lnjеctor[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

lnjеctor.zip
Size

6.7MB
MD5

f1048b4abd30fdee4f59b6a2d9e50a1a
SHA1

87e9413cfbb16f4095df43d697926fd868ac06be
SHA256

b07adbbd5e87634c409930dbf50404cb5bba545aeec422d8e725bdcb051c5212
SHA512

3467998f0bb3005c203709110af63a6e27ea7159a5971af25cbce3483b2eaef38af3c46f0a629622a1564db0bf5a737f1884d487fbf49e453b69330635465d5b
SSDEEP

196608:+CViPgM9U74lsL/vIKVsjUlQXBnAvm6d2sKjHRY:JzEONgUlinAvHpF

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Macro/v8/GZFlashingFix by alferov.asi
unpack001/Macro/v8/lua51.dll
unpack001/Resource/ahk/script/iediagcmd.exe

Files

lnjеctor.zip
.zip
LICENSE/commandline/ipccommon.dll
.dll windows:6 windows x86 arch:x86

d0a9b0668fbe668ab78fdf99f06fc8f4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5d:b9:7e:57:64:97:b7:84:f0:22:78:27:eb:83:18:73:b0:e9:3f:2a:54:0b:f5:a3:e5:7d:fc:04:80:29:49:26
Signer

Actual PE Digest

5d:b9:7e:57:64:97:b7:84:f0:22:78:27:eb:83:18:73:b0:e9:3f:2a:54:0b:f5:a3:e5:7d:fc:04:80:29:49:26

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dvs\p4\build\sw\rel\gfclient\rel_03_28\shadowplay2\common\ipcwrapper\win7_x86_release\ipccommon.pdb

Imports

shell32

SHGetFolderPathA

advapi32

RevertToSelf
RegGetValueW
SetThreadToken
OpenThreadToken
AllocateAndInitializeSid
CreateRestrictedToken
CreateWellKnownSid
FreeSid
GetSecurityDescriptorDacl
ImpersonateSelf
InitializeSecurityDescriptor
SetEntriesInAclA
SetSecurityDescriptorDacl
GetUserNameA
GetUserNameW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW

user32

LoadStringW

libprotobuf

?SetFloat@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@M@Z
?SetInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@H@Z
?SetInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_J@Z
?SetRepeatedBool@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@H_N@Z
?SetRepeatedDouble@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HN@Z
?SetRepeatedEnum@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HPBVEnumValueDescriptor@34@@Z
?SetRepeatedFloat@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HM@Z
?SetRepeatedInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HH@Z
?SetRepeatedInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@H_J@Z
?SetRepeatedString@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetRepeatedUInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HI@Z
?SetRepeatedUInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@H_K@Z
?SetString@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetUInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@I@Z
?SetUInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_K@Z
?SpaceUsed@GeneratedMessageReflection@internal@protobuf@google@@UBEHABVMessage@34@@Z
?SpaceUsed@Message@protobuf@google@@UBEHXZ
?Swap@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@0@Z
?SwapElements@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@HH@Z
?SwapFields@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@0ABV?$vector@PBVFieldDescriptor@protobuf@google@@V?$allocator@PBVFieldDescriptor@protobuf@google@@@std@@@std@@@Z
??_7FunctionClosure0@internal@protobuf@google@@6B@
?SetAllocatedMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@0PBVFieldDescriptor@34@@Z
?RemoveLast@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@@Z
?ReleaseMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVMessage@34@PAV534@PBVFieldDescriptor@34@PAVMessageFactory@34@@Z
?ReleaseLast@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVMessage@34@PAV534@PBVFieldDescriptor@34@@Z
?MutableUnknownFields@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVUnknownFieldSet@34@PAVMessage@34@@Z
?MutableRepeatedMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVMessage@34@PAV534@PBVFieldDescriptor@34@H@Z
?MutableRawRepeatedField@GeneratedMessageReflection@internal@protobuf@google@@MBEPAXPAVMessage@34@PBVFieldDescriptor@34@W4CppType@634@HPBVDescriptor@34@@Z
?MutableMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVMessage@34@PAV534@PBVFieldDescriptor@34@PAVMessageFactory@34@@Z
?ListFields@GeneratedMessageReflection@internal@protobuf@google@@UBEXABVMessage@34@PAV?$vector@PBVFieldDescriptor@protobuf@google@@V?$allocator@PBVFieldDescriptor@protobuf@google@@@std@@@std@@@Z
?InitializationErrorString@Message@protobuf@google@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?HasOneof@GeneratedMessageReflection@internal@protobuf@google@@UBE_NABVMessage@34@PBVOneofDescriptor@34@@Z
?HasField@GeneratedMessageReflection@internal@protobuf@google@@UBE_NABVMessage@34@PBVFieldDescriptor@34@@Z
?GetUnknownFields@GeneratedMessageReflection@internal@protobuf@google@@UBEABVUnknownFieldSet@34@ABVMessage@34@@Z
?GetUInt64@GeneratedMessageReflection@internal@protobuf@google@@UBE_KABVMessage@34@PBVFieldDescriptor@34@@Z
?GetUInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEIABVMessage@34@PBVFieldDescriptor@34@@Z
?GetTypeName@Message@protobuf@google@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetStringReference@GeneratedMessageReflection@internal@protobuf@google@@UBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVMessage@34@PBVFieldDescriptor@34@PAV56@@Z
?GetString@GeneratedMessageReflection@internal@protobuf@google@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVMessage@34@PBVFieldDescriptor@34@@Z
?GetRepeatedUInt64@GeneratedMessageReflection@internal@protobuf@google@@UBE_KABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedUInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEIABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedStringReference@GeneratedMessageReflection@internal@protobuf@google@@UBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVMessage@34@PBVFieldDescriptor@34@HPAV56@@Z
?GetRepeatedString@GeneratedMessageReflection@internal@protobuf@google@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEABVMessage@34@ABV534@PBVFieldDescriptor@34@H@Z
?GetRepeatedInt64@GeneratedMessageReflection@internal@protobuf@google@@UBE_JABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEHABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedFloat@GeneratedMessageReflection@internal@protobuf@google@@UBEMABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedEnum@GeneratedMessageReflection@internal@protobuf@google@@UBEPBVEnumValueDescriptor@34@ABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedDouble@GeneratedMessageReflection@internal@protobuf@google@@UBENABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetRepeatedBool@GeneratedMessageReflection@internal@protobuf@google@@UBE_NABVMessage@34@PBVFieldDescriptor@34@H@Z
?GetReflection@Message@protobuf@google@@UBEPBVReflection@23@XZ
?GetOneofFieldDescriptor@GeneratedMessageReflection@internal@protobuf@google@@UBEPBVFieldDescriptor@34@ABVMessage@34@PBVOneofDescriptor@34@@Z
?GetMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEABVMessage@34@ABV534@PBVFieldDescriptor@34@PAVMessageFactory@34@@Z
?GetInt64@GeneratedMessageReflection@internal@protobuf@google@@UBE_JABVMessage@34@PBVFieldDescriptor@34@@Z
?GetInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEHABVMessage@34@PBVFieldDescriptor@34@@Z
?GetFloat@GeneratedMessageReflection@internal@protobuf@google@@UBEMABVMessage@34@PBVFieldDescriptor@34@@Z
?GetEnum@GeneratedMessageReflection@internal@protobuf@google@@UBEPBVEnumValueDescriptor@34@ABVMessage@34@PBVFieldDescriptor@34@@Z
?GetDouble@GeneratedMessageReflection@internal@protobuf@google@@UBENABVMessage@34@PBVFieldDescriptor@34@@Z
?GetBool@GeneratedMessageReflection@internal@protobuf@google@@UBE_NABVMessage@34@PBVFieldDescriptor@34@@Z
?FindKnownExtensionByNumber@GeneratedMessageReflection@internal@protobuf@google@@UBEPBVFieldDescriptor@34@H@Z
?FindKnownExtensionByName@GeneratedMessageReflection@internal@protobuf@google@@UBEPBVFieldDescriptor@34@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FieldSize@GeneratedMessageReflection@internal@protobuf@google@@UBEHABVMessage@34@PBVFieldDescriptor@34@@Z
?DiscardUnknownFields@Message@protobuf@google@@UAEXXZ
?ClearOneof@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVOneofDescriptor@34@@Z
?ClearField@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@@Z
?CheckTypeAndMergeFrom@Message@protobuf@google@@UAEXABVMessageLite@23@@Z
?SetDouble@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@N@Z
?AddUInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@I@Z
?AddString@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?AddMessage@GeneratedMessageReflection@internal@protobuf@google@@UBEPAVMessage@34@PAV534@PBVFieldDescriptor@34@PAVMessageFactory@34@@Z
?AddInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_J@Z
?AddInt32@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@H@Z
?AddFloat@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@M@Z
?AddEnum@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@PBVEnumValueDescriptor@34@@Z
?AddDouble@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@N@Z
?AddBool@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_N@Z
?VerifyUTF8StringFallback@WireFormat@internal@protobuf@google@@CAXPBDHW4Operation@1234@0@Z
?ComputeUnknownFieldsSize@WireFormat@internal@protobuf@google@@SAHABVUnknownFieldSet@34@@Z
?SerializeUnknownFieldsToArray@WireFormat@internal@protobuf@google@@SAPAEABVUnknownFieldSet@34@PAE@Z
?SerializeUnknownFields@WireFormat@internal@protobuf@google@@SAXABVUnknownFieldSet@34@PAVCodedOutputStream@io@34@@Z
?SkipField@WireFormat@internal@protobuf@google@@SA_NPAVCodedInputStream@io@34@IPAVUnknownFieldSet@34@@Z
?Merge@ReflectionOps@internal@protobuf@google@@SAXABVMessage@34@PAV534@@Z
??1GeneratedMessageReflection@internal@protobuf@google@@UAE@XZ
??0GeneratedMessageReflection@internal@protobuf@google@@QAE@PBVDescriptor@23@PBVMessage@23@QBHHHHPBVDescriptorPool@23@PAVMessageFactory@23@H@Z
?BytesSize@WireFormatLite@internal@protobuf@google@@SAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?StringSize@WireFormatLite@internal@protobuf@google@@SAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteBoolToArray@WireFormatLite@internal@protobuf@google@@SAPAEH_NPAE@Z
?WriteEnumNoTagToArray@WireFormatLite@internal@protobuf@google@@SAPAEHPAE@Z
?WriteMessageMaybeToArray@WireFormatLite@internal@protobuf@google@@SAXHABVMessageLite@34@PAVCodedOutputStream@io@34@@Z
?WriteBytesMaybeAliased@WireFormatLite@internal@protobuf@google@@SAXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVCodedOutputStream@io@34@@Z
?WriteStringMaybeAliased@WireFormatLite@internal@protobuf@google@@SAXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVCodedOutputStream@io@34@@Z
?WriteEnum@WireFormatLite@internal@protobuf@google@@SAXHHPAVCodedOutputStream@io@34@@Z
?WriteBool@WireFormatLite@internal@protobuf@google@@SAXH_NPAVCodedOutputStream@io@34@@Z
?WriteUInt32@WireFormatLite@internal@protobuf@google@@SAXHIPAVCodedOutputStream@io@34@@Z
?ReadBytes@WireFormatLite@internal@protobuf@google@@SA_NPAVCodedInputStream@io@34@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ReadString@WireFormatLite@internal@protobuf@google@@SA_NPAVCodedInputStream@io@34@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?VarintSize32Fallback@CodedOutputStream@io@protobuf@google@@CAHI@Z
?WriteVarint32FallbackToArray@CodedOutputStream@io@protobuf@google@@CAPAEIPAE@Z
?WriteTagToArray@CodedOutputStream@io@protobuf@google@@SAPAEIPAE@Z
?WriteStringWithSizeToArray@CodedOutputStream@io@protobuf@google@@SAPAEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAE@Z
?PopLimit@CodedInputStream@io@protobuf@google@@QAEXH@Z
?PushLimit@CodedInputStream@io@protobuf@google@@QAEHH@Z
?ExpectAtEnd@CodedInputStream@io@protobuf@google@@QAE_NXZ
?ExpectTag@CodedInputStream@io@protobuf@google@@QAE_NI@Z
?ReadTagWithCutoff@CodedInputStream@io@protobuf@google@@QAE?AU?$pair@I_N@std@@I@Z
?ReadVarint64@CodedInputStream@io@protobuf@google@@QAE_NPA_K@Z
?ReadVarint32@CodedInputStream@io@protobuf@google@@QAE_NPAI@Z
?ClearFallback@UnknownFieