonitoring
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
__acrt_iob_func
_fstat32
_stat32
_wstat32

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMShellExt64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

495afcb36243e48f15e2b44773b40caf

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:e8:8f:3b:c6:eb:ad:c9:1c:7c:b0:ae:96:35:33:a6:54:bf:13:2c:0d:4a:91:6f:ad:4b:8a:d6:54:b1:68:19
Signer

Actual PE Digest

4e:e8:8f:3b:c6:eb:ad:c9:1c:7c:b0:ae:96:35:33:a6:54:bf:13:2c:0d:4a:91:6f:ad:4b:8a:d6:54:b1:68:19

Digest Algorithm

sha256

PE Digest Matches

true

a2:16:27:46:07:ce:de:91:6f:27:e8:6e:1f:92:18:78:85:74:74:db
Signer

Actual PE Digest

a2:16:27:46:07:ce:de:91:6f:27:e8:6e:1f:92:18:78:85:74:74:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMShellExt\Release_x64\IDMShellExt64.pdb

Imports

shell32

ord526
SHLoadNonloadedIconOverlayIdentifiers
SHChangeNotify

shlwapi

ord219

msvcrt

_unlock
__dllonexit
_lock
_onexit
_XcptFilter
_initterm
_amsg_exit
__C_specific_handler
wcsrchr
_wcsicmp
malloc
free
_fstat
_wstat
_stat
__iob_func

kernel32

GetModuleFileNameW
GetCurrentProcess
Sleep
TerminateProcess
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetTickCount
FreeLibrary
GetModuleHandleW
GetProcAddress
CreateThread
LoadLibraryW
CreateEventW
LeaveCriticalSection
WaitForMultipleObjects
EnterCriticalSection
CloseHandle
DisableThreadLibraryCalls
GetLastError
GetVersionExW

advapi32

RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegNotifyChangeKeyValue
CreateWellKnownSid
CheckTokenMembership
GetTokenInformation
RegCloseKey
RegEnumKeyW

Exports

Exports

ControlMonitoring
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
__acrt_iob_func
_fstat64i32
_stat64i32
_wstat64i32

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMVMPrs.dll
.dll windows:6 windows x86 arch:x86

71b3d32ab3c3e3a70d654b1438e3bde0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:51:6c:15:ed:51:9d:9c:e1:f7:ba:d3:87:a4:af:ba:47:01:39:56:34:6a:a2:ab:28:fe:ca:ef:2e:65:87:e2
Signer

Actual PE Digest

ff:51:6c:15:ed:51:9d:9c:e1:f7:ba:d3:87:a4:af:ba:47:01:39:56:34:6a:a2:ab:28:fe:ca:ef:2e:65:87:e2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMVMPrs\Release_Win32\IDMVMPrs.pdb

Imports

msvcrt

fwrite
fprintf
fopen
_wfopen
fread
toupper
getenv
_strnicmp
_read
_getcwd
_close
memset
memcpy
_XcptFilter
_initterm
_amsg_exit
fclose
fflush
vfprintf
realloc
sscanf
vsprintf
isdigit
atoi
_snprintf
strncpy
strcspn
strncmp
malloc
free
_iob
strchr
_errno
_fstat
_wstat
_stat
memmove
_vsnprintf

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
RtlUnwind
DeleteCriticalSection
CloseHandle
Sleep
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
GetVersion
GetSystemTimeAsFileTime

Exports

Exports

GetMPDParserInfo
Parse1
UTF8ToHtml
__acrt_iob_func
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
_fstat32
_stat32
_wstat32
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeStatus
htmlParseCharRef
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocParserInputBuffer
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlCanonicPath
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDocElementContent
xmlCopyElementContent
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocGetRootElement
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlEscapeFormatString
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFree
xmlFreeAttributeTable
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeURI
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashDefaultDeallocator
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCharGroup
xmlIsCombining
xmlIsCombiningGroup
xmlIsDigit
xmlIsDigitGroup
xmlIsExtender
xmlIsExtenderGroup
xmlIsID
xmlIsIdeographic
xmlIsIdeographicGroup
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsPubidChar_tab
xmlIsRef
xmlKeepBlanksDefault
xmlLineNumbersDefault
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
xmlListReverseWalk
xmlListSearch
xmlListSize
xmlListSort
xmlListWalk
xmlLoadExternalEntity
xmlLockLibrary
xmlMalloc
xmlMallocAtomic
xmlMallocAtomicLoc
xmlMallocLoc
xmlMemBlocks
xmlMemDisplay
xmlMemDisplayLast
xmlMemFree
xmlMemGet
xmlMemMalloc
xmlMemRealloc
xmlMemSetup
xmlMemShow
xmlMemStrdup
xmlMemStrdupLoc
xmlMemUsed
xmlMemoryDump
xmlMemoryStrdup
xmlMutexLock
xmlMutexUnlock
xmlNewCDataBlock
xmlNewCharEncodingHandler
xmlNewCharRef
xmlNewComment
xmlNewDoc
xmlNewDocComment
xmlNewDocElementContent
xmlNewDocNode
xmlNewDocNodeEatName
xmlNewDocPI
xmlNewDocProp
xmlNewDocText
xmlNewDocTextLen
xmlNewDtd
xmlNewElementContent
xmlNewEntity
xmlNewEntityInputStream
xmlNewIOInputStream
xmlNewInputFromFile
xmlNewInputStream
xmlNewMutex
xmlNewNode
xmlNewNodeEatName
xmlNewNs
xmlNewNsProp
xmlNewNsPropEatName
xmlNewPI
xmlNewParserCtxt
xmlNewProp
xmlNewRMutex
xmlNewReference
xmlNewStringInputStream
xmlNewText
xmlNewTextLen
xmlNextChar
xmlNoNetExternalEntityLoader
xmlNodeAddContent
xmlNodeAddContentLen
xmlNodeBufGetContent
xmlNodeGetBase
xmlNodeGetContent
xmlNodeGetLang
xmlNodeGetSpacePreserve
xmlNodeIsText
xmlNodeListGetString
xmlNodeSetContent
xmlNormalizeURIPath
xmlNormalizeWindowsPath
xmlOutputBufferCreateFilenameDefault
xmlParseAttValue
xmlParseAttributeListDecl
xmlParseAttributeType
xmlParseCDSect
xmlParseCharData
xmlParseCharEncoding
xmlParseCharRef
xmlParseComment
xmlParseContent
xmlParseCtxtExternalEntity
xmlParseDefaultDecl
xmlParseDocTypeDecl
xmlParseDocument
xmlParseElement
xmlParseElementChildrenContentDecl
xmlParseElementContentDecl
xmlParseElementDecl
xmlParseElementMixedContentDecl
xmlParseEncName
xmlParseEncodingDecl
xmlParseEntityDecl
xmlParseEntityRef
xmlParseEntityValue
xmlParseEnumeratedType
xmlParseEnumerationType
xmlParseExtParsedEnt
xmlParseExternalID
xmlParseExternalSubset
xmlParseInNodeContext
xmlParseMarkupDecl
xmlParseMisc
xmlParseName
xmlParseNmtoken
xmlParseNotationDecl
xmlParseNotationType
xmlParsePEReference
xmlParsePI
xmlParsePITarget
xmlParsePubidLiteral
xmlParseReference
xmlParseSDDecl
xmlParseSystemLiteral
xmlParseTextDecl
xmlParseURI
xmlParseURIRaw
xmlParseURIReference
xmlParseVersionInfo
xmlParseVersionNum
xmlParseXMLDecl
xmlParserAddNodeInfo
xmlParserError
xmlParserFindNodeInfo
xmlParserFindNodeInfoIndex
xmlParserGetDirectory
xmlParserHandlePEReference
xmlParserInputBufferCreateFd
xmlParserInputBufferCreateFile
xmlParserInputBufferCreateFilename
xmlParserInputBufferCreateFilenameDefault
xmlParserInputBufferCreateIO
xmlParserInputBufferCreateMem
xmlParserInputBufferCreateStatic
xmlParserInputBufferGrow
xmlParserInputBufferPush
xmlParserInputBufferRead
xmlParserInputGrow
xmlParserInputRead
xmlParserInputShrink
xmlParserMaxDepth
xmlParserPrintFileContext
xmlParserPrintFileInfo

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMVMPrs64.dll
.dll windows:6 windows x64 arch:x64

e3a157708823e1f02f49eddabcf625e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:9d:fa:c3:93:b6:4c:30:30:38:0a:cb:6c:3a:96:be:0e:33:c9:17:ad:90:00:89:e4:44:46:62:1f:f7:76:8d
Signer

Actual PE Digest

bc:9d:fa:c3:93:b6:4c:30:30:38:0a:cb:6c:3a:96:be:0e:33:c9:17:ad:90:00:89:e4:44:46:62:1f:f7:76:8d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMVMPrs\Release_x64\IDMVMPrs64.pdb

Imports

msvcrt

fclose
fwrite
fprintf
fopen
_wfopen
fread
toupper
getenv
_strnicmp
_read
_getcwd
_close
memcpy
memset
memmove
__C_specific_handler
vfprintf
_XcptFilter
_initterm
_amsg_exit
fflush
realloc
sscanf
vsprintf
isdigit
atoi
_snprintf
strncpy
strchr
strcspn
strncmp
malloc
free
_errno
_fstat
_wstat
_stat
__iob_func
_vsnprintf
strcmp

kernel32

GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
DeleteCriticalSection
CloseHandle
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
lstrlenA
Sleep
GetCurrentProcessId

Exports

Exports

GetMPDParserInfo
Parse1
UTF8ToHtml
__acrt_iob_func
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
_fstat64i32
_stat64i32
_wstat64i32
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeStatus
htmlParseCharRef
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocParserInputBuffer
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlCanonicPath
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDocElementContent
xmlCopyElementContent
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocGetRootElement
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlEscapeFormatString
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFree
xmlFreeAttributeTable
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeURI
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashDefaultDeallocator
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCharGroup
xmlIsCombining
xmlIsCombiningGroup
xmlIsDigit
xmlIsDigitGroup
xmlIsExtender
xmlIsExtenderGroup
xmlIsID
xmlIsIdeographic
xmlIsIdeographicGroup
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsPubidChar_tab
xmlIsRef
xmlKeepBlanksDefault
xmlLineNumbersDefault
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
xmlListReverseWalk
xmlListSearch
xmlListSize
xmlListSort
xmlListWalk
xmlLoadExternalEntity
xmlLockLibrary
xmlMalloc
xmlMallocAtomic
xmlMallocAtomicLoc
xmlMallocLoc
xmlMemBlocks
xmlMemDisplay
xmlMemDisplayLast
xmlMemFree
xmlMemGet
xmlMemMalloc
xmlMemRealloc
xmlMemSetup
xmlMemShow
xmlMemStrdup
xmlMemStrdupLoc
xmlMemUsed
xmlMemoryDump
xmlMemoryStrdup
xmlMutexLock
xmlMutexUnlock
xmlNewCDataBlock
xmlNewCharEncodingHandler
xmlNewCharRef
xmlNewComment
xmlNewDoc
xmlNewDocComment
xmlNewDocElementContent
xmlNewDocNode
xmlNewDocNodeEatName
xmlNewDocPI
xmlNewDocProp
xmlNewDocText
xmlNewDocTextLen
xmlNewDtd
xmlNewElementContent
xmlNewEntity
xmlNewEntityInputStream
xmlNewIOInputStream
xmlNewInputFromFile
xmlNewInputStream
xmlNewMutex
xmlNewNode
xmlNewNodeEatName
xmlNewNs
xmlNewNsProp
xmlNewNsPropEatName
xmlNewPI
xmlNewParserCtxt
xmlNewProp
xmlNewRMutex
xmlNewReference
xmlNewStringInputStream
xmlNewText
xmlNewTextLen
xmlNextChar
xmlNoNetExternalEntityLoader
xmlNodeAddContent
xmlNodeAddContentLen
xmlNodeBufGetContent
xmlNodeGetBase
xmlNodeGetContent
xmlNodeGetLang
xmlNodeGetSpacePreserve
xmlNodeIsText
xmlNodeListGetString
xmlNodeSetContent
xmlNormalizeURIPath
xmlNormalizeWindowsPath
xmlOutputBufferCreateFilenameDefault
xmlParseAttValue
xmlParseAttributeListDecl
xmlParseAttributeType
xmlParseCDSect
xmlParseCharData
xmlParseCharEncoding
xmlParseCharRef
xmlParseComment
xmlParseContent
xmlParseCtxtExternalEntity
xmlParseDefaultDecl
xmlParseDocTypeDecl
xmlParseDocument
xmlParseElement
xmlParseElementChildrenContentDecl
xmlParseElementContentDecl
xmlParseElementDecl
xmlParseElementMixedContentDecl
xmlParseEncName
xmlParseEncodingDecl
xmlParseEntityDecl
xmlParseEntityRef
xmlParseEntityValue
xmlParseEnumeratedType
xmlParseEnumerationType
xmlParseExtParsedEnt
xmlParseExternalID
xmlParseExternalSubset
xmlParseInNodeContext
xmlParseMarkupDecl
xmlParseMisc
xmlParseName
xmlParseNmtoken
xmlParseNotationDecl
xmlParseNotationType
xmlParsePEReference
xmlParsePI
xmlParsePITarget
xmlParsePubidLiteral
xmlParseReference
xmlParseSDDecl
xmlParseSystemLiteral
xmlParseTextDecl
xmlParseURI
xmlParseURIRaw
xmlParseURIReference
xmlParseVersionInfo
xmlParseVersionNum
xmlParseXMLDecl
xmlParserAddNodeInfo
xmlParserError
xmlParserFindNodeInfo
xmlParserFindNodeInfoIndex
xmlParserGetDirectory
xmlParserHandlePEReference
xmlParserInputBufferCreateFd
xmlParserInputBufferCreateFile
xmlParserInputBufferCreateFilename
xmlParserInputBufferCreateFilenameDefault
xmlParserInputBufferCreateIO
xmlParserInputBufferCreateMem
xmlParserInputBufferCreateStatic
xmlParserInputBufferGrow
xmlParserInputBufferPush
xmlParserInputBufferRead
xmlParserInputGrow
xmlParserInputRead
xmlParserInputShrink
xmlParserMaxDepth
xmlParserPrintFileContext
xmlParserPrintFileInfo

Sections

.text
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IDMan.exe
.exe windows:5 windows x86 arch:x86

7b8d983565478bdc1ccabfea31fdb5f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\IDM_projects\IDM_vs2008_2\Release\IDMan.pdb

Imports

kernel32

InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
SetErrorMode
WritePrivateProfileStringA
FindResourceExA
RtlUnwind
GetTimeFormatA
GetDateFormatA
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
GetLocalTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RemoveDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GlobalHandle
GetStartupInfoA
VirtualAlloc
VirtualQuery
ExitThread
HeapSize
IsDebuggerPresent
IsValidCodePage
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetHandleCount
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
GlobalReAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
GetProfileIntA
GetTickCount
GetFullPathNameA
FindFirstFileA
DuplicateHandle
UnlockFile
LockFile
GetThreadLocale
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
RaiseException
InterlockedExchange
LocalReAlloc
GetDiskFreeSpaceW
GetVolumeInformationW
SetThreadExecutionState
CreateProcessA
GetSystemInfo
InterlockedDecrement
GetComputerNameA
FreeResource
GetCurrentDirectoryA
GetACP
GetSystemDefaultLangID
GetUserDefaultLangID
EnterCriticalSection
LeaveCriticalSection
CreateThread
SleepEx
lstrcpynA
ReadFile
CreateDirectoryA
CopyFileA
MoveFileA
LocalAlloc
FormatMessageA
CreateDirectoryW
CopyFileW
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetModuleFileNameA
TlsFree
TlsGetValue
GetFileAttributesExW
FileTimeToSystemTime
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
DeviceIoControl
SetFileAttributesW
FlushFileBuffers
InitializeCriticalSection
DeleteCriticalSection
GetVolumeInformationA
GetCommandLineW
GetWindowsDirectoryW
SetFileAttributesA
DeleteFileA
SetEvent
TerminateProcess
lstrlenA
LoadLibraryW
VirtualProtect
lstrcmpiA
GetDriveTypeW
GetLocaleInfoA
GetVersion
SetLastError
LoadLibraryA
GetCurrentProcessId
lstrlenW
GetSystemDirectoryA
GetSystemDirectoryW
lstrcatA
SetFilePointer
SetEndOfFile
GetFileAttributesA
GetWindowsDirectoryA
GetModuleFileNameW
GetModuleHandleA
WriteFile
GetExitCodeProcess
MoveFileW
DeleteFileW
RemoveDirectoryW
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateProcessW
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
CreateEventA
WaitForMultipleObjects
ResetEvent
GetCurrentProcess
GetSystemTime
SystemTimeToFileTime
SetFileTime
GlobalAlloc
GlobalFree
MoveFileExW
GetProcessHeap
HeapFree
HeapAlloc
OpenProcess
GetVersionExA
CreateFileA
CreateFileW
FreeLibrary
Sleep
CreateMutexA
OpenMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
GetModuleHandleW
GetProcAddress
GlobalSize
GlobalLock
GlobalUnlock
GetFileAttributesW
GetLastError
FormatMessageW
LocalFree
MulDiv
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetCommandLineA
SizeofResource

user32

DeferWindowPos
AdjustWindowRectEx
GetClassInfoA
GetClassInfoExA
GetScrollPos
SetMenu
MapWindowPoints
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetClassLongA
IsChild
WinHelpA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
IsClipboardFormatAvailable
CharUpperA
InflateRect
IsRectEmpty
MapDialogRect
SetWindowContextHelpId
SetRectEmpty
GetAsyncKeyState
IsZoomed
UnregisterClassA
PostThreadMessageA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
GetWindowPlacement
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsDialogMessageA
SendDlgItemMessageA
GetDlgItemTextA
GetMenuState
DrawFrameControl
SetRect
DrawStateA
DeleteMenu
DrawIconEx
IntersectRect
GetSysColorBrush
FrameRect
PeekMessageA
SetActiveWindow
WindowFromPoint
ClientToScreen
UnionRect
SetClassLongA
SetDlgItemTextA
ModifyMenuA
GetMenuItemInfoW
FillRect
CopyIcon
GetKeyboardLayoutList
SetPropA
GetPropA
RemovePropA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
DestroyIcon
GetDlgItemTextW
GetClassNameA
SetCursorPos
SetLayeredWindowAttributes
UpdateWindow
CloseWindow
CreateWindowExA
RegisterClassA
DefDlgProcA
DestroyWindow
GetWindowLongA
BeginPaint
EndPaint
GetWindowDC
GetMenu
RegisterWindowMessageA
GetKeyState
RegisterClipboardFormatA
GetDlgCtrlID
LoadImageW
LoadImageA
SetWindowsHookExA
DestroyMenu
CreatePopupMenu
TrackPopupMenu
GetMessagePos
LoadCursorA
SetCursor
ReleaseCapture
GetSystemMetrics
AppendMenuW
ModifyMenuW
DrawTextW
UnhookWindowsHookEx
SetWindowLongA
CallWindowProcA
SystemParametersInfoA
CheckMenuItem
SetClipboardViewer
ChangeClipboardChain
SetCapture
GetCapture
ScreenToClient
IsIconic
DrawMenuBar
RemoveMenu
EnableMenuItem
DrawFocusRect
DrawIcon
EqualRect
OffsetRect
CharUpperBuffW
GetWindow
EnumWindows
SetForegroundWindow
IsWindowVisible
wsprintfW
MessageBoxA
GetComboBoxInfo
MessageBoxW
LoadBitmapA
SetPropW
SystemParametersInfoW
CheckMenuRadioItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
GetCursorPos
GetClientRect
CopyRect
PtInRect
FindWindowA
GetWindowThreadProcessId
MsgWaitForMultipleObjects
GetParent
SetParent
KillTimer
SetTimer
InvalidateRect
GetFocus
SetFocus
SendMessageW
GetForegroundWindow
ExitWindowsEx
wsprintfA
ReleaseDC
MessageBeep
MoveWindow
GetWindowTextLengthA
ShowWindow
SetDlgItemTextW
GetWindowTextLengthW
PostMessageA
IsWindowEnabled
GetWindowTextA
IsWindow
CreateWindowExW
SetWindowPos
SetWindowTextA
GetWindowRect
SetWindowTextW
GetWindowTextW
LoadStringA
DefWindowProcW
GetDesktopWindow
LoadIconA
GetDC
SendMessageA
GetDlgItem
GetSysColor
EnableWindow
CallNextHookEx

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreateBitmap
GetBkColor
GetCharWidthA
StretchDIBits
GetTextColor
GetRgnBox
EnumFontFamiliesExA
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetBkMode
RestoreDC
SaveDC
GetClipBox
CopyMetaFileA
SetStretchBltMode
GetMapMode
SetMapMode
LPtoDP
DPtoLP
ExtTextOutW
CreateRectRgnIndirect
CreateFontIndirectA
GetTextMetricsA
GetStockObject
CreateCompatibleBitmap
DeleteObject
SelectObject
StretchBlt
BitBlt
DeleteDC
TranslateCharsetInfo
GetDIBits
CreateDIBSection
GetObjectW
CreateFontIndirectW
GetDeviceCaps
CreatePen
SetTextColor
SetBkColor
CreateSolidBrush
GetTextExtentPoint32W
GetTextExtentPoint32A
CreateFontA
CreateCompatibleDC

comdlg32

ChooseFontW
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegRestoreKeyA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegEnumKeyW
RegDeleteKeyW
DuplicateTokenEx
GetLengthSid
SetTokenInformation
CreateProcessAsUserW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetUserNameW
GetUserNameA
RegCloseKey
RegLoadKeyA
RegSaveKeyA
RegEnumValueA
RegCreateKeyExW
RegFlushKey
RegDeleteValueW
RegSetValueExW
RegNotifyChangeKeyValue
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExW
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA

comctl32

ord17
ImageList_GetIcon

shlwapi

StrCmpLogicalW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 876KB - Virtual size: 875KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IEExt.htm
.html .vbs polyglot
IEGetAll.htm
.html .vbs polyglot
IEGetVL.htm
.html .vbs polyglot
IEGetVL2.htm
.html .vbs polyglot
IEMonitor.exe
.exe windows:5 windows x86 arch:x86

cc50bc11c112d01154ce3385b76d7d36

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:41:7a:04:69:39:31:f3:f2:9a:fd:f7:12:24:b5:38:4c:6b:da:e1:1d:81:b0:2d:48:1e:8d:5f:8a:d1:e0:2d
Signer

Actual PE Digest

e9:41:7a:04:69:39:31:f3:f2:9a:fd:f7:12:24:b5:38:4c:6b:da:e1:1d:81:b0:2d:48:1e:8d:5f:8a:d1:e0:2d

Digest Algorithm

sha256

PE Digest Matches

true

1b:c3:5a:aa:22:41:5d:65:04:94:38:1b:0c:c2:d4:33:a8:94:45:5b
Signer

Actual PE Digest

1b:c3:5a:aa:22:41:5d:65:04:94:38:1b:0c:c2:d4:33:a8:94:45:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
GetFileTime
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCommandLineA
GetStartupInfoA
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
VirtualFree
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetModuleHandleW
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetModuleFileNameW
FormatMessageA
MulDiv
lstrlenA
GetTickCount
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
RaiseException
InterlockedExchange
LocalFree
LocalAlloc
ExitProcess
lstrcpynA
FreeLibrary
InterlockedDecrement
GetVersionExA
LoadLibraryW
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
ReleaseMutex
CloseHandle
CreateMutexA
GetLastError
GetProcAddress
GetModuleHandleA
HeapCreate
GetModuleFileNameA

user32

SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
PostThreadMessageA
CharUpperA
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
DrawIcon
SendMessageA
PostMessageA
IsIconic
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyMenu
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetWindowTextA
InvalidateRect
GetClientRect
SetTimer
KillTimer
LoadIconA
GetSystemMetrics
EnableWindow
GetKeyboardState
GetKeyState
GetClassNameA
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetDlgItem
DestroyWindow
IsWindow
IsChild

gdi32

GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ExtSelectClipRgn
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateBitmap
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
SysAllocStringLen
SysAllocString
VariantInit
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
VariantChangeType
VariantCopy
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
GetErrorInfo
SysStringLen

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediumILStart.exe
.exe windows:5 windows x86 arch:x86

8b9e8171fedea437adc3b4da24139da4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:7e:a5:0a:70:1c:12:3a:59:20:87:c2:6d:c8:99:1b:25:2b:59:a3:ca:97:9f:ae:82:7e:37:e3:f6:6f:53:b6
Signer

Actual PE Digest

64:7e:a5:0a:70:1c:12:3a:59:20:87:c2:6d:c8:99:1b:25:2b:59:a3:ca:97:9f:ae:82:7e:37:e3:f6:6f:53:b6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\IDM_projects\MediumILStart\Release\MediumILStart.pdb

Imports

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

TerminateProcess
Sleep
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

ec78679ef28febdf08bf42c1424103e9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:98:63:ba:a9:0f:f0:a2:8f:f3:36:25:2c:29:dc:05:39:a8:cf:8d:5a:10:7b:e3:f4:9c:e6:17:7f:5d:1d:54
Signer

Actual PE Digest

28:98:63:ba:a9:0f:f0:a2:8f:f3:36:25:2c:29:dc:05:39:a8:cf:8d:5a:10:7b:e3:f4:9c:e6:17:7f:5d:1d:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shlwapi

SHDeleteKeyW

kernel32

CopyFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
ExitThread
DeleteFileW
ExitProcess
lstrcpyW
lstrcmpW
UnmapViewOfFile
MultiByteToWideChar
GetSystemTime
CreateEventW
MapViewOfFile
SetFileTime
GetFileTime
CreateFileMappingW
GetFileSize
MoveFileExW
TerminateProcess
OpenProcess
CreateDirectoryW
RemoveDirectoryW
FindClose
CreateProcessW
FindFirstFileW
SetEndOfFile
SetFilePointer
GetShortPathNameW
WriteFile
LocalFree
FormatMessageW
GetUserDefaultLangID
GetSystemDefaultLangID
SetCurrentDirectoryW
LocalAlloc
GetExitCodeThread
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
MulDiv
CreateThread
HeapAlloc
HeapFree
GetProcessHeap
GetDiskFreeSpaceW
ResumeThread
SuspendThread
WideCharToMultiByte
CompareFileTime
GetExitCodeProcess
GetLastError
CreateFileW
GetModuleFileNameW
GetModuleHandleW
GetCurrentProcess
GetVersionExW
lstrlenW
GetWindowsDirectoryW
Sleep
GetSystemDirectoryW
CreateMutexW
OpenMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrcmpiW
LoadLibraryW
GetProcAddress
FreeLibrary
GetFileAttributesW
lstrcatW
FindNextFileW
GetStartupInfoW

user32

EnumWindows
MessageBoxW
wsprintfW
GetForegroundWindow
SendMessageW
SetDlgItemTextW
SendDlgItemMessageW
wsprintfA
EnableWindow
GetDlgItem
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PostQuitMessage
GetKeyboardLayoutList
DestroyWindow
GetDlgCtrlID
GetFocus
DialogBoxParamW
GetDesktopWindow
GetWindow
SetWindowTextW
IsDialogMessageW
ExitWindowsEx
GetDC
ReleaseDC
CreateWindowExW
CallWindowProcW
GetParent
SetFocus
IsIconic
BeginPaint
GetSystemMetrics
DrawIcon
GetWindowRect
ScreenToClient
EndPaint
CharUpperW
FindWindowW
GetMessageW
GetWindowThreadProcessId
GetWindowTextW
GetClientRect
SetWindowPos
GetWindowLongW
SetWindowLongW
SetForegroundWindow
PostMessageW
GetWindowDC
CreateDialogParamW
LoadIconW
ShowWindow

gdi32

LPtoDP
GetDeviceCaps
DPtoLP
SetMapMode
GetMapMode
TranslateCharsetInfo

advapi32

RegQueryInfoKeyW
AllocateAndInitializeSid
RegSetValueExA
FreeSid
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

OleLoadPicture
LoadTypeLibEx

msvcrt

_controlfp
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_wcsnicmp
strcpy
strrchr
atoi
strcmp
_snwprintf
_wfopen
fgets
sscanf
fclose
_CxxThrowException
_itow
strstr
strchr
memmove
wcschr
wcsncpy
_ftime
_ftol
memcpy
_stricmp
strncpy
_wcsupr
wcscmp
time
_wsplitpath
strlen
wcsncmp
free
malloc
memcmp
??2@YAPAXI@Z
wcsstr
memset
wcsrchr
wcslen
wcscat
wcscpy
??3@YAXPAX@Z
__CxxFrameHandler
__p__commode
__p__fmode
__set_app_type
_adjust_fdiv

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
defexclist.txt
downlWithIDM.dll
.dll regsvr32 windows:5 windows x86 arch:x86

e9c835d9e0fff1797698bab84f6a63cd

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

55:66:90:8d:85:50:21:0d:ee:1d:11:c9:8c:f7:0f:16:35:4b:c4:d2:e8:7b:c3:d4:f1:52:c5:c8:71:d6:e7:16
Signer

Actual PE Digest

55:66:90:8d:85:50:21:0d:ee:1d:11:c9:8c:f7:0f:16:35:4b:c4:d2:e8:7b:c3:d4:f1:52:c5:c8:71:d6:e7:16

Digest Algorithm

sha256

PE Digest Matches

true

87:7a:44:8f:75:02:58:4e:98:e0:a9:99:43:ac:8c:6c:c0:56:02:72
Signer

Actual PE Digest

87:7a:44:8f:75:02:58:4e:98:e0:a9:99:43:ac:8c:6c:c0:56:02:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetGetCookieA
InternetCombineUrlA

kernel32

FindFirstFileA
GlobalUnlock
GlobalLock
GetModuleFileNameA
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiA
FindNextFileA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleHandleA
FindClose
GetProcAddress
GetLastError
MultiByteToWideChar
lstrlenA
lstrlenW
WideCharToMultiByte
DisableThreadLibraryCalls
LoadLibraryA
SetFilePointer
CreateFileA
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteFile
GetStringTypeW
GetStringTypeA
HeapFree
RtlUnwind
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
HeapReAlloc
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
HeapSize
ExitProcess
LCMapStringA
LCMapStringW

user32

CharNextW
GetKeyState
MessageBoxW
MessageBoxA
CharNextA

gdi32

TranslateCharsetInfo

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA

ole32

CoTaskMemFree
CoCreateInstance
CoGetMalloc
CoInitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoUninitialize

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SafeArrayCreate
SafeArrayDestroy
SafeArrayPutElement
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VarBstrCat
SysFreeString
SysStringLen
VariantClear
VariantInit
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
downlWithIDM64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

9eeba2f8f5a7367a86f73cef94d7d6e1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

78:28:c7:31:58:08:bc:87:17:71:0e:13:fa:3c:0b:24
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18/05/2016, 00:00

Not After

15/07/2019, 23:59

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:b9:55:fb:88:8e:2d:d6:c8:31:92:d7:e7:88:28:62
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16/05/2016, 00:00

Not After

15/07/2019, 23:59

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:9a:7f:9b:95:09:15:2b:81:b7:f2:5f:09:93:95:59:3c:a4:8a:2e:e2:dc:d1:dc:0e:46:b9:2b:ea:ef:0b:cb
Signer

Actual PE Digest

2e:9a:7f:9b:95:09:15:2b:81:b7:f2:5f:09:93:95:59:3c:a4:8a:2e:e2:dc:d1:dc:0e:46:b9:2b:ea:ef:0b:cb

Digest Algorithm

sha256

PE Digest Matches

true

6a:e0:f1:e8:6d:9e:a5:4f:31:52:ca:76:8f:c4:8b:87:d9:9a:e1:11
Signer

Actual PE Digest

6a:e0:f1:e8:6d:9e:a5:4f:31:52:ca:76:8f:c4:8b:87:d9:9a:e1:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\downlWithIDM\64bit\ReleaseMinDependency\downlWithIDM.pdb

Imports

wininet

InternetGetCookieA
InternetCombineUrlA

kernel32

FindFirstFileA
GlobalUnlock
GlobalLock
GetModuleFileNameA
GetCurrentThreadId
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiA
DisableThreadLibraryCalls
FindNextFileA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleHandleA
FindClose
GetProcAddress
GetLastError
MultiByteToWideChar
lstrlenA
lstrlenW
WideCharToMultiByte
GetTickCount
GetCurrentProcessId
GetModuleHandleW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep

user32

MessageBoxW
CharNextW
CharNextA
GetKeyState
MessageBoxA

gdi32

TranslateCharsetInfo

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoGetMalloc
CoInitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SafeArrayCreate
SafeArrayDestroy
SafeArrayPutElement
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VarBstrCat
SysFreeString
SysStringLen
VariantClear
VariantInit

msvcr90

__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
isdigit
_strnicmp
??2@YAPEAX_K@Z
_recalloc
_purecall
_resetstkoflw
__C_specific_handler
??3@YAXPEAX@Z
strchr
strpbrk
strrchr
strstr
memchr
wcschr
wcsstr
_mbsstr
free
_CxxThrowException
memcpy_s
memset
__CxxFrameHandler3
??_V@YAXPEAX@Z
strcmp
strcpy
??_U@YAPEAX_K@Z
strlen
memcpy
memmove
_stricmp
_memicmp
wcsncat
wcscat
wcsncpy
wcslen
wcscpy
wcscmp
isalpha
fclose
sscanf
memcmp
fgets
fopen
sprintf
_splitpath
_wcsicmp
_mbsinc
_mbclen
vsprintf
_ismbcdigit
atoi
_mbsnbcpy_s
malloc
strcpy_s
wcsncpy_s
strcat_s

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
grabber.chm
.chm
idmBroker.exe
.exe windows:5 windows x86 arch:x86

e9bdfa0eca9121a8a6ea497367a8bd98

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6d:0b:83:ab:e3:4e:b6:33:24:91:95:a6:22:22:0a:6c:7d:26:0b:32:19:c9:16:5b:be:3b:f2:ce:9f:c9:b8:64
Signer

Actual PE Digest

6d:0b:83:ab:e3:4e:b6:33:24:91:95:a6:22:22:0a:6c:7d:26:0b:32:19:c9:16:5b:be:3b:f2:ce:9f:c9:b8:64

Digest Algorithm

sha256

PE Digest Matches

true

d0:84:ef:60:6e:a1:d9:04:89:d7:54:5d:c0:62:b8:5e:ea:2b:a8:70
Signer

Actual PE Digest

d0:84:ef:60:6e:a1:d9:04:89:d7:54:5d:c0:62:b8:5e:ea:2b:a8:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\IDM_projects\idmBroker\idmBroker\Release\idmBroker.pdb

Imports

kernel32

CreateEventW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
SetEvent
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetCommandLineW
SetUnhandledExceptionFilter
FindClose
FindNextFileW
FindFirstFileW
GetVersionExW
CreateThread
GetACP
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
GetFileAttributesW
EnterCriticalSection
LeaveCriticalSection
CreateFileA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
GetModuleFileNameW
Sleep
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WaitForSingleObject
LoadLibraryW
CloseHandle
WriteConsoleA
ReadFile
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsW

user32

CharUpperW
TranslateMessage
DispatchMessageW
GetMessageW
PostThreadMessageW
GetAsyncKeyState
CharNextW

gdi32

TranslateCharsetInfo

advapi32

RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW

ole32

CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
CoInitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayPutElement
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idman.chm
.chm
idmantypeinfo.tlb
idmbrbtn.dll
.dll windows:4 windows x86 arch:x86

8d7ee77e91e240839cec1399f590476c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

89:9b:11:4b:b9:fc:47:1b:2a:0a:0d:6d:bf:74:75:ae:b6:cb:fb:b4:1c:67:b0:e2:d3:a6:87:ef:3e:eb:b1:f4
Signer

Actual PE Digest

89:9b:11:4b:b9:fc:47:1b:2a:0a:0d:6d:bf:74:75:ae:b6:cb:fb:b4:1c:67:b0:e2:d3:a6:87:ef:3e:eb:b1:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMBrBtn\Release_Win32\idmbrbtn.pdb

Imports

advapi32

RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW

gdi32

TranslateCharsetInfo
CreateFontIndirectW
DeleteObject
GetObjectW
SetBkMode
SetTextColor
GetTextExtentPoint32W
DeleteDC
GetTextMetricsW
GetDeviceCaps
GetStockObject
StretchBlt
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateCompatibleBitmap
BitBlt
EnumFontFamiliesExW

msimg32

AlphaBlend

msvcrt

_wfopen
realloc
fclose
_iob
strchr
wcschr
memcpy
free
_fstat
_wstat
_stat
memset
malloc
wcsncat
wcsncpy
strncpy
fgets
strncmp
sscanf
strspn
strstr
wcsrchr
floor
memmove
_amsg_exit
_initterm
_XcptFilter
_onexit
_lock
__dllonexit
_unlock
_wcsnicmp
iswalnum
wcsspn
wcsncmp
wcsstr
_i64tow
_snwprintf
_wcsicmp
wcscspn

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetCurrentProcessId
LoadLibraryW
OpenProcess
GetACP
GetSystemDirectoryW
GetVersionExW
GetLocaleInfoW
GetModuleFileNameW
GetTickCount
lstrcmpiW
GetFileSize
ResetEvent
CreateThread
CloseHandle
TerminateThread
CreateEventW
DuplicateHandle
CreateFileW
WaitForSingleObject
CreateMutexW
lstrlenW
GetCurrentProcess
SetLastError
WideCharToMultiByte
GetLastError
MultiByteToWideChar
GetSystemDefaultLangID
FindClose
FindNextFileW
FindFirstFileW
GetVersion
GetModuleHandleW
GetProcAddress

user32

CharUpperW
CharLowerW
GetWindowDC
GetWindowThreadProcessId
GetWindowTextLengthW
DefWindowProcW
PostMessageW
GetWindowRect
DestroyWindow
GetDC
SetWindowPos
MessageBoxW
CopyImage
MonitorFromWindow
CreateWindowExW
GetCursor
UnregisterClassW
CreatePopupMenu
RealGetWindowClassW
TrackPopupMenu
ShowWindow
InvalidateRgn
OffsetRect
SetTimer
ClientToScreen
DefDlgProcW
RegisterClassW
TrackMouseEvent
MoveWindow
DestroyMenu
SetLayeredWindowAttributes
IntersectRect
LoadIconW
LoadCursorW
SetCapture
SetCursor
SetWindowLongW
GetClientRect
AppendMenuW
DrawTextW
KillTimer
PtInRect
ReleaseCapture
LoadImageW
ShowCursor
InvalidateRect
ReleaseDC
GetWindowTextW
GetWindowLongW
FindWindowExW
SendMessageW
IsRectEmpty

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SafeArrayGetLBound
SysStringByteLen
SafeArrayPutElement
SafeArrayGetElement
SysAllocStringLen
SysFreeString
SafeArrayCreate
SysAllocString
VariantInit
SafeArrayCreateVector
SafeArrayDestroy
SysStringLen

Exports

Exports

CreateDownlSelWtIDMButton
CreateIDMButton
CreateIDMButton2
CreateIDMButton3
GetVersionInfo
SetIDMButtonValue3
__acrt_iob_func
_fstat32
_stat32
_wstat32
lroundf

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmbrbtn64.dll
.dll windows:6 windows x64 arch:x64

0e5ae6362b582a16b462db91eb4b0e0d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28/07/2022, 00:00

Not After

06/08/2025, 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:1c:6c:1e:69:bb:0e:ae:34:6c:0d:1f:d3:c5:2d:14:c3:ab:07:10:3b:d5:44:51:95:32:94:97:e6:27:83:84
Signer

Actual PE Digest

6f:1c:6c:1e:69:bb:0e:ae:34:6c:0d:1f:d3:c5:2d:14:c3:ab:07:10:3b:d5:44:51:95:32:94:97:e6:27:83:84

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\IDMBrBtn\Release_x64\idmbrbtn64.pdb

Imports

advapi32

RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW

gdi32

TranslateCharsetInfo
CreateFontIndirectW
DeleteObject
GetObjectW
SetBkMode
SetTextColor
GetTextExtentPoint32W
DeleteDC
GetTextMetricsW
GetDeviceCaps
GetStockObject
StretchBlt
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateCompatibleBitmap
BitBlt
EnumFontFamiliesExW

msimg32

AlphaBlend

msvcrt

wcscspn
floor
wcsrchr
strchr
_wcsicmp
strspn
sscanf
strncmp
fgets
strncpy
wcsncpy
wcsncat
malloc
free
_wfopen
realloc
fclose
_snwprintf
_i64tow
wcsstr
wcsncmp
wcschr
wcsspn
iswalnum
_wcsnicmp
memcpy
memset
_amsg_exit
_initterm
_XcptFilter
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
strstr
memmove
__iob_func
_stat
_wstat
_fstat

kernel32

Sleep
FindFirstFileW
FindNextFileW
FindClose
GetSystemDefaultLangID
MultiByteToWideChar
GetLastError
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetCurrentProcessId
LoadLibraryW
OpenProcess
GetACP
GetSystemDirectoryW
GetVersionExW
GetLocaleInfoW
GetModuleFileNameW
GetTickCount
lstrcmpiW
GetFileSize
ResetEvent
CreateThread
CloseHandle
TerminateThread
CreateEventW
DuplicateHandle
CreateFileW
WaitForSingleObject
CreateMutexW
lstrlenW
GetCurrentProcess
SetLastError

user32

CharUpperW
CharLowerW
GetWindowDC
GetWindowLongW
GetWindowThreadProcessId
GetWindowTextLengthW
DefWindowProcW
PostMessageW
GetWindowRect
DestroyWindow
GetDC
SetWindowPos
MessageBoxW
CopyImage
MonitorFromWindow
SetWindowLongPtrW
CreateWindowExW
GetCursor
UnregisterClassW
CreatePopupMenu
RealGetWindowClassW
TrackPopupMenu
ShowWindow
InvalidateRgn
OffsetRect
SetTimer
ClientToScreen
DefDlgProcW
RegisterClassW
TrackMouseEvent
MoveWindow
DestroyMenu
SetLayeredWindowAttributes
IntersectRect
LoadIconW
LoadCursorW
SetCapture
SetCursor
GetClientRect
AppendMenuW
DrawTextW
KillTimer
PtInRect
ReleaseCapture
LoadImageW
ShowCursor
InvalidateRect
ReleaseDC
GetWindowTextW
FindWindowExW
SendMessageW
GetWindowLongPtrW
IsRectEmpty

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SafeArrayGetLBound
SafeArrayGetElement
VariantInit
SafeArrayDestroy
SysStringByteLen
SysFreeString
SafeArrayCreate
SysAllocString
SysStringLen
SafeArrayCreateVector
SafeArrayPutElement
SysAllocStringLen

Exports

Exports

CreateDownlSelWtIDMButton
CreateIDMButton
CreateIDMButton2
CreateIDMButton3
GetVersionInfo
SetIDMButtonValue3
__acrt_iob_func
_fstat64i32
_stat64i32
_wstat64i32
lroundf

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmcchandler2.dll
.dll windows:5 windows x86 arch:x86

50c293ae2379fe31404837ffcbeef2ad

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:4f:32:8f:3e:ff:4f:b9:8f:53:43:81:17:88:f7:8a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

21/05/2013, 00:00

Not After

19/06/2016, 23:59

Subject

CN=Tonec Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\Mozilla\idmcchandler_old\64bit\Release\idmcchandler.pdb

Imports

wininet

InternetCombineUrlA

msvcrt

_i64toa
isdigit
_i64tow
strncmp
sprintf
wcsncmp
atoi
memchr
_itoa
_strnicmp
isalpha
isalnum
isspace
strncpy
strpbrk
wcsncpy
iswdigit
_wcsnicmp
strstr
_wcsicmp
_snprintf
_wsplitpath
fgets
_wfopen
sscanf
fclose
_mbsstr
strrchr
memset
swscanf
memmove
_stricmp
_CxxThrowException
wcsstr
_snwprintf
wcsrchr
??2@YAPAXI@Z
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_XcptFilter
_initterm
_amsg_exit
_memicmp
memcpy
malloc
free
strchr
wcschr
_wcslwr
_strupr
__CxxFrameHandler
_strlwr

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

kernel32

GetProcAddress
GetStringTypeW
GetModuleHandleW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetCurrentThreadId
ReadFile
SetEnvironmentVariableA
CreateMutexA
CreateFileA
GetFileSize
GetCurrentProcess
GetFileAttributesA
GetWindowsDirectoryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetSystemDirectoryA
CreateThread
GetLastError
GetCurrentProcessId
GetLocaleInfoA
WaitForSingleObject
ReleaseMutex
GetVersionExA
LoadLibraryA
FindFirstFileW
FindNextFileW
FindClose
MulDiv
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
CloseHandle
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
GetVersion

user32

LoadCursorA
GetCursorPos
IsWindow
GetClassNameA
GetParent
GetKeyboardState
GetKeyState
ReleaseDC
GetDC
SendMessageA
PostMessageA
MessageBoxA
LoadIconA
ShowWindow
RegisterClassA
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
PtInRect
GetClientRect
GetSystemMetrics
IntersectRect

gdi32

GetStockObject
GetDeviceCaps

advapi32

AdjustTokenPrivileges
RegLoadKeyA
RegRestoreKeyA
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
GetUserNameA
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCreate
VariantInit

