!!SetUp_2244_PassW0rds$[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

!!SetUp_2244_PassW0rds$.zip
Size

10.4MB
MD5

41ceb7544c4f077303f7d9d5e41ebd20
SHA1

c6a48ae6ba43446e98629929dd3e21656ebcf530
SHA256

d3d35ff8f3f4c305ccc30fd1b93c1f57fa5618aac9c66be7dfa96363322fb706
SHA512

8856ee797e7bfcd2b6f84adc76a2e651bd68bfe568a512689847e7c08d377aa5a0a1124fa0809e1d8459308e6bb747bd75676aa80a7f49ae725ee9ca419c0d45
SSDEEP

196608:J1pzZuTJozxpAKwhcyZov8FrKQ20/sIQ5I/EejqxXqZKerebfzRK:J1Lu67whRUGKhOxQiMxNereb7RK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/acdbase.dll

Files

!!SetUp_2244_PassW0rds$.zip
.zip
Setup.exe
.exe windows:6 windows x64 arch:x64

02a74d7a9b3b884417c13378a220e2d9

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:c7:04:34:83:3e:02:90:65:0b:14:89:3f:1f:92:39
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

31-12-2021 00:00

Not After

30-12-2024 23:59

Subject

CN=Poikosoft,O=Poikosoft,ST=Pirkanmaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:96:10:2c:09:ae:73:d0:24:15:40:7e:79:75:df:ff:39:ef:fe:f8:73:66:47:4d:c5:7a:54:80:96:52:cd:be
Signer

Actual PE Digest

2c:96:10:2c:09:ae:73:d0:24:15:40:7e:79:75:df:ff:39:ef:fe:f8:73:66:47:4d:c5:7a:54:80:96:52:cd:be

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReleaseMutex
Sleep
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentProcessId
CreateThread
SetErrorMode
InitializeCriticalSection
GetModuleFileNameA
SetFilePointer
CreateFileA
ExitProcess
GetLocalTime
LeaveCriticalSection
GetTickCount
EnterCriticalSection
IsBadReadPtr
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetShortPathNameA
SearchPathA
GetTempPathA
GetTempPathW
GetTempFileNameA
GetTempFileNameW
GetWindowsDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
DeleteFileA
MoveFileA
CreateProcessA
GetStartupInfoA
GetCommandLineA
GetCurrentThreadId
ReadFile
GetFileSize
SetEnvironmentVariableA
GetProcessHeap
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTimeZoneInformation
LoadLibraryW
FreeLibrary
SetConsoleCtrlHandler
FatalAppExitA
IsValidCodePage
GetOEMCP
GetACP
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetVersion
HeapSetInformation
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
FlsAlloc
GetCurrentThread
SetLastError
LoadLibraryA
GetLastError
GetProcAddress
VirtualAlloc
VirtualProtect
GetEnvironmentVariableA
GetCommandLineW
FreeConsole
CreateEventA
CloseHandle
SetEvent
GetModuleHandleA
FlsFree
FlsSetValue
DeleteCriticalSection
EncodePointer
DecodePointer
SetEndOfFile
SetFilePointerEx
CreateFileW
FindClose
RemoveDirectoryW
DeleteFileW
DeviceIoControl
GetFullPathNameW
FindFirstFileW
FindNextFileW
GetFileAttributesW
CreateDirectoryExW
CopyFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileInformationByHandle
GetFileAttributesExW
GetFileTime
SetFileTime
MoveFileExW
GetDiskFreeSpaceExW
CreateDirectoryW
AreFileApisANSI
LocalFree
FormatMessageA
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetStartupInfoW
GetModuleHandleW
HeapFree
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
HeapAlloc
GetCPInfo
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
FlsGetValue
CompareStringW

user32

PeekMessageA
TranslateMessage
DispatchMessageA
BeginPaint
EndPaint
KillTimer
LoadCursorA
GetAsyncKeyState
GetSystemMetrics
SetTimer
PostMessageA
IsWindow
DefWindowProcA
DefDlgProcA
DrawTextA
CreateDialogParamA
RegisterClassExA
DialogBoxParamA
SendMessageW
GetWindowTextLengthA
GetWindowTextA
CreateWindowExA
GetDesktopWindow
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
LoadStringW
FindWindowA
SendMessageA
WaitForInputIdle
DestroyWindow
MessageBoxA
RegisterClassA

gdi32

CreateCompatibleDC
SelectObject
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
BitBlt

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

SHGetSpecialFolderPathA

Exports

Exports

AboutForm
Amazon
AudioCDOptions
BurnISO
CDDBSelectCategory
ConvertWnd
ConvertWnd_Single
ConverterOptions
Copy
CoverArtWnd
CoverArtWnd2
CueSheetErrorForm
CustomCoverArtSize
DSPForm
EncoderInfo
EnterKeyForm
EraseDisc
Erasing
FC_GetMetadata
FreedbSubmitForm
GetMetadataForm
LyricsEditor
MBManual
Mainform
Make_ISO_Image_Status_Form
MemoEditor
NamePreview
OverWritePrompt
Profile_Add_New
Profile_Editor
ReadTOCForm
ReminderForm
RipperOptions
Settings2AudioCDCreatorForm
Settings2AudioCDRipperDriveForm
Settings2AudioCDRipperForm
Settings2AudioConverterForm
Settings2AudioQualityForm
Settings2FileFormatForm
Settings2Form
Settings2GeneralFilenameGenerationForm
Settings2GeneralForm
Settings2GeneralInternetDiscDatabaseForm
Settings2GeneralMetadataForm
ShowCuesheet
TAccurateCDDAStatusWindow
TCoverArtPreview
TMetadata
TStatusWindow
UpdateCheckForm
WriterForm
_ZN10Jamdialogs12FinalizationEv
_ZN10Jamdialogs14TJamBaseDialog10GetVersionEv
_ZN10Jamdialogs14initializationEv
_ZN10Jamdialogs19TJamBrowseForFolderC3EPN6System7Classes10TComponentE
_ZN10Jamdialogs20TJamBaseBrowseDialog10JamExecuteEP6HWND__
_ZN10Jamdialogs20TJamBaseBrowseDialog10SetOptionsEN6System3SetINS_14TJamBrowseFlagELS3_0ELS3_7EEE
_ZN10Jamdialogs20TJamBaseBrowseDialog11SetRootedAtEN3Jam5Shell5Types15TJamShellFolderE
_ZN10Jamdialogs20TJamBaseBrowseDialog12GetDialogTopEv
_ZN10Jamdialogs20TJamBaseBrowseDialog12SetDialogTopEi
_ZN10Jamdialogs20TJamBaseBrowseDialog12SetSelectionEP6HWND__N6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN10Jamdialogs20TJamBaseBrowseDialog12ShowXPDialogEP6HWND__
_ZN10Jamdialogs20TJamBaseBrowseDialog13GetDialogLeftEv
_ZN10Jamdialogs20TJamBaseBrowseDialog13SetDialogLeftEi
_ZN10Jamdialogs20TJamBaseBrowseDialog13SetItemIdListEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN10Jamdialogs20TJamBaseBrowseDialog14AdjustPositionEv
_ZN10Jamdialogs20TJamBaseBrowseDialog14SetWindowTitleEN6System13UnicodeStringE
_ZN10Jamdialogs20TJamBaseBrowseDialog15FileDialogCloseEPN6System7TObjectERb
_ZN10Jamdialogs20TJamBaseBrowseDialog15ShowVistaDialogEP6HWND__
_ZN10Jamdialogs20TJamBaseBrowseDialog16GetSpecialFolderEv
_ZN10Jamdialogs20TJamBaseBrowseDialog16SetSelectionPathEP6HWND__N6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN10Jamdialogs20TJamBaseBrowseDialog16SetSpecialFolderEN3Jam5Shell5Types15TJamShellFolderE
_ZN10Jamdialogs20TJamBaseBrowseDialog17DoOkButtonClickedEPN6System7TObjectE
_ZN10Jamdialogs20TJamBaseBrowseDialog18SetOKButtonEnabledEb
_ZN10Jamdialogs20TJamBaseBrowseDialog21BrowseCallbackHandlerEP6HWND__jxx
_ZN10Jamdialogs20TJamBaseBrowseDialog22SetDialogButtonCaptionEN6System13UnicodeStringE
_ZN10Jamdialogs20TJamBaseBrowseDialog27SetRootedAtFileSystemFolderEN6System13UnicodeStringE
_ZN10Jamdialogs20TJamBaseBrowseDialog7ExecuteEP6HWND__
_ZN10Jamdialogs20TJamBaseBrowseDialog7ExecuteEv
_ZN10Jamdialogs20TJamBaseBrowseDialog7GetPathEv
_ZN10Jamdialogs20TJamBaseBrowseDialog7SetPathEN6System13UnicodeStringE
_ZN10Jamdialogs20TJamBaseBrowseDialog8DoChangeEPN6System7TObjectE
_ZN10Jamdialogs20TJamBaseBrowseDialog8SetTitleEN6System13UnicodeStringE
_ZN10Jamdialogs20TJamBaseBrowseDialogC3EPN6System7Classes10TComponentE
_ZN10Jamdialogs23TJamNetConnectionDialog10JamExecuteEP6HWND__
_ZN10Jamdialogs23TJamNetConnectionDialog10SetOptionsEN6System3SetINS_18TJamConnectionFlagELS3_0ELS3_2EEE
_ZN10Jamdialogs23TJamNetConnectionDialog13SetRemotePathEN6System13UnicodeStringE
_ZN10Jamdialogs23TJamNetConnectionDialog7ExecuteEP6HWND__
_ZN10Jamdialogs23TJamNetConnectionDialog7ExecuteEv
_ZN10Jamdialogs23TJamNetConnectionDialogC3EPN6System7Classes10TComponentE
_ZN10Jamdialogs23TJamNetDisconnectDialog10JamExecuteEP6HWND__
_ZN10Jamdialogs23TJamNetDisconnectDialog13DialogWndProcERN6Winapi8Messages8TMessageE
_ZN10Jamdialogs23TJamNetDisconnectDialog13MapWindowProcEv
_ZN10Jamdialogs23TJamNetDisconnectDialog21DialogShowTimerChangeEPN6System7TObjectE
_ZN10Jamdialogs23TJamNetDisconnectDialog7ExecuteEP6HWND__
_ZN10Jamdialogs23TJamNetDisconnectDialog7ExecuteEv
_ZN10Jamdialogs23TJamNetDisconnectDialogC3EPN6System7Classes10TComponentE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog11CancelClickEPN6System7TObjectE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog11ItemCheckedEPN6System7TObjectEPN3Vcl8Comctrls9TListItemE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog11ResetFilterEPN6System7TObjectE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog12InvokeSearchEPN6System7TObjectENS1_13UnicodeStringE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog13FilterColumnsEN6System13UnicodeStringE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog14ColumnsCompareEPN6System7TObjectEPN3Vcl8Comctrls9TListItemES7_iRi
_ZN10Jamdialogs30TJamShellColumnSelectionDialog14GetMultiSelectEv
_ZN10Jamdialogs30TJamShellColumnSelectionDialog14SetMultiSelectEb
_ZN10Jamdialogs30TJamShellColumnSelectionDialog15AddCustomColumnERKN3Jam5Shell5Types14TShellColumnIdEN6System13UnicodeStringE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog15ColumnsChangingEPN6System7TObjectEPN3Vcl8Comctrls9TListItemENS5_11TItemChangeERb
_ZN10Jamdialogs30TJamShellColumnSelectionDialog16GetSpecialFolderEv
_ZN10Jamdialogs30TJamShellColumnSelectionDialog16InitializeDialogEPN6System7TObjectE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog16SetSpecialFolderEN3Jam5Shell5Types15TJamShellFolderE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog5ClearEv
_ZN10Jamdialogs30TJamShellColumnSelectionDialog6CancelEv
_ZN10Jamdialogs30TJamShellColumnSelectionDialog7ExecuteEP6HWND__
_ZN10Jamdialogs30TJamShellColumnSelectionDialog7OkClickEPN6System7TObjectE
_ZN10Jamdialogs30TJamShellColumnSelectionDialog7RefreshEv
_ZN10Jamdialogs30TJamShellColumnSelectionDialogC3EPN6System7Classes10TComponentE
_ZN10Jamdialogs30TJamShellColumnSelectionDialogD0Ev
_ZN10Jamdialogs8RegisterEv
_ZN10Threadpool10TCOMThread3RunEN6System15DelphiInterfaceINS1_7Classes16TThreadProcedureEEENS2_INS1_10IInterfaceEEEb
_ZN10Threadpool10TCOMThread7ExecuteEv
_ZN10Threadpool10TCOMThreadC3EN6System15DelphiInterfaceINS1_7Classes16TThreadProcedureEEENS2_INS1_10IInterfaceEEEbb
_ZN10Threadpool10TJamThread11DoTerminateEv
_ZN10Threadpool10TJamThread13GetIsFinishedEv
_ZN10Threadpool10TJamThread13GetTerminatedEv
_ZN10Threadpool10TJamThread16NotifyThreadPoolEv
_ZN10Threadpool10TJamThread17SetBackgroundModeEb
_ZN10Threadpool10TJamThread5DelayEj
_ZN10Threadpool10TJamThread5StartEv
_ZN10Threadpool10TJamThread9GetPausedEv
_ZN10Threadpool10TJamThread9SetPausedEb
_ZN10Threadpool10TJamThreadC3EN6System15DelphiInterfaceIN3Jam9Threading22ICancellationIndicatorEEE
_ZN10Threadpool10TJamThreadC3Ev
_ZN10Threadpool11GetCPUCountEv
_ZN10Threadpool11TThreadPool19TerminateAllThreadsEb
_ZN10Threadpool11TThreadPool3AddEPNS_10TJamThreadE
_ZN10Threadpool11TThreadPool6NotifyEPvN6System7Classes17TListNotificationE
_ZN10Threadpool12FinalizationEv
_ZN10Threadpool13TWorkerThread13TerminatedSetEv
_ZN10Threadpool13TWorkerThread17TerminateWorkItemEv
_ZN10Threadpool13TWorkerThread7ExecuteEv
_ZN10Threadpool13TWorkerThread9SetPausedEb
_ZN10Threadpool13TWorkerThreadC3EPNS_17TWorkerThreadPoolE
_ZN10Threadpool13TWorkerThreadD0Ev
_ZN10Threadpool14initializationEv
_ZN10Threadpool15TWorkItemsQueue16ContainsWorkItemERK5_GUID
_ZN10Threadpool15TWorkItemsQueue16ContainsWorkItemExPN6System10TMetaClassE
_ZN10Threadpool15TWorkItemsQueue3AddEN6System15DelphiInterfaceIN3Jam9Threading9IWorkItemEEEb
_ZN10Threadpool15TWorkItemsQueue5ClearEv
_ZN10Threadpool15TWorkItemsQueue5CountEv
_ZN10Threadpool15TWorkItemsQueue7DequeueERN6System15DelphiInterfaceIN3Jam9Threading9IWorkItemEEE
_ZN10Threadpool15TWorkItemsQueueC3Ev
_ZN10Threadpool17TCustomThreadPool11SetPriorityEN6System7Classes15TThreadPriorityE
_ZN10Threadpool17TCustomThreadPool12ThreadExistsEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool13ThreadsActiveEv
_ZN10Threadpool17TCustomThreadPool14QueryInterfaceERK5_GUIDPv
_ZN10Threadpool17TCustomThreadPool16CheckSynchronizeEb
_ZN10Threadpool17TCustomThreadPool18DoThreadTerminatedEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool18RunningThreadCountEv
_ZN10Threadpool17TCustomThreadPool19TerminateAllThreadsEb
_ZN10Threadpool17TCustomThreadPool19ThreadHasTerminatedEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool20InternalThreadExistsEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool20SetMaxRunningThreadsEi
_ZN10Threadpool17TCustomThreadPool20ThreadsNotTerminatedEv
_ZN10Threadpool17TCustomThreadPool21TerminateThreadSecureEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool22DoAllThreadsTerminatedEv
_ZN10Threadpool17TCustomThreadPool23GetFirstSuspendedThreadEv
_ZN10Threadpool17TCustomThreadPool24DefaultMaxRunningThreadsEv
_ZN10Threadpool17TCustomThreadPool25StartFirstSuspendedThreadEv
_ZN10Threadpool17TCustomThreadPool3AddEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool6NotifyEPvN6System7Classes17TListNotificationE
_ZN10Threadpool17TCustomThreadPool6RemoveEPNS_10TJamThreadE
_ZN10Threadpool17TCustomThreadPool7GetItemEi
_ZN10Threadpool17TCustomThreadPool7_AddRefEv
_ZN10Threadpool17TCustomThreadPool8_ReleaseEv
_ZN10Threadpool17TCustomThreadPool9GetPausedEv
_ZN10Threadpool17TCustomThreadPool9SetPausedEb
_ZN10Threadpool17TCustomThreadPoolC3Ev
_ZN10Threadpool17TCustomThreadPoolD0Ev
_ZN10Threadpool17TCustomThreadPoolv04IntfE
_ZN10Threadpool17TWorkerThreadPool11AddWorkItemEN6System15DelphiInterfaceIN3Jam9Threading9IWorkItemEEE
_ZN10Threadpool17TWorkerThreadPool11AddWorkItemEN6System15DelphiInterfaceIN3Jam9Threading9IWorkItemEEENS4_9TPriorityE
_ZN10Threadpool17TWorkerThreadPool11DoNewThreadEPNS_13TWorkerThreadE
_ZN10Threadpool17TWorkerThreadPool11GetCPUUsageEv
_ZN10Threadpool17TWorkerThreadPool11GetWorkItemEPNS_13TWorkerThreadE
_ZN10Threadpool17TWorkerThreadPool11QueueLengthEv
_ZN10Threadpool17TWorkerThreadPool12AddWorkItemsEN6System12DynamicArrayINS1_15DelphiInterfaceIN3Jam9Threading9IWorkItemEEEEENS5_9TPriorityE
_ZN10Threadpool17TWorkerThreadPool14SetMaxCpuUsageEi
_ZN10Threadpool17TWorkerThreadPool16ContainsWorkItemERK5_GUID
_ZN10Threadpool17TWorkerThreadPool16ContainsWorkItemEx
_ZN10Threadpool17TWorkerThreadPool16TerminateThreadsEb
_ZN10Threadpool17TWorkerThreadPool18GetWorkItemsActiveEv
_ZN10Threadpool17TWorkerThreadPool18TerminateWorkItemsEv
_ZN10Threadpool17TWorkerThreadPool18UninitializeThreadEPNS_13TWorkerThreadE
_ZN10Threadpool17TWorkerThreadPool19SetMinWorkerThreadsEi
_ZN10Threadpool17TWorkerThreadPool19TerminateAllThreadsEb
_ZN10Threadpool17TWorkerThreadPool20GetActiveThreadCountEv
_ZN10Threadpool17TWorkerThreadPool20SetMaxRunningThreadsEi
_ZN10Threadpool17TWorkerThreadPool23CheckAddNewWorkerThreadEv
_ZN10Threadpool17TWorkerThreadPool28TriggerAllWorkItemsDoneEventEv
_ZN10Threadpool17TWorkerThreadPool3AddEPNS_10TJamThreadE
_ZN10Threadpool17TWorkerThreadPool6RemoveEPNS_10TJamThreadE
_ZN10Threadpool17TWorkerThreadPool7DisposeEv
_ZN10Threadpool17TWorkerThreadPool8InstanceEv
_ZN10Threadpool17TWorkerThreadPoolC3Eb
_ZN10Threadpool17TWorkerThreadPoolD0Ev
_ZN10Threadpool17TWorkerThreadPoolv04IntfE
_ZN10Threadpool27TWorkerThreadPoolRefCounted7_AddRefEv
_ZN10Threadpool27TWorkerThreadPoolRefCounted8_ReleaseEv
_ZN10Threadpool27TWorkerThreadPoolRefCountedC3ERKN3Jam9Threading17TWorkerPoolConfigE
_ZN10Threadpool27TWorkerThreadPoolRefCountedC3Ev
_ZN10Threadpool27TWorkerThreadPoolRefCountedv04IntfE
_ZN11Jamcontrols12FinalizationEv
_ZN11Jamcontrols12TJamFileList10DestroyWndEv
_ZN11Jamcontrols12TJamFileList10ThreadDoneEb
_ZN11Jamcontrols12TJamFileList11BeginUpdateEv
_ZN11Jamcontrols12TJamFileList11FileChangedEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEES7_
_ZN11Jamcontrols12TJamFileList11InitColumnsEv
_ZN11Jamcontrols12TJamFileList11SortByIndexEv
_ZN11Jamcontrols12TJamFileList12FillSubItemsEPNS_21TJamCheckableListItemEib
_ZN11Jamcontrols12TJamFileList12RestoreStateEv
_ZN11Jamcontrols12TJamFileList13DoOnEndSearchEv
_ZN11Jamcontrols12TJamFileList13SetCheckboxesEb
_ZN11Jamcontrols12TJamFileList14GetItemCaptionEPNS_21TJamCheckableListItemEPN12Shellbrowser13TShellBrowserE
_ZN11Jamcontrols12TJamFileList16CMVisibleChangedERN6Winapi8Messages8TMessageE
_ZN11Jamcontrols12TJamFileList16GetTotalFileSizeEv
_ZN11Jamcontrols12TJamFileList16SetCaptionFormatENS_16TFileListCaptionE
_ZN11Jamcontrols12TJamFileList16SetSearchOptionsEPN3Jam5Shell5Types17TJamSearchOptionsE
_ZN11Jamcontrols12TJamFileList17GetTotalFileCountEv
_ZN11Jamcontrols12TJamFileList18ChangeNotificationEN22Jamshellchangenotifier18TNotificationEventEN6System13UnicodeStringES4_
_ZN11Jamcontrols12TJamFileList19CompleteItemDetailsEPNS_21TJamCheckableListItemE
_ZN11Jamcontrols12TJamFileList19GetFileSizeAndCountEbRxRi
_ZN11Jamcontrols12TJamFileList19GetSelectedFileSizeEv
_ZN11Jamcontrols12TJamFileList19InitHeaderMenuStripEv
_ZN11Jamcontrols12TJamFileList19SetColumnVisibilityERKN3Jam5Shell5Types14TShellColumnIdEb
_ZN11Jamcontrols12TJamFileList20GetSelectedFileCountEv
_ZN11Jamcontrols12TJamFileList21SetAllowedDragEffectsEN6System3SetIN12Shellbrowser14TJamDropEffectELS4_0ELS4_4EEE
_ZN11Jamcontrols12TJamFileList25GetLocalIndexForNewColumnEPNS_19TJamShellListColumnE
_ZN11Jamcontrols12TJamFileList36UpdateSubitemsAfterColumnGetsVisibleEi
_ZN11Jamcontrols12TJamFileList3AddEN6System13UnicodeStringEbi
_ZN11Jamcontrols12TJamFileList3AddEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEEbi
_ZN11Jamcontrols12TJamFileList4EditERK10tagLVITEMW
_ZN11Jamcontrols12TJamFileList4StopEv
_ZN11Jamcontrols12TJamFileList6ChangeEPN3Vcl8Comctrls9TListItemEi
_ZN11Jamcontrols12TJamFileList6SearchEN6System13UnicodeStringE
_ZN11Jamcontrols12TJamFileList7KeyDownERtN6System3SetINS2_7Classes15TShiftStateItemELS5_0ELS5_10EEE
_ZN11Jamcontrols12TJamFileList8DragOverEiN6System5Types6TPointERi
_ZN11Jamcontrols12TJamFileList9CreateWndEv
_ZN11Jamcontrols12TJamFileList9DragEnterEN6System15DelphiInterfaceI11IDataObjectEEiNS1_5Types6TPointERi
_ZN11Jamcontrols12TJamFileList9EndUpdateEv
_ZN11Jamcontrols12TJamFileList9SaveStateEv
_ZN11Jamcontrols12TJamFileListC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols12TJamFileListD0Ev
_ZN11Jamcontrols12TJamFileListv04IntfE
_ZN11Jamcontrols12TJamPathEdit10FireOnExitEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit10GetVersionEv
_ZN11Jamcontrols12TJamPathEdit10SetEnabledEb
_ZN11Jamcontrols12TJamPathEdit11ButtonClickEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit11ChangeScaleEiib
_ZN11Jamcontrols12TJamPathEdit11CheckFilterEv
_ZN11Jamcontrols12TJamPathEdit11FireOnClickEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit11FireOnEnterEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit11FireOnKeyUpEPN6System7TObjectERtNS1_3SetINS1_7Classes15TShiftStateItemELS7_0ELS7_10EEE
_ZN11Jamcontrols12TJamPathEdit12GetPopupMenuEv
_ZN11Jamcontrols12TJamPathEdit12SetPopupMenuEPN3Vcl5Menus10TPopupMenuE
_ZN11Jamcontrols12TJamPathEdit12SetShowImageEb
_ZN11Jamcontrols12TJamPathEdit13BrowseForFileEv
_ZN11Jamcontrols12TJamPathEdit13FireOnKeyDownEPN6System7TObjectERtNS1_3SetINS1_7Classes15TShiftStateItemELS7_0ELS7_10EEE
_ZN11Jamcontrols12TJamPathEdit13FireOnMouseUpEPN6System7TObjectENS1_7Uitypes12TMouseButtonENS1_3SetINS1_7Classes15TShiftStateItemELS8_0ELS8_10EEEii
_ZN11Jamcontrols12TJamPathEdit13GetParentFontEv
_ZN11Jamcontrols12TJamPathEdit13SetDefaultExtEN6System13UnicodeStringE
_ZN11Jamcontrols12TJamPathEdit13SetFolderModeEb
_ZN11Jamcontrols12TJamPathEdit13SetParentFontEb
_ZN11Jamcontrols12TJamPathEdit14FireOnDblClickEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit14FireOnDragDropEPN6System7TObjectES3_ii
_ZN11Jamcontrols12TJamPathEdit14FireOnDragOverEPN6System7TObjectES3_iiNS1_7Uitypes10TDragStateERb
_ZN11Jamcontrols12TJamPathEdit14FireOnKeyPressEPN6System7TObjectERw
_ZN11Jamcontrols12TJamPathEdit14GetIsValidPathEv
_ZN11Jamcontrols12TJamPathEdit14SetDialogTitleEN6System13UnicodeStringE
_ZN11Jamcontrols12TJamPathEdit15BrowseForFolderEv
_ZN11Jamcontrols12TJamPathEdit15FireOnMouseDownEPN6System7TObjectENS1_7Uitypes12TMouseButtonENS1_3SetINS1_7Classes15TShiftStateItemELS8_0ELS8_10EEEii
_ZN11Jamcontrols12TJamPathEdit15FireOnMouseMoveEPN6System7TObjectENS1_3SetINS1_7Classes15TShiftStateItemELS6_0ELS6_10EEEii
_ZN11Jamcontrols12TJamPathEdit16OpenDialogOnShowEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit16SetUseSystemFontEb
_ZN11Jamcontrols12TJamPathEdit17ApplyAutoCompleteEv
_ZN11Jamcontrols12TJamPathEdit17EditFieldOnChangeEPN6System7TObjectE
_ZN11Jamcontrols12TJamPathEdit17UpdateEditMarginsEv
_ZN11Jamcontrols12TJamPathEdit18GetPopupMenuButtonEv
_ZN11Jamcontrols12TJamPathEdit18SetPopupMenuButtonEPN3Vcl5Menus10TPopupMenuE
_ZN11Jamcontrols12TJamPathEdit22SetDialogButtonCaptionEN6System13UnicodeStringE
_ZN11Jamcontrols12TJamPathEdit26SetOpenDialogButtonEnabledEb
_ZN11Jamcontrols12TJamPathEdit6LoadedEv
_ZN11Jamcontrols12TJamPathEdit6ResizeEv
_ZN11Jamcontrols12TJamPathEdit7GetPathEv
_ZN11Jamcontrols12TJamPathEdit7SetPathEN6System13UnicodeStringE
_ZN11Jamcontrols12TJamPathEdit7WndProcERN6Winapi8Messages8TMessageE
_ZN11Jamcontrols12TJamPathEdit8GetColorEv
_ZN11Jamcontrols12TJamPathEdit8SetColorEN6System7Uitypes6TColorE
_ZN11Jamcontrols12TJamPathEdit8SetFocusEv
_ZN11Jamcontrols12TJamPathEdit9CreateWndEv
_ZN11Jamcontrols12TJamPathEdit9LoadImageEv
_ZN11Jamcontrols12TJamPathEditC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols12TJamPathEditD0Ev
_ZN11Jamcontrols13TJamComboItem7GetPIDLEv
_ZN11Jamcontrols13TJamComboItem7GetPathEv
_ZN11Jamcontrols13TJamComboItem7SetPathEN6System13UnicodeStringE
_ZN11Jamcontrols13TJamComboItem7SetPidlEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols13TJamComboItem9CompareToEPS0_
_ZN11Jamcontrols13TJamComboItem9IsDesktopEv
_ZN11Jamcontrols13TJamComboItemC3EN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols13TJamComboItemD0Ev
_ZN11Jamcontrols13TJamDragFiles10DragDetectERKN6System5Types6TPointE
_ZN11Jamcontrols13TJamDragFiles10GetVersionEv
_ZN11Jamcontrols13TJamDragFiles10SubWndProcERN6Winapi8Messages8TMessageE
_ZN11Jamcontrols13TJamDragFiles12BeginOleDragEN6System7Uitypes12TMouseButtonEN12Shellbrowser14TJamDropEffectE
_ZN11Jamcontrols13TJamDragFiles12GiveFeedbackEi
_ZN11Jamcontrols13TJamDragFiles14SetDragControlEPN3Vcl8Controls11TWinControlE
_ZN11Jamcontrols13TJamDragFiles17QueryContinueDragEii
_ZN11Jamcontrols13TJamDragFilesC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols13TJamDragFilesv04IntfE
_ZN11Jamcontrols13TJamDriveList10CMHintShowERN3Vcl8Controls11TCMHintShowE
_ZN11Jamcontrols13TJamDriveList10SetEnabledEb
_ZN11Jamcontrols13TJamDriveList11AddEditableEN6System13UnicodeStringEb
_ZN11Jamcontrols13TJamDriveList11FillColumnsEPNS_17TJamDriveListItemE
_ZN11Jamcontrols13TJamDriveList11FullRefreshEv
_ZN11Jamcontrols13TJamDriveList11GetReadOnlyEv
_ZN11Jamcontrols13TJamDriveList11InitColumnsEv
_ZN11Jamcontrols13TJamDriveList11SetReadOnlyEb
_ZN11Jamcontrols13TJamDriveList12FillSubItemsEPNS_21TJamCheckableListItemEib
_ZN11Jamcontrols13TJamDriveList12RestoreStateEv
_ZN11Jamcontrols13TJamDriveList12SmartRefreshEv
_ZN11Jamcontrols13TJamDriveList13EditCancelledERK10tagLVITEMW
_ZN11Jamcontrols13TJamDriveList13FillDriveListEv
_ZN11Jamcontrols13TJamDriveList13IsCustomDrawnEN3Vcl8Comctrls17TCustomDrawTargetENS2_16TCustomDrawStageE
_ZN11Jamcontrols13TJamDriveList13SetItemIdListEN6System15DelphiInterfaceIN12Jamworkitems19IItemIdListWorkItemEEE
_ZN11Jamcontrols13TJamDriveList14CreateListItemEv
_ZN11Jamcontrols13TJamDriveList14CustomDrawItemEPN3Vcl8Comctrls9TListItemEN6System3SetINS2_20TCustomDrawStateItemELS7_0ELS7_12EEENS2_16TCustomDrawStageE
_ZN11Jamcontrols13TJamDriveList14GetItemCaptionEPNS_21TJamCheckableListItemEPN12Shellbrowser13TShellBrowserE
_ZN11Jamcontrols13TJamDriveList14HandleEditItemERK10tagLVITEMWb
_ZN11Jamcontrols13TJamDriveList14SetExcludeListEPN16Jamselectionlist12TJamPathListE
_ZN11Jamcontrols13TJamDriveList16GetCheckedDrivesEv
_ZN11Jamcontrols13TJamDriveList17CustomDrawSubItemEPN3Vcl8Comctrls9TListItemEiN6System3SetINS2_20TCustomDrawStateItemELS7_0ELS7_12EEENS2_16TCustomDrawStageE
_ZN11Jamcontrols13TJamDriveList17DoEndColumnResizeEii
_ZN11Jamcontrols13TJamDriveList17SetStatusBarColorEN6System7Uitypes6TColorE
_ZN11Jamcontrols13TJamDriveList17UpdateTimerChangeEPN6System7TObjectE
_ZN11Jamcontrols13TJamDriveList18ChangeNotificationEN22Jamshellchangenotifier18TNotificationEventEN6System13UnicodeStringES4_
_ZN11Jamcontrols13TJamDriveList18ChangeNotificationEPN6System7TObjectEN22Jamshellchangenotifier18TNotificationEventENS1_15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEESB_
_ZN11Jamcontrols13TJamDriveList18SetCalculatedSpaceEN6System13UnicodeStringExx
_ZN11Jamcontrols13TJamDriveList19CompleteItemDetailsEPNS_21TJamCheckableListItemE
_ZN11Jamcontrols13TJamDriveList19HandleExcludedDriveEN6System13UnicodeStringEi
_ZN11Jamcontrols13TJamDriveList19InitHeaderMenuStripEv
_ZN11Jamcontrols13TJamDriveList20RecalculateDiskSpaceEPNS_17TJamDriveListItemE
_ZN11Jamcontrols13TJamDriveList23AdjustAutoCompleteWidthEv
_ZN11Jamcontrols13TJamDriveList23SetShowShellObjectNamesEb
_ZN11Jamcontrols13TJamDriveList25GetLocalIndexForNewColumnEPNS_19TJamShellListColumnE
_ZN11Jamcontrols13TJamDriveList3AddEN6System13UnicodeStringEbi
_ZN11Jamcontrols13TJamDriveList4EditERK10tagLVITEMW
_ZN11Jamcontrols13TJamDriveList6ResortEi
_ZN11Jamcontrols13TJamDriveList7AddPathEN6System13UnicodeStringEb
_ZN11Jamcontrols13TJamDriveList7KeyDownERtN6System3SetINS2_7Classes15TShiftStateItemELS5_0ELS5_10EEE
_ZN11Jamcontrols13TJamDriveList9CreateWndEv
_ZN11Jamcontrols13TJamDriveList9SaveStateEv
_ZN11Jamcontrols13TJamDriveList9WMDestroyERN6Winapi8Messages11TWMNoParamsE
_ZN11Jamcontrols13TJamDriveListC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols13TJamDriveListD0Ev
_ZN11Jamcontrols13TJamDriveListv04IntfE
_ZN11Jamcontrols13TJamDropFiles10GetVersionEv
_ZN11Jamcontrols13TJamDropFiles10SetControlEPN3Vcl8Controls11TWinControlE
_ZN11Jamcontrols13TJamDropFiles10SetEnabledEb
_ZN11Jamcontrols13TJamDropFiles12NotificationEPN6System7Classes10TComponentENS2_10TOperationE
_ZN11Jamcontrols13TJamDropFiles17TimerEventHandlerEPN6System7TObjectE
_ZN11Jamcontrols13TJamDropFiles21GetTempDropTargetPathEv
_ZN11Jamcontrols13TJamDropFiles26RegisterControlForDragDropEv
_ZN11Jamcontrols13TJamDropFiles26UpdateDragDropRegistrationEv
_ZN11Jamcontrols13TJamDropFiles4DropEN6System15DelphiInterfaceI11IDataObjectEEiNS1_5Types6TPointERi
_ZN11Jamcontrols13TJamDropFiles8DragOverEiN6System5Types6TPointERi
_ZN11Jamcontrols13TJamDropFiles9DragEnterEN6System15DelphiInterfaceI11IDataObjectEEiNS1_5Types6TPointERi
_ZN11Jamcontrols13TJamDropFiles9DragLeaveEv
_ZN11Jamcontrols13TJamDropFilesC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols13TJamDropFilesD0Ev
_ZN11Jamcontrols13TJamDropFilesv04IntfE
_ZN11Jamcontrols13TJamPathLabel10GetCheckedEv
_ZN11Jamcontrols13TJamPathLabel10GetVersionEv
_ZN11Jamcontrols13TJamPathLabel10IsUpdatingEv
_ZN11Jamcontrols13TJamPathLabel10SetCheckedEb
_ZN11Jamcontrols13TJamPathLabel11BeginUpdateEv
_ZN11Jamcontrols13TJamPathLabel11FileChangedEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEES7_
_ZN11Jamcontrols13TJamPathLabel11FullRefreshEv
_ZN11Jamcontrols13TJamPathLabel11GetShowIconEv
_ZN11Jamcontrols13TJamPathLabel11PathChangedEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols13TJamPathLabel11SetAutoSizeEb
_ZN11Jamcontrols13TJamPathLabel11SetShowIconEb
_ZN11Jamcontrols13TJamPathLabel12CreateParamsERN3Vcl8Controls13TCreateParamsE
_ZN11Jamcontrols13TJamPathLabel12SetShellLinkEPN9Shelllink13TJamShellLinkE
_ZN11Jamcontrols13TJamPathLabel12UpdateLayoutEv
_ZN11Jamcontrols13TJamPathLabel12getShellLinkEv
_ZN11Jamcontrols13TJamPathLabel13CMFontChangedERN6Winapi8Messages8TMessageE
_ZN11Jamcontrols13TJamPathLabel13GetParentFontEv
_ZN11Jamcontrols13TJamPathLabel13SetItemIdListEN6System15DelphiInterfaceIN12Jamworkitems19IItemIdListWorkItemEEE
_ZN11Jamcontrols13TJamPathLabel13SetParentFontEb
_ZN11Jamcontrols13TJamPathLabel13WMContextMenuERN6Winapi8Messages14TWMContextMenuE
_ZN11Jamcontrols13TJamPathLabel14GetTransparentEv
_ZN11Jamcontrols13TJamPathLabel14LoadItemIdListEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols13TJamPathLabel14SetDisplayPathEN6System13UnicodeStringE
_ZN11Jamcontrols13TJamPathLabel14SetTransparentEb
_ZN11Jamcontrols13TJamPathLabel15FormatPathLabelEv
_ZN11Jamcontrols13TJamPathLabel15GetShowCheckboxEv
_ZN11Jamcontrols13TJamPathLabel15OnCheckboxClickEPN6System7TObjectE
_ZN11Jamcontrols13TJamPathLabel15SetShowCheckboxEb
_ZN11Jamcontrols13TJamPathLabel15ShowContextMenuERKN6System5Types6TPointE
_ZN11Jamcontrols13TJamPathLabel16SetUseSystemFontEb
_ZN11Jamcontrols13TJamPathLabel19DoExecuteOnDblClickEPN6System7TObjectE
_ZN11Jamcontrols13TJamPathLabel4GoUpEv
_ZN11Jamcontrols13TJamPathLabel5KeyUpERtN6System3SetINS2_7Classes15TShiftStateItemELS5_0ELS5_10EEE
_ZN11Jamcontrols13TJamPathLabel5PaintEv
_ZN11Jamcontrols13TJamPathLabel6DoExitEv
_ZN11Jamcontrols13TJamPathLabel6ResizeEv
_ZN11Jamcontrols13TJamPathLabel7DoEnterEv
_ZN11Jamcontrols13TJamPathLabel7GetPathEv
_ZN11Jamcontrols13TJamPathLabel7RefreshEN9Shelllink13TRefreshLevelEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols13TJamPathLabel7SetIconEiN12Jamworkitems12TJamIconTypeEx
_ZN11Jamcontrols13TJamPathLabel7SetPathEN6System13UnicodeStringE
_ZN11Jamcontrols13TJamPathLabel8DblClickEv
_ZN11Jamcontrols13TJamPathLabel9CreateWndEv
_ZN11Jamcontrols13TJamPathLabel9EndUpdateEv
_ZN11Jamcontrols13TJamPathLabel9SelectAllEv
_ZN11Jamcontrols13TJamPathLabelC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols13TJamPathLabelD0Ev
_ZN11Jamcontrols13TJamPathLabelv04IntfE
_ZN11Jamcontrols14initializationEv
_ZN11Jamcontrols15TJamFilterCombo11FileChangedEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEES7_
_ZN11Jamcontrols15TJamFilterCombo11FullRefreshEv
_ZN11Jamcontrols15TJamFilterCombo11GetEditableEv
_ZN11Jamcontrols15TJamFilterCombo11PathChangedEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFilterCombo11SetEditableEb
_ZN11Jamcontrols15TJamFilterCombo11UpdateItemsEv
_ZN11Jamcontrols15TJamFilterCombo12SetItemIndexEi
_ZN11Jamcontrols15TJamFilterCombo12getShellLinkEv
_ZN11Jamcontrols15TJamFilterCombo12setShellLinkEPN9Shelllink13TJamShellLinkE
_ZN11Jamcontrols15TJamFilterCombo15GetFilterStringEv
_ZN11Jamcontrols15TJamFilterCombo15SetFilterStringEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFilterCombo16GetCurrentFilterEv
_ZN11Jamcontrols15TJamFilterCombo17TJamFileTypeItems3AddEN6System13UnicodeStringES3_
_ZN11Jamcontrols15TJamFilterCombo17TJamFileTypeItems5ParseEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFilterCombo17TJamFileTypeItems6NotifyEPN6System7Classes15TCollectionItemENS2_8Generics11Collections23TCollectionNotificationE
_ZN11Jamcontrols15TJamFilterCombo17TJamFileTypeItems9EndUpdateEv
_ZN11Jamcontrols15TJamFilterCombo20FileTypeItemsChangedEPN6System7TObjectE
_ZN11Jamcontrols15TJamFilterCombo20GetCurrentFilterItemEv
_ZN11Jamcontrols15TJamFilterCombo4GoUpEv
_ZN11Jamcontrols15TJamFilterCombo6LoadedEv
_ZN11Jamcontrols15TJamFilterCombo6SelectEv
_ZN11Jamcontrols15TJamFilterCombo7KeyDownERtN6System3SetINS2_7Classes15TShiftStateItemELS5_0ELS5_10EEE
_ZN11Jamcontrols15TJamFilterCombo7RefreshEN9Shelllink13TRefreshLevelEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFilterCombo8AddItemsEv
_ZN11Jamcontrols15TJamFilterCombo8DropDownEv
_ZN11Jamcontrols15TJamFilterCombo9CreateWndEv
_ZN11Jamcontrols15TJamFilterCombo9SetFilterEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFilterComboC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols15TJamFilterComboD0Ev
_ZN11Jamcontrols15TJamFilterCombov04IntfE
_ZN11Jamcontrols15TJamFolderCombo10RemoveItemEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFolderCombo11DoPopulatedEv
_ZN11Jamcontrols15TJamFolderCombo11FilterMatchEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFolderCombo11FullRefreshEv
_ZN11Jamcontrols15TJamFolderCombo11GetEditTextEv
_ZN11Jamcontrols15TJamFolderCombo11GetEditableEv
_ZN11Jamcontrols15TJamFolderCombo11SetEditableEb
_ZN11Jamcontrols15TJamFolderCombo12RemoveFolderEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFolderCombo12SelectFolderEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFolderCombo13ApplyEditableEv
_ZN11Jamcontrols15TJamFolderCombo13JamGetEnabledEv
_ZN11Jamcontrols15TJamFolderCombo13JamSetEnabledEb
_ZN11Jamcontrols15TJamFolderCombo13SetItemIdListEN6System15DelphiInterfaceIN12Jamworkitems19IItemIdListWorkItemEEE
_ZN11Jamcontrols15TJamFolderCombo16GetIncludeDrivesEv
_ZN11Jamcontrols15TJamFolderCombo16SetIncludeDrivesEb
_ZN11Jamcontrols15TJamFolderCombo17AddPersistentItemEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFolderCombo17GetSelectedFolderEv
_ZN11Jamcontrols15TJamFolderCombo17IndexOfItemIdListEN6System15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEE
_ZN11Jamcontrols15TJamFolderCombo17SetSelectedFolderEN6System13UnicodeStringE
_ZN11Jamcontrols15TJamFolderCombo18ChangeNotificationEPN6System7TObjectEN22Jamshellchangenotifier18TNotificationEventENS1_15DelphiInterfaceIN3Jam5Shell5Types11IItemIdListEEESB_
_ZN11Jamcontrols15TJamFolderCombo19SetAutomaticRefreshEb
_ZN11Jamcontrols15TJamFolderCombo20UpdateItemAfterCheckEPN12Jamworkitems19TPathExistsWorkItemE
_ZN11Jamcontrols15TJamFolderCombo21SetIncludeMyDocumentsEb
_ZN11Jamcontrols15TJamFolderCombo23SetIncludeMobileDevicesEb
_ZN11Jamcontrols15TJamFolderCombo25GetIncludeRemovableDrivesEv
_ZN11Jamcontrols15TJamFolderCombo25SetIncludeRemovableDrivesEb
_ZN11Jamcontrols15TJamFolderCombo6LoadedEv
_ZN11Jamcontrols15TJamFolderCombo9AddFolderEN6System13UnicodeStringEib
_ZN11Jamcontrols15TJamFolderCombo9CreateWndEv
_ZN11Jamcontrols15TJamFolderCombo9EditEnterEPN6System7TObjectE
_ZN11Jamcontrols15TJamFolderCombo9WMDestroyERN6Winapi8Messages11TWMNoParamsE
_ZN11Jamcontrols15TJamFolderComboC3EPN6System7Classes10TComponentE
_ZN11Jamcontrols15TJamFolderComboD0Ev
_ZN11Jamcontrols15TJamFolderCombov04IntfE
_ZN11Jamcontrols16TJamFileListItem10InvalidateEv
_ZN11Jamcontrols16TJamFileListItem11GetFileSizeEv
_ZN11Jamcontrols16TJamFileListItem11GetListViewEv
_ZN11Jamcontrols16TJamFileListItem11GetSubitemsEv
_ZN11Jamcontrols16TJamFileListItem12GetFileCountEv
_ZN11Jamcontrols16TJamFileListItem12GetItemPidlsEv
_ZN11Jamcontrols16TJamFileListItem13GetCheckStateEv

Sections

.fcley
Size: - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wsrac
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ydhxo
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vpbqr
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xqulk
Size: - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qthbz
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hyetc
Size: 4KB - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rknzgq
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aciflm
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gmaniq
Size: 556KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ewxhg
Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ljdng
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iwjexf
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.myaeib
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sndrw
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cuyl
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
acdbase.dll
.dll windows:6 windows x64 arch:x64

16f0b636d9f9e9cf640f540e16ccb4f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateFileW
FindFirstFileW
FormatMessageA
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleFileNameW
GetSystemTimeAsFileTime
GetThreadLocale
GlobalAlloc
GlobalFree
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExA
LocalAlloc
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
WideCharToMultiByte
lstrcpyW
lstrlenA
lstrlenW

gdi32

CreateCompatibleBitmap
DeleteObject
GetDIBits
GetObjectA
SetDIBits

libmmd

asin
atan2
ceil
ceilf
cos
cosf
exp
exp2
floor
ldexp
log
log10
lrintf
pow
powf
sin
sinf
sqrt
sqrtf
tan

vcruntime140

_CxxThrowException
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
_wfopen_s
fclose
fputc
fread
fwrite

api-ms-win-crt-runtime-l1-1-0

_cexit
_clearfp
_configure_narrow_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
_seh_filter_dll
_statusfp
exit

api-ms-win-crt-string-l1-1-0

_stricmp
isalnum
strlen
strncat
strncmp
strncpy
wcslen

api-ms-win-crt-convert-l1-1-0

_strtoui64
_ui64toa
_ultoa
strtoul

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
free
malloc
realloc

api-ms-win-crt-utility-l1-1-0

div

api-ms-win-crt-environment-l1-1-0

getenv
getenv_s

Exports

Exports

??0CSampleRateConverter3@@QEAA@XZ
??0CSampleRateConverter4@@QEAA@XZ
??1CSampleRateConverter3@@QEAA@XZ
??1CSampleRateConverter4@@QEAA@XZ
??4CSampleRateConverter3@@QEAAAEAV0@AEBV0@@Z
??4CSampleRateConverter4@@QEAAAEAV0@AEBV0@@Z
?Flush@CSampleRateConverter4@@QEAA_NPEAPEAXPEAK1@Z
?Init@CSampleRateConverter3@@QEAAXKKKKKKKKKAEAPEAX0_N1KK@Z
?Init@CSampleRateConverter4@@QEAAXKKKKKKKK_N0KK@Z
?Read@CSampleRateConverter4@@QEAA_NPEAPEAXPEAK1@Z
?Resample@CSampleRateConverter3@@QEAAKK_N@Z
?Write@CSampleRateConverter4@@QEAAXPEAXK@Z
BASE64Decode
BASE64Encode
BASE64FreeMem
ChangeChannelOrder
CreateResampledBitmap
CreateUserFilterResampledBitmap
DetectEbml
GetDSDPCMGain
GetDSDPCMQuality
ID3Helper_AddDword
ID3Helper_AddFloat
ID3Helper_AddImage
ID3Helper_AddStr
ID3Helper_AddStrAnsi
ID3Helper_AddStrUnicode
ID3Helper_AddULongLong
ID3Helper_Alloc
ID3Helper_Copy
ID3Helper_Free
ID3Helper_GetDword
ID3Helper_GetFirst
ID3Helper_GetFirstImage
ID3Helper_GetFloat
ID3Helper_GetImage
ID3Helper_GetNaN
ID3Helper_GetNext
ID3Helper_GetNextImage
ID3Helper_GetStr
ID3Helper_GetULongLong
ID3Helper_IsNaN
JPEG_Init
N100nSToSamples
ReplayGain_Change
ReplayGain_Deinit
ReplayGain_GetLoudness
ReplayGain_GetPeak
ReplayGain_GetSamples
ReplayGain_Init
ReplayGain_Init_TruePeak
ReplayGain_Process
SRC4_Deinit
SRC4_Flush
SRC4_Init
SRC4_Read
SRC4_Write
SamplesToN100nS
SetDSDPCMGain
SetDSDPCMQuality
SetDitherParameters
SetSampleRateConverterParameters
UNC_AnsiToUnicode
UNC_AnsiToUtf8
UNC_ChangeEndian
UNC_RemoveUnicodeAPIPath
UNC_UnicodeToAnsi
UNC_UnicodeToUtf8
UNC_Utf8ToAnsi
UNC_Utf8ToUnicode
UNC_freeStr
UNC_freeWStr
UUDecode
UUEncode
UUFreeMem
XHEAAC_DRC_Enable
XHEAAC_DRC_Enabled
XHEAAC_DRC_Get_Effect
XHEAAC_DRC_Get_Loudness
XHEAAC_DRC_Set_Effect
XHEAAC_DRC_Set_Loudness
ffmpeg_global_lock
ffmpeg_global_unlock
hmac_sha224
hmac_sha224_final
hmac_sha224_init
hmac_sha224_reinit
hmac_sha224_update
hmac_sha256
hmac_sha256_final
hmac_sha256_init
hmac_sha256_reinit
hmac_sha256_update
hmac_sha384
hmac_sha384_final
hmac_sha384_init
hmac_sha384_reinit
hmac_sha384_update
hmac_sha512
hmac_sha512_final
hmac_sha512_init
hmac_sha512_reinit
hmac_sha512_update
jcopy_block_row
jcopy_markers_execute
jcopy_markers_setup
jcopy_sample_rows
jdiv_round_up
jget_arith_rates
jinit_1pass_quantizer
jinit_2pass_quantizer
jinit_arith_decoder
jinit_arith_encoder
jinit_c_coef_controller
jinit_c_main_controller
jinit_c_master_control
jinit_c_prep_controller
jinit_color_converter
jinit_color_deconverter
jinit_compress_master
jinit_d_coef_controller
jinit_d_main_controller
jinit_d_post_controller
jinit_downsampler
jinit_forward_dct
jinit_huff_decoder
jinit_huff_encoder
jinit_input_controller
jinit_inverse_dct
jinit_marker_reader
jinit_marker_writer
jinit_master_decompress
jinit_memory_mgr
jinit_merged_upsampler
jinit_phuff_decoder
jinit_phuff_encoder
jinit_upsampler
jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_abort
jpeg_abort_compress
jpeg_abort_decompress
jpeg_add_quant_table
jpeg_alloc_huff_table
jpeg_alloc_quant_table
jpeg_c_bool_param_supported
jpeg_c_float_param_supported
jpeg_c_get_bool_param
jpeg_c_get_float_param
jpeg_c_get_int_param
jpeg_c_int_param_supported
jpeg_c_set_bool_param
jpeg_c_set_float_param
jpeg_c_set_int_param
jpeg_calc_jpeg_dimensions
jpeg_calc_output_dimensions
jpeg_consume_input
jpeg_copy_critical_parameters
jpeg_core_output_dimensions
jpeg_crop_scanline
jpeg_default_colorspace
jpeg_default_qtables
jpeg_destroy
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_fdct_float
jpeg_fdct_ifast
jpeg_fdct_islow
jpeg_fill_bit_buffer
jpeg_finish_compress
jpeg_finish_decompress
jpeg_finish_output
jpeg_float_quality_scaling
jpeg_free_large
jpeg_free_small
jpeg_gen_optimal_table
jpeg_get_large
jpeg_get_small
jpeg_has_multiple_scans
jpeg_huff_decode
jpeg_idct_10x10
jpeg_idct_11x11
jpeg_idct_12x12
jpeg_idct_13x13
jpeg_idct_14x14
jpeg_idct_15x15
jpeg_idct_16x16
jpeg_idct_1x1
jpeg_idct_2x2
jpeg_idct_3x3
jpeg_idct_4x4
jpeg_idct_5x5
jpeg_idct_6x6
jpeg_idct_7x7
jpeg_idct_9x9
jpeg_idct_float
jpeg_idct_ifast
jpeg_idct_islow
jpeg_input_complete
jpeg_make_c_derived_tbl
jpeg_make_d_derived_tbl
jpeg_mem_available
jpeg_mem_dest
jpeg_mem_dest_internal
jpeg_mem_init
jpeg_mem_src
jpeg_mem_term
jpeg_new_colormap
jpeg_open_backing_store
jpeg_quality_scaling
jpeg_read_coefficients
jpeg_read_header
jpeg_read_icc_profile
jpeg_read_raw_data
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_save_markers
jpeg_set_colorspace
jpeg_set_defaults
jpeg_set_idct_method_selector
jpeg_set_linear_quality
jpeg_set_marker_processor
jpeg_set_quality
jpeg_simple_progression
jpeg_skip_scanlines
jpeg_start_compress
jpeg_start_decompress
jpeg_start_output
jpeg_std_error
jpeg_stdio_dest
jpeg_stdio_src
jpeg_suppress_tables
jpeg_write_coefficients
jpeg_write_icc_profile
jpeg_write_m_byte
jpeg_write_m_header
jpeg_write_marker
jpeg_write_raw_data
jpeg_write_scanlines
jpeg_write_tables
jround_up
jsimd_c_can_null_convert
jsimd_c_null_convert
jsimd_can_convsamp
jsimd_can_convsamp_float
jsimd_can_encode_mcu_AC_first_prepare
jsimd_can_encode_mcu_AC_refine_prepare
jsimd_can_fdct_float
jsimd_can_fdct_ifast
jsimd_can_fdct_islow
jsimd_can_h1v2_fancy_upsample
jsimd_can_h2v1_downsample
jsimd_can_h2v1_fancy_upsample
jsimd_can_h2v1_merged_upsample
jsimd_can_h2v1_upsample
jsimd_can_h2v2_downsample
jsimd_can_h2v2_fancy_upsample
jsimd_can_h2v2_merged_upsample
jsimd_can_h2v2_smooth_downsample
jsimd_can_h2v2_upsample
jsimd_can_huff_encode_one_block
jsimd_can_idct_12x12
jsimd_can_idct_2x2
jsimd_can_idct_4x4
jsimd_can_idct_6x6
jsimd_can_idct_float
jsimd_can_idct_ifast
jsimd_can_idct_islow
jsimd_can_int_upsample
jsimd_can_quantize
jsimd_can_quantize_float
jsimd_can_rgb_gray
jsimd_can_rgb_ycc
jsimd_can_ycc_rgb
jsimd_can_ycc_rgb565
jsimd_convsamp
jsimd_convsamp_float
jsimd_encode_mcu_AC_first_prepare
jsimd_encode_mcu_AC_refine_prepare
jsimd_fdct_float
jsimd_fdct_ifast
jsimd_fdct_islow
jsimd_h1v2_fancy_upsample
jsimd_h2v1_downsample
jsimd_h2v1_fancy_upsample
jsimd_h2v1_merged_upsample
jsimd_h2v1_upsample
jsimd_h2v2_downsample
jsimd_h2v2_fancy_upsample
jsimd_h2v2_merged_upsample
jsimd_h2v2_smooth_downsample
jsimd_h2v2_upsample
jsimd_huff_encode_one_block
jsimd_idct_12x12
jsimd_idct_2x2
jsimd_idct_4x4
jsimd_idct_6x6
jsimd_idct_float
jsimd_idct_ifast
jsimd_idct_islow
jsimd_int_upsample
jsimd_quantize
jsimd_quantize_float
jsimd_rgb_gray_convert
jsimd_rgb_ycc_convert
jsimd_ycc_rgb565_convert
jsimd_ycc_rgb_convert
jtransform_adjust_parameters
jtransform_execute_transform
jtransform_parse_crop_spec
jtransform_perfect_transform
jtransform_request_workspace
jzero_far
quantize_trellis
quantize_trellis_arith
sha224
sha224_final
sha224_init
sha224_update
sha256
sha256_final
sha256_init
sha256_update
sha384
sha384_final
sha384_init
sha384_update
sha512
sha512_final
sha512_init
sha512_update

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
api-ms-win-crt-convert-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b7:76:af:64:3c:3a:07:7d:9f:da:79:1f:81:6b:18:b9:39:e2:ef:f3:b5:1c:90:c6:35:e5:88:9d:89:72:c4:f1
Signer

Actual PE Digest

b7:76:af:64:3c:3a:07:7d:9f:da:79:1f:81:6b:18:b9:39:e2:ef:f3:b5:1c:90:c6:35:e5:88:9d:89:72:c4:f1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

Exports

__toascii
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_ecvt
_ecvt_s
_fcvt
_fcvt_s
_gcvt
_gcvt_s
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_itoa
_itoa_s
_itow
_itow_s
_ltoa
_ltoa_s
_ltow
_ltow_s
_strtod_l
_strtof_l
_strtoi64
_strtoi64_l
_strtoimax_l
_strtol_l
_strtold_l
_strtoll_l
_strtoui64
_strtoui64_l
_strtoul_l
_strtoull_l
_strtoumax_l
_ui64toa
_ui64toa_s
_ui64tow
_ui64tow_s
_ultoa
_ultoa_s
_ultow
_ultow_s
_wcstod_l
_wcstof_l
_wcstoi64
_wcstoi64_l
_wcstoimax_l
_wcstol_l
_wcstold_l
_wcstoll_l
_wcstombs_l
_wcstombs_s_l
_wcstoui64
_wcstoui64_l
_wcstoul_l
_wcstoull_l
_wcstoumax_l
_wctomb_l
_wctomb_s_l
_wtof
_wtof_l
_wtoi
_wtoi64
_wtoi64_l
_wtoi_l
_wtol
_wtol_l
_wtoll
_wtoll_l
atof
atoi
atol
atoll
btowc
c16rtomb
c32rtomb
mbrtoc16
mbrtoc32
mbrtowc
mbsrtowcs
mbsrtowcs_s
mbstowcs
mbstowcs_s
mbtowc
strtod
strtof
strtoimax
strtol
strtold
strtoll
strtoul
strtoull
strtoumax
wcrtomb
wcrtomb_s
wcsrtombs
wcsrtombs_s
wcstod
wcstof
wcstoimax
wcstol
wcstold
wcstoll
wcstombs
wcstombs_s
wcstoul
wcstoull
wcstoumax
wctob
wctomb
wctomb_s
wctrans

Sections

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-environment-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:9b:ff:b6:c0:ac:f5:45:02:48:d4:73:9b:0f:99:1d:30:7c:a1:7d:84:5e:11:03:23:1b:c9:5e:ef:1f:70:da
Signer

Actual PE Digest

6a:9b:ff:b6:c0:ac:f5:45:02:48:d4:73:9b:0f:99:1d:30:7c:a1:7d:84:5e:11:03:23:1b:c9:5e:ef:1f:70:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

Exports

__p__environ
__p__wenviron
_dupenv_s
_putenv
_putenv_s
_searchenv
_searchenv_s
_wdupenv_s
_wgetcwd
_wgetdcwd
_wgetenv
_wgetenv_s
_wputenv
_wputenv_s
_wsearchenv
_wsearchenv_s
getenv
getenv_s

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-heap-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a8:14:ee:50:89:13:81:c9:45:51:0d:35:ca:5c:e2:dd:4d:10:35:ad:3a:67:bf:66:fd:74:36:54:4a:af:9e:51
Signer

Actual PE Digest

a8:14:ee:50:89:13:81:c9:45:51:0d:35:ca:5c:e2:dd:4d:10:35:ad:3a:67:bf:66:fd:74:36:54:4a:af:9e:51

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

Exports

_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_callnewh
_calloc_base
_expand
_free_base
_get_heap_handle
_heapchk
_heapmin
_heapwalk
_malloc_base
_msize
_query_new_handler
_query_new_mode
_realloc_base
_recalloc
_set_new_mode
calloc
free
malloc
realloc

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-runtime-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:0f:10:3b:aa:da:af:0d:a9:e7:fa:b0:6d:f8:e3:44:20:d6:ce:b1:1c:2e:f6:a6:bd:2b:c6:2b:a0:88:c2:9b
Signer

Actual PE Digest

01:0f:10:3b:aa:da:af:0d:a9:e7:fa:b0:6d:f8:e3:44:20:d6:ce:b1:1c:2e:f6:a6:bd:2b:c6:2b:a0:88:c2:9b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

Exports

_Exit
__doserrno
__fpe_flt_rounds
__fpecode
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__pgmptr
__p__wcmdln
__p__wpgmptr
__pxcptinfoptrs
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__wcserror
__wcserror_s
_assert
_beginthread
_beginthreadex
_c_exit
_cexit
_clearfp
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_crt_at_quick_exit
_crt_atexit
_endthread
_endthreadex
_errno
_execute_onexit_table
_exit
_fpieee_flt
_fpreset
_get_doserrno
_get_errno
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_pgmptr
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_wide_winmain_command_line
_get_wpgmptr
_getdllprocaddr
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_query_app_type
_register_onexit_function
_register_thread_local_exe_atexit_callback
_resetstkoflw
_seh_filter_dll
_seh_filter_exe
_set_abort_behavior
_set_app_type
_set_controlfp
_set_doserrno
_set_errno
_set_error_mode
_set_invalid_parameter_handler
_set_new_handler
_set_thread_local_invalid_parameter_handler
_seterrormode
_sleep
_statusfp
_strerror
_strerror_s
_wassert
_wcserror
_wcserror_s
_wperror
_wsystem
abort
exit
feclearexcept
fegetenv
fegetexceptflag
fegetround
feholdexcept
fesetenv
fesetexceptflag
fesetround
fetestexcept
perror
quick_exit
raise
set_terminate
signal
strerror
strerror_s
system
terminate

Sections

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-stdio-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:90:56:13:39:89:97:be:1d:44:7b:50:cf:63:ee:50:1b:77:ac:72:86:d4:71:7b:03:9e:1e:ee:8a:96:72:f9
Signer

Actual PE Digest

02:90:56:13:39:89:97:be:1d:44:7b:50:cf:63:ee:50:1b:77:ac:72:86:d4:71:7b:03:9e:1e:ee:8a:96:72:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

Exports

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_chsize
_chsize_s
_close
_commit
_creat
_dup
_dup2
_eof
_fclose_nolock
_fcloseall
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_flushall
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_ftell_nolock
_ftelli64
_ftelli64_nolock
_fwrite_nolock
_get_fmode
_get_osfhandle
_get_printf_count_output
_get_stream_buffer_pointers
_getc_nolock
_getcwd
_getdcwd
_getmaxstdio
_getw
_getwc_nolock
_getws
_getws_s
_isatty
_kbhit
_locking
_lseek
_lseeki64
_mktemp
_mktemp_s
_open
_open_osfhandle
_pclose
_pipe
_popen
_putc_nolock
_putw
_putwc_nolock
_putws
_read
_rmtmp
_set_fmode
_set_printf_count_output
_setmaxstdio
_setmode
_sopen
_sopen_dispatch
_sopen_s
_tell
_telli64
_tempnam
_ungetc_nolock
_ungetwc_nolock
_wcreat
_wfdopen
_wfopen
_wfopen_s
_wfreopen
_wfreopen_s
_wfsopen
_wmktemp
_wmktemp_s
_wopen
_wpopen
_write
_wsopen
_wsopen_dispatch
_wsopen_s
_wtempnam
_wtmpnam
_wtmpnam_s
clearerr
clearerr_s
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetwc
fgetws
fopen
fopen_s
fputc
fputs
fputwc
fputws
fread
fread_s
freopen
freopen_s
fseek
fsetpos
ftell
fwrite
getc
getchar
gets
gets_s
getwc
getwchar
putc
putchar
puts
putwc
putwchar
rewind
setbuf
setvbuf
tmpfile
tmpfile_s
tmpnam
tmpnam_s
ungetc
ungetwc

Sections

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-string-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:67:b6:81:e6:4c:a3:73:ee:cf:db:de:a5:c3:d2:77:ec:57:26:00:5b:b1:d1:12:78:8c:d3:ff:4c:68:ef:f5
Signer

Actual PE Digest

ff:67:b6:81:e6:4c:a3:73:ee:cf:db:de:a5:c3:d2:77:ec:57:26:00:5b:b1:d1:12:78:8c:d3:ff:4c:68:ef:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

Exports

__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__strncnt
__wcsncnt
_isalnum_l
_isalpha_l
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_memccpy
_memicmp
_memicmp_l
_strcoll_l
_strdup
_stricmp
_stricmp_l
_stricoll
_stricoll_l
_strlwr
_strlwr_l
_strlwr_s
_strlwr_s_l
_strncoll
_strncoll_l
_strnicmp
_strnicmp_l
_strnicoll
_strnicoll_l
_strnset
_strnset_s
_strrev
_strset
_strset_s
_strupr
_strupr_l
_strupr_s
_strupr_s_l
_strxfrm_l
_tolower
_tolower_l
_toupper
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsdup
_wcsicmp
_wcsicmp_l
_wcsicoll
_wcsicoll_l
_wcslwr
_wcslwr_l
_wcslwr_s
_wcslwr_s_l
_wcsncoll
_wcsncoll_l
_wcsnicmp
_wcsnicmp_l
_wcsnicoll
_wcsnicoll_l
_wcsnset
_wcsnset_s
_wcsrev
_wcsset
_wcsset_s
_wcsupr
_wcsupr_l
_wcsupr_s
_wcsupr_s_l
_wcsxfrm_l
_wctype
is_wctype
isalnum
isalpha
isblank
iscntrl
isdigit
isgraph
isleadbyte
islower
isprint
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswblank
iswcntrl
iswctype
iswdigit
iswgraph
iswlower
iswprint
iswpunct
iswspace
iswupper
iswxdigit
isxdigit
mblen
mbrlen
memcpy_s
memmove_s
memset
strcat
strcat_s
strcmp
strcoll
strcpy
strcpy_s
strcspn
strlen
strncat
strncat_s
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
strtok
strtok_s
strxfrm
tolower
toupper
towctrans
towlower
towupper
wcscat
wcscat_s
wcscmp
wcscoll
wcscpy
wcscpy_s
wcscspn
wcslen
wcsncat
wcsncat_s
wcsncmp
wcsncpy
wcsncpy_s
wcsnlen
wcspbrk
wcsspn
wcstok
wcstok_s
wcsxfrm
wctype
wmemcpy_s
wmemmove_s

Sections

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-time-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5d:3c:75:05:49:f3:5b:7b:fa:83:0b:85:7d:ad:13:c6:b1:51:16:74:4e:5d:1d:d7:08:71:96:6f:cb:ec:3b:21
Signer

Actual PE Digest

5d:3c:75:05:49:f3:5b:7b:fa:83:0b:85:7d:ad:13:c6:b1:51:16:74:4e:5d:1d:d7:08:71:96:6f:cb:ec:3b:21

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

Exports

_Getdays
_Getmonths
_Gettnames
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__daylight
__dstbias
__timezone
__tzname
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_difftime32
_difftime64
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_futime32
_futime64
_get_daylight
_get_dstbias
_get_timezone
_get_tzname
_getsystime
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_localtime32
_localtime32_s
_localtime64
_localtime64_s
_mkgmtime32
_mkgmtime64
_mktime32
_mktime64
_setsystime
_strdate
_strdate_s
_strftime_l
_strtime
_strtime_s
_time32
_time64
_timespec32_get
_timespec64_get
_tzset
_utime32
_utime64
_wasctime
_wasctime_s
_wcsftime_l
_wctime32
_wctime32_s
_wctime64
_wctime64_s
_wstrdate
_wstrdate_s
_wstrtime
_wstrtime_s
_wutime32
_wutime64
asctime
asctime_s
clock
strftime
wcsftime

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
api-ms-win-crt-utility-l1-1-0.dll
.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:11

Not After

31-01-2024 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-07-2010 20:40

Not After

06-07-2025 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:0f:34:c8:0a:78:32:cc:e7:a2:34:5d:0e:78:a6:07:43:ef:59:f0:c3:a1:c3:d2:e2:b6:df:72:98:46:bc:be
Signer

Actual PE Digest

b8:0f:34:c8:0a:78:32:cc:e7:a2:34:5d:0e:78:a6:07:43:ef:59:f0:c3:a1:c3:d2:e2:b6:df:72:98:46:bc:be

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

Exports

_abs64
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_lfind
_lfind_s
_lrotl
_lrotr
_lsearch
_lsearch_s
_rotl
_rotl64
_rotr
_rotr64
_swab
abs
bsearch
bsearch_s
div
imaxabs
imaxdiv
labs
ldiv
llabs
lldiv
qsort
qsort_s
rand
rand_s
srand

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdu
libmmd.dll
.dll windows:6 windows x64 arch:x64

9c43e43594e158938562d221466190bd

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:6e:ec:20:a5:eb:ae:a9:75:bc:3b:77:d1:8f:d5:b8
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

02-05-2023 00:00

Not After

01-05-2024 23:59

Subject

SERIALNUMBER=2189074,CN=Intel Corporation,O=Intel Corporation,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8e:1f:c5:87:17:59:99:25:e0:d6:ab:81:d3:b3:33:87:e1:d2:31:03:6c:7c:5b:52:c3:cc:a9:35:d2:e9:a9:a0
Signer

Actual PE Digest

8e:1f:c5:87:17:59:99:25:e0:d6:ab:81:d3:b3:33:87:e1:d2:31:03:6c:7c:5b:52:c3:cc:a9:35:d2:e9:a9:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

libmmd.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetThreadLocale
LoadLibraryA
FormatMessageA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
WriteConsoleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
CloseHandle
CreateFileW

Exports

Exports

_LIB_VERSIONIMF
__acosdq
__acoshq
__acosq
__annuityq
__asindq
__asinhq
__asinq
__atan2dq
__atan2q
__atand2q
__atandq
__atanhq
__atanq
__bwr_acos
__bwr_acosd
__bwr_acosdf
__bwr_acosf
__bwr_acosh
__bwr_acoshf
__bwr_acospi
__bwr_acospif
__bwr_annuity
__bwr_annuityf
__bwr_asin
__bwr_asind
__bwr_asindf
__bwr_asinf
__bwr_asinh
__bwr_asinhf
__bwr_asinpi
__bwr_asinpif
__bwr_atan
__bwr_atan2
__bwr_atan2d
__bwr_atan2df
__bwr_atan2f
__bwr_atan2pi
__bwr_atan2pif
__bwr_atand
__bwr_atand2
__bwr_atand2f
__bwr_atandf
__bwr_atanf
__bwr_atanh
__bwr_atanhf
__bwr_atanpi
__bwr_atanpif
__bwr_cbrt
__bwr_cbrtf
__bwr_cdfnorminv
__bwr_cdfnorminvf
__bwr_ceil
__bwr_ceilf
__bwr_compound
__bwr_compoundf
__bwr_copysign
__bwr_copysignf
__bwr_cos
__bwr_cosd
__bwr_cosdf
__bwr_cosf
__bwr_cosh
__bwr_coshf
__bwr_cospi
__bwr_cospif
__bwr_cot
__bwr_cotd
__bwr_cotdf
__bwr_cotf
__bwr_erf
__bwr_erfc
__bwr_erfcf
__bwr_erfcx
__bwr_erfcxf
__bwr_erff
__bwr_erfinv
__bwr_erfinvf
__bwr_exp
__bwr_exp10
__bwr_exp10f
__bwr_exp2
__bwr_exp2f
__bwr_expf
__bwr_expm1
__bwr_expm1f
__bwr_fabs
__bwr_fabsf
__bwr_fdim
__bwr_fdimf
__bwr_floor
__bwr_floorf
__bwr_fma
__bwr_fmaf
__bwr_fmax
__bwr_fmaxf
__bwr_fmin
__bwr_fminf
__bwr_fmod
__bwr_fmodf
__bwr_frexp
__bwr_frexpf
__bwr_gamma
__bwr_gamma_r
__bwr_gammaf
__bwr_gammaf_r
__bwr_hypot
__bwr_hypotf
__bwr_ilogb
__bwr_ilogbf
__bwr_invsqrt
__bwr_invsqrtf
__bwr_j0
__bwr_j0f
__bwr_j1
__bwr_j1f
__bwr_jn
__bwr_jnf
__bwr_ldexp
__bwr_ldexpf
__bwr_lgamma
__bwr_lgamma_r
__bwr_lgammaf
__bwr_lgammaf_r
__bwr_llrint
__bwr_llrintf
__bwr_llround
__bwr_llroundf
__bwr_log
__bwr_log10
__bwr_log10f
__bwr_log1p
__bwr_log1pf
__bwr_log2
__bwr_log2f
__bwr_logb
__bwr_logbf
__bwr_logf
__bwr_lrint
__bwr_lrintf
__bwr_lround
__bwr_lroundf
__bwr_modf
__bwr_modff
__bwr_nearbyint
__bwr_nearbyintf
__bwr_nextafter
__bwr_nextafterf
__bwr_nexttoward
__bwr_nexttowardf
__bwr_pow
__bwr_pow2o3
__bwr_pow2o3f
__bwr_pow3o2
__bwr_pow3o2f
__bwr_powf
__bwr_powr
__bwr_powrf
__bwr_remainder
__bwr_remainderf
__bwr_remquo
__bwr_remquof
__bwr_rint
__bwr_rintf
__bwr_round
__bwr_roundf
__bwr_scalb
__bwr_scalbf
__bwr_scalbln
__bwr_scalblnf
__bwr_scalbn
__bwr_scalbnf
__bwr_significand
__bwr_significandf
__bwr_sin
__bwr_sincos
__bwr_sincosd
__bwr_sincosdf
__bwr_sincosf
__bwr_sincospi
__bwr_sincospif
__bwr_sind
__bwr_sindf
__bwr_sinf
__bwr_sinh
__bwr_sinhcosh
__bwr_sinhcoshf
__bwr_sinhf
__bwr_sinpi
__bwr_sinpif
__bwr_sqrt
__bwr_sqrtf
__bwr_tan
__bwr_tand
__bwr_tandf
__bwr_tanf
__bwr_tanh
__bwr_tanhf
__bwr_tanpi
__bwr_tanpif
__bwr_tgamma
__bwr_tgammaf
__bwr_trunc
__bwr_truncf
__bwr_y0
__bwr_y0f
__bwr_y1
__bwr_y1f
__bwr_yn
__bwr_ynf
__cabsq
__cacoshq
__cacosq
__cargq
__casinhq
__casinq
__catanhq
__catanq
__cbrtq
__ccoshq
__ccosq
__ceilq
__cexp10q
__cexp2q
__cexpm1q
__cexpq
__cimagq
__cisdq
__cisq
__clog10q
__clog1pq
__clog2q
__clog_f90
__clogf_f90
__clogq
__clogq_f90
__compoundq
__conjq
__copysignq
__cosdq
__coshq
__cosq
__cotdq
__cotq
__cpowq
__cprojq
__crealq
__csinhq
__csinq
__csqrt_f90
__csqrtf_f90
__csqrtq
__csqrtq_f90
__ctanhq
__ctanq
__dremq
__erfcq
__erfcxq
__erfq
__exp10q
__exp2q
__expm1q
__expq
__fabsq
__fdimq
__finite
__finited
__finitef
__finitel
__floorq
__fmaq
__fmaxq
__fminq
__fmodq
__fpclassify
__fpclassifyd
__fpclassifyf
__fpclassifyl
__fpclassifyq
__frexpq
__gammaq
__gammaq_r
__hypotq
__ilogbq
__invsqrtq
__isfinite
__isfinited
__isfinitef
__isfinitel
__isfiniteq
__isgreater
__isgreaterequal
__isgreaterequalf
__isgreaterequall
__isgreaterequalq
__isgreaterf
__isgreaterl
__isgreaterq
__isinf
__isinfd
__isinff
__isinfl
__isinfq
__isless
__islessequal
__islessequalf
__islessequall
__islessequalq
__islessf
__islessgreater
__islessgreaterf
__islessgreaterl
__islessgreaterq
__islessl
__islessq
__isnan
__isnand
__isnanf
__isnanl
__isnanq
__isnormal
__isnormald
__isnormalf
__isnormall
__isnormalq
__isunordered
__isunorderedf
__isunorderedl
__isunorderedq
__j0q
__j1q
__jnq
__ldexpq
__lgammaq
__lgammaq_r
__libm128_nexttoward128
__libm128_nexttoward128f
__libm128_nexttoward128l
__libm_f_pow2i
__libm_f_powc16i8
__libm_f_powc32i8
__libm_f_powc8i8
__libm_f_powcc
__libm_f_powci
__libm_f_powdd
__libm_f_powdi
__libm_f_powi8i4
__libm_f_powi8i8
__libm_f_powii
__libm_f_powji
__libm_f_powr16i8
__libm_f_powr4i8
__libm_f_powr8i8
__libm_f_powri
__libm_f_powrr
__libm_f_powzi
__libm_f_powzz
__libm_flt_rounds
__libm_logl
__libm_nexttoward64
__libm_nexttoward64f
__libm_nexttoward64l
__libm_pow_bb
__libm_pow_cc_val
__libm_pow_ci
__libm_pow_ci_val
__libm_pow_cr_val
__libm_pow_dd
__libm_pow_di_val
__libm_pow_dz_val
__libm_pow_hh
__libm_pow_ii_val
__libm_pow_rc_val
__libm_pow_ri_val
__libm_pow_zd_val
__libm_pow_zi_val
__libm_pow_zz_val
__libm_setusermatherr
__libm_setusermatherrf
__libm_setusermatherrl
__libm_sse2_sincos
__libm_sse2_sincosf
__llrintq
__llroundq
__log10q
__log1pq
__log2q
__logbq
__logq
__lrintq
__lroundq
__modfq
__nanq
__nearbyintq
__nextafterq
__nexttowardq
__nintq
__pow_eq
__powc16i4
__powc16i8
__powc32i4
__powc32i8
__powc8i4
__powc8i8
__powi4i4
__powi8i8
__powi_eq
__powiq
__powq
__powr10i4
__powr10i8
__powr16i4
__powr16i8
__powr4i4
__powr4i8
__powr8i4
__powr8i8
__remainderq
__remquoq
__rintq
__roundq
__rsqrtq
__scalblnq
__scalbnq
__scalbq
__signbit
__signbitd
__signbitf
__signbitl
__signbitq
__signgamq
__significandq
__sincosdq
__sincosq
__sindq
__sinhcoshq
__sinhq
__sinq
__sqrtq
__tandq
__tanhq
__tanq
__tgammaq
__truncq
__y0q
__y1q
__ynq
acos
acosd
acosdf
acosdf16
acosdl
acosf
acosf16
acosh
acoshf
acoshf16
acoshl
acosl
acospi
acospif
acospif16
annuity
annuityf
annuityf16
annuityl
asin
asind
asindf
asindf16
asindl
asinf
asinf16
asinh
asinhf
asinhf16
asinhl
asinl
asinpi
asinpif
asinpif16
atan
atan2
atan2d
atan2df
atan2df16
atan2dl
atan2f
atan2f16
atan2l
atan2pi
atan2pif
atan2pif16
atand
atand2
atand2f
atand2l
atandf
atandf16
atandl

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pdq
vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:1b:05:a2:b2:f0:a6:12:61:97:88:cb:ee:0e:ee:3a:79:f9:ca:91:b1:c4:cc:82:09:1d:a1:88:ba:51:d8:d0
Signer

Actual PE Digest

e7:1b:05:a2:b2:f0:a6:12:61:97:88:cb:ee:0e:ee:3a:79:f9:ca:91:b1:c4:cc:82:09:1d:a1:88:ba:51:d8:d0

Digest Algorithm

sha256

PE Digest Matches

true

e7:1b:05:a2:b2:f0:a6:12:61:97:88:cb:ee:0e:ee:3a:79:f9:ca:91:b1:c4:cc:82:09:1d:a1:88:ba:51:d8:d0
Signer

Actual PE Digest

e7:1b:05:a2:b2:f0:a6:12:61:97:88:cb:ee:0e:ee:3a:79:f9:ca:91:b1:c4:cc:82:09:1d:a1:88:ba:51:d8:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fothk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02a74d7a9b3b884417c13378a220e2d9

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

d8:c7:04:34:83:3e:02:90:65:0b:14:89:3f:1f:92:39Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

2c:96:10:2c:09:ae:73:d0:24:15:40:7e:79:75:df:ff:39:ef:fe:f8:73:66:47:4d:c5:7a:54:80:96:52:cd:beSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.fcley Size: - Virtual size: 8.0MB

.wsrac Size: - Virtual size: 3.8MB

.ydhxo Size: - Virtual size: 2.9MB

.vpbqr Size: - Virtual size: 2KB

.xqulk Size: - Virtual size: 584KB

.qthbz Size: - Virtual size: 1.0MB

.hyetc Size: 4KB - Virtual size: 40B

.rknzgq Size: - Virtual size: 30KB

.aciflm Size: - Virtual size: 37KB

.gmaniq Size: 556KB - Virtual size: 553KB

.ewxhg Size: 716KB - Virtual size: 716KB

.ljdng Size: 4KB - Virtual size: 4KB

.iwjexf Size: 232KB - Virtual size: 232KB

.myaeib Size: 52KB - Virtual size: 60KB

.sndrw Size: 5.3MB - Virtual size: 5.3MB

.cuyl Size: 1.7MB - Virtual size: 1.7MB

16f0b636d9f9e9cf640f540e16ccb4f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

libmmd

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 157KB - Virtual size: 156KB

.data Size: 41KB - Virtual size: 66KB

.pdata Size: 28KB - Virtual size: 28KB

.00cfg Size: 512B - Virtual size: 56B

_RDATA Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

d8:c7:04:34:83:3e:02:90:65:0b:14:89:3f:1f:92:39
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

2c:96:10:2c:09:ae:73:d0:24:15:40:7e:79:75:df:ff:39:ef:fe:f8:73:66:47:4d:c5:7a:54:80:96:52:cd:be
Signer

.fcley
Size: - Virtual size: 8.0MB

.wsrac
Size: - Virtual size: 3.8MB

.ydhxo
Size: - Virtual size: 2.9MB

.vpbqr
Size: - Virtual size: 2KB

.xqulk
Size: - Virtual size: 584KB

.qthbz
Size: - Virtual size: 1.0MB

.hyetc
Size: 4KB - Virtual size: 40B

.rknzgq
Size: - Virtual size: 30KB

.aciflm
Size: - Virtual size: 37KB

.gmaniq
Size: 556KB - Virtual size: 553KB

.ewxhg
Size: 716KB - Virtual size: 716KB

.ljdng
Size: 4KB - Virtual size: 4KB

.iwjexf
Size: 232KB - Virtual size: 232KB

.myaeib
Size: 52KB - Virtual size: 60KB

.sndrw
Size: 5.3MB - Virtual size: 5.3MB

.cuyl
Size: 1.7MB - Virtual size: 1.7MB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 157KB - Virtual size: 156KB

.data
Size: 41KB - Virtual size: 66KB

.pdata
Size: 28KB - Virtual size: 28KB

.00cfg
Size: 512B - Virtual size: 56B

_RDATA
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

b7:76:af:64:3c:3a:07:7d:9f:da:79:1f:81:6b:18:b9:39:e2:ef:f3:b5:1c:90:c6:35:e5:88:9d:89:72:c4:f1
Signer

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

6a:9b:ff:b6:c0:ac:f5:45:02:48:d4:73:9b:0f:99:1d:30:7c:a1:7d:84:5e:11:03:23:1b:c9:5e:ef:1f:70:da
Signer

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

a8:14:ee:50:89:13:81:c9:45:51:0d:35:ca:5c:e2:dd:4d:10:35:ad:3a:67:bf:66:fd:74:36:54:4a:af:9e:51
Signer

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

01:0f:10:3b:aa:da:af:0d:a9:e7:fa:b0:6d:f8:e3:44:20:d6:ce:b1:1c:2e:f6:a6:bd:2b:c6:2b:a0:88:c2:9b
Signer

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: - Virtual size: 128B

.rsrc
Size: 4KB - Virtual size: 1008B

33:00:00:04:fe:59:ca:b7:e6:2a:a5:22:c1:00:00:00:00:04:fe
Certificate