Exports

Exports

IDMMzCC_DownloadAllWithIDM
IDMMzCC_DownloadLast10FLVwithIDM
IDMMzCC_DownloadLastFLVwithIDM
IDMMzCC_DownloadLinkWithIDM
IDMMzCC_GetListenerState
IDMMzCC_Observe
IDMMzCC_ShouldLoad
IDMMzCC_ShouldLoad_old1

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmcchandler2_64.dll
.dll windows:5 windows x64 arch:x64

e58a7880d9f120a9074aef6c3b26c186

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:4f:32:8f:3e:ff:4f:b9:8f:53:43:81:17:88:f7:8a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

21/05/2013, 00:00

Not After

19/06/2016, 23:59

Subject

CN=Tonec Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\Mozilla\idmcchandler_old\64bit\Release\idmcchandler64.pdb

Imports

wininet

InternetCombineUrlA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

kernel32

ReleaseMutex
WaitForSingleObject
GetLocaleInfoA
GetStringTypeW
GetCurrentProcessId
GetLastError
CreateThread
LoadLibraryA
GetSystemDirectoryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
FindFirstFileW
GetFileAttributesA
GetVersionExA
GetCurrentProcess
GetFileSize
CreateFileA
CreateMutexA
SetEnvironmentVariableA
ReadFile
GetCurrentThreadId
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
RtlVirtualUnwind
FindNextFileW
FindClose
MulDiv
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
GetProcAddress
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetWindowsDirectoryA
GetSystemTimeAsFileTime

user32

ShowWindow
ReleaseDC
GetDC
SendMessageA
PostMessageA
IntersectRect
GetSystemMetrics
GetClientRect
PtInRect
ScreenToClient
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
DefWindowProcA
RegisterClassA
LoadCursorA
LoadIconA
MessageBoxA
GetKeyState
GetKeyboardState
GetParent
GetClassNameA
IsWindow
GetCursorPos

gdi32

GetDeviceCaps
GetStockObject

advapi32

RegLoadKeyA
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteKeyA
RegRestoreKeyA
GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

VariantInit
SafeArrayCreate
SafeArrayDestroy
SafeArrayPutElement
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString

msvcr90

_mbsstr
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__C_specific_handler
_i64toa
memcmp
isdigit
memchr
_i64tow
strncmp
sprintf
wcsncmp
_strlwr
_itoa
_strnicmp
isalpha
isalnum
isspace
strncpy
strpbrk
wcsncpy
_wcslwr
strchr
free
malloc
memcpy
_memicmp
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
wcsrchr
_snwprintf
wcsstr
__CxxFrameHandler3
_CxxThrowException
_stricmp
memmove
swscanf
memset
strrchr
wcschr
iswdigit
fclose
sscanf
fgets
_wfopen
_wsplitpath
_wcsicmp
_snprintf
strstr
_wcsnicmp
_strupr
atoi

Exports

Exports

IDMMzCC_DownloadAllWithIDM
IDMMzCC_DownloadLast10FLVwithIDM
IDMMzCC_DownloadLastFLVwithIDM
IDMMzCC_DownloadLinkWithIDM
IDMMzCC_GetListenerState
IDMMzCC_Observe
IDMMzCC_ShouldLoad
IDMMzCC_ShouldLoad_old1

Sections

.text
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmcchandler7.dll
.dll windows:5 windows x86 arch:x86

1d300db3e2591ff8fc38f7079d57a478

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:3c:9a:11:47:2a:6b:83:5a:e6:7c:90:82:83:81:ea:35:e0:9a:03:e7:56:4b:c5:cf:d7:a7:34:93:e4:4c:fd
Signer

Actual PE Digest

a9:3c:9a:11:47:2a:6b:83:5a:e6:7c:90:82:83:81:ea:35:e0:9a:03:e7:56:4b:c5:cf:d7:a7:34:93:e4:4c:fd

Digest Algorithm

sha256

PE Digest Matches

true

62:f2:23:74:c8:b2:22:34:39:f8:76:73:4e:a9:db:57:f4:7c:61:25
Signer

Actual PE Digest

62:f2:23:74:c8:b2:22:34:39:f8:76:73:4e:a9:db:57:f4:7c:61:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\Mozilla\idmcchandler\64bit\Release\idmcchandler.pdb

Imports

wininet

InternetCombineUrlA

msvcrt

wcscspn
iswspace
_i64toa
_i64tow
_wtoi64
strncmp
sprintf
isdigit
memchr
_itoa
atoi
_strnicmp
isalpha
isalnum
isspace
strncpy
strpbrk
wcsncpy
iswdigit
wcsncmp
_wcsicmp
_snprintf
_wsplitpath
_wfopen
fgets
sscanf
fclose
_wcsnicmp
wcstoul
_mbsstr
wcspbrk
strstr
strrchr
memset
swscanf
memmove
_stricmp
_CxxThrowException
wcsstr
_snwprintf
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_XcptFilter
_initterm
_amsg_exit
wcsrchr
??2@YAPAXI@Z
??3@YAXPAX@Z
_memicmp
memcpy
malloc
free
strchr
wcschr
_wcslwr
_strupr
__CxxFrameHandler
_strlwr

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

kernel32

GetProcAddress
GetStringTypeW
LoadLibraryW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
GetFileAttributesW
CreateFileW
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateEventA
ResetEvent
GetCurrentThreadId
ReadFile
SetEnvironmentVariableA
OutputDebugStringA
OutputDebugStringW
CreateMutexA
CreateFileA
GetFileSize
GetCurrentProcess
GetFileAttributesA
GetWindowsDirectoryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetSystemDirectoryA
CreateThread
GetLastError
GetCurrentProcessId
GetLocaleInfoA
WaitForSingleObject
ReleaseMutex
LoadLibraryA
GetVersionExA
FindFirstFileW
FindNextFileW
FindClose
MulDiv
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetModuleHandleA
GetModuleFileNameW
GetModuleHandleW
GetVersion

user32

LoadCursorA
ShowWindow
ReleaseDC
GetDC
IntersectRect
GetCursorPos
GetClassNameA
GetParent
IsWindow
GetKeyboardState
GetKeyState
MessageBoxW
MessageBoxA
LoadIconA
PostMessageA
RegisterClassA
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
PtInRect
SendMessageA
GetClientRect
GetSystemMetrics

gdi32

GetStockObject
TranslateCharsetInfo
GetDeviceCaps

advapi32

LookupPrivilegeValueA
RegDeleteKeyA
RegLoadKeyA
RegRestoreKeyA
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyExW
RegNotifyChangeKeyValue
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
GetUserNameA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCreate
VariantInit

Exports

Exports

IDMMzCC_DownloadAllWithIDM
IDMMzCC_DownloadLast10FLVwithIDM
IDMMzCC_DownloadLastFLVwithIDM
IDMMzCC_DownloadLinkWithIDM
IDMMzCC_GetListenerState
IDMMzCC_InitCC
IDMMzCC_Observe
IDMMzCC_OnGetSelectedTabID
IDMMzCC_OnME
IDMMzCC_OnTabSelect
IDMMzCC_OnUnload
IDMMzCC_ShouldLoad
IDMMzCC_ShouldLoad2
IDMMzCC_ShouldLoad_old1

Sections

.text
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmcchandler7_64.dll
.dll windows:5 windows x64 arch:x64

7ac0eda9d6d9ff6c6cff5e90f8c35ca2

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:89:0b:5d:e2:b6:64:67:ea:97:a5:5a:b2:6b:c9:0f:e5:0c:96:46:5a:4b:36:74:20:c9:db:1c:3a:5c:c1:43
Signer

Actual PE Digest

81:89:0b:5d:e2:b6:64:67:ea:97:a5:5a:b2:6b:c9:0f:e5:0c:96:46:5a:4b:36:74:20:c9:db:1c:3a:5c:c1:43

Digest Algorithm

sha256

PE Digest Matches

true

aa:02:73:05:63:6c:5e:62:5d:8f:2f:79:6d:40:ff:19:ee:5d:09:0c
Signer

Actual PE Digest

aa:02:73:05:63:6c:5e:62:5d:8f:2f:79:6d:40:ff:19:ee:5d:09:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

s:\IDM_projects\Mozilla\idmcchandler\64bit\Release\idmcchandler64.pdb

Imports

wininet

InternetCombineUrlA

version

GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW

kernel32

GetLocaleInfoA
GetStringTypeW
GetCurrentProcessId
GetLastError
CreateThread
LoadLibraryA
GetSystemDirectoryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetWindowsDirectoryA
GetFileAttributesA
GetCurrentProcess
GetFileSize
CreateFileA
CreateMutexA
OutputDebugStringW
OutputDebugStringA
SetEnvironmentVariableA
ReadFile
GetCurrentThreadId
ResetEvent
CreateEventA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WaitForSingleObject
FindNextFileW
WriteConsoleA
FlushFileBuffers
SetStdHandle
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
ReleaseMutex
GetVersionExA
CreateFileW
FindFirstFileW
FindClose
MulDiv
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
GetFileAttributesW
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
HeapSize
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FlsAlloc
SetLastError
HeapFree
HeapAlloc
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
FlsSetValue
GetCommandLineA
HeapSetInformation
HeapCreate
HeapDestroy
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree

user32

GetDC
IntersectRect
ReleaseDC
ShowWindow
PostMessageA
GetCursorPos
GetClassNameA
GetParent
IsWindow
GetKeyboardState
GetKeyState
MessageBoxW
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassA
DefWindowProcA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
PtInRect
SendMessageA
GetClientRect
GetSystemMetrics

gdi32

TranslateCharsetInfo
GetDeviceCaps
GetStockObject

advapi32

OpenProcessToken
RegOpenKeyExW
RegNotifyChangeKeyValue
RegSetValueExA
RegCreateKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
RegRestoreKeyA
RegLoadKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueExW

shell32

ShellExecuteA

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

VariantInit
SafeArrayCreate
SafeArrayDestroy
SafeArrayPutElement
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString

Exports

Exports

IDMMzCC_DownloadAllWithIDM
IDMMzCC_DownloadLast10FLVwithIDM
IDMMzCC_DownloadLastFLVwithIDM
IDMMzCC_DownloadLinkWithIDM
IDMMzCC_GetListenerState
IDMMzCC_InitCC
IDMMzCC_Observe
IDMMzCC_OnGetSelectedTabID
IDMMzCC_OnME
IDMMzCC_OnTabSelect
IDMMzCC_OnUnload
IDMMzCC_ShouldLoad
IDMMzCC_ShouldLoad2
IDMMzCC_ShouldLoad_old1

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmfc.dat
idmfsa.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6dd8e34e93a2e5e32c852e32b49f970d

Code Sign

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30/07/2019, 00:00

Not After

03/08/2022, 12:00

Subject

CN=Tonec Inc.,OU=Internet Download Manager,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ac:7c:d2:61:5c:3c:d3:a8:3f:8b:b4:be:56:ca:7c:d0:00:79:4f:de:c6:10:fc:4a:0c:7a:bc:1c:9d:1c:7a:b7
Signer

Actual PE Digest

ac:7c:d2:61:5c:3c:d3:a8:3f:8b:b4:be:56:ca:7c:d0:00:79:4f:de:c6:10:fc:4a:0c:7a:bc:1c:9d:1c:7a:b7

Digest Algorithm

sha256

PE Digest Matches

true

cb:2b:0a:4e:af:2a:dc:33:97:cb:67:9d:8c:ea:2c:76:3e:77:d6:4b
Signer

Actual PE Digest

cb:2b:0a:4e:af:2a:dc:33:97:cb:67:9d:8c:ea:2c:76:3e:77:d6:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTime
FlushFileBuffers
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
FreeLibrary
CreateFileW
SetFileAttributesW
GetProcAddress
LoadLibraryA
GetModuleHandleA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
SystemTimeToFileTime
InterlockedDecrement
lstrlenW
MultiByteToWideChar
lstrlenA
GetShortPathNameA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
lstrcpyA
lstrcatA
SetFileTime
WideCharToMultiByte
GetFileAttributesW
CopyFileW
DeleteFileW
CreateDirectoryW
MoveFileW
GetModuleFileNameA
GetVersionExA
GetCurrentProcess
GetLastError
LocalAlloc
LocalFree
EnterCriticalSection
CloseHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TerminateProcess
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
LCMapStringA
LCMapStringW
ExitProcess
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc

user32

CharNextA

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

ole32

CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

oleaut32

RegisterTypeLi
BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
SysFreeString
VarUI4FromStr
SysAllocString
LoadTypeLi
BSTR_UserUnmarshal
LoadRegTypeLi
SysStringLen

rpcrt4

NdrStubForwardingFunction
NdrStubCall2
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 152B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmftype.dll
.dll windows:4 windows x86 arch:x86

37434fe31c525527aa4fd9f7c992e050

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2010, 00:00

Not After

01/06/2013, 23:59

Subject

CN=Tonec Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Secure Application Development,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7a:a2:2b:0f:0b:ed:c5:8d:27:91:b2:04:76:91:cd:38:08:fb:85:e2
Signer

Actual PE Digest

7a:a2:2b:0f:0b:ed:c5:8d:27:91:b2:04:76:91:cd:38:08:fb:85:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

x:\Projects\FileType\Release\IDMFType.pdb

Imports

msvcrt

toupper
isspace
ctime
gmtime
asctime
_strnicmp
strncmp
memcpy
?terminate@@YAXXZ
??1type_info@@UAE@XZ
isupper
_initterm
_amsg_exit
_adjust_fdiv
islower
realloc
_snprintf
strcspn
_stricmp
tolower
malloc
strncpy
??2@YAPAXI@Z
??3@YAXPAX@Z
fclose
fseek
fread
fopen
free
strchr
_vsnprintf
_XcptFilter
__CxxFrameHandler
_CxxThrowException

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetSystemTimeAsFileTime

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

IDMExtensionForMimeType
IDMFileType

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
idmindex.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dda1a1d1f8a1d13ae0297b47046b26e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 392KB

.ndata Size: - Virtual size: 1.1MB

.rsrc Size: 44KB - Virtual size: 43KB

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 662B

68b7023f8923dd087549802f8fa631c3

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 420B

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 927B

.data Size: - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 512B - Virtual size: 254B

f811252742cee99958ced610cdfd96ef

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 392KB

.ndata
Size: - Virtual size: 1.1MB

.rsrc
Size: 44KB - Virtual size: 43KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 662B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 420B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 927B

.data
Size: - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 254B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

46:60:fc:32:bd:52:1d:77:f2:11:c1:33:6a:a9:8b:9e
Certificate

3b:17:36:10:d3:f1:9e:b0:b4:cd:13:9f:ed:8e:66:47:32:f8:61:32
Signer

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 182B

06:c5:07:8a:a5:28:bb:d3:b8:66:8a:b1:0b:03:5f:94
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

09:96:cb:38:36:ac:ef:b7:37:c2:12:d1:55:41:7e:f1
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

0c:4a:5b:49:b4:ab:8d:52:e8:3f:26:2f:37:bb:66:09:1c:4d:c1:10:47:7e:89:7f:e2:00:eb:58:fd:a1:1b:e6
Signer

46:93:71:35:d5:7e:46:d1:47:4b:d9:c2:3b:de:4f:9f:99:98:be:9e
Signer

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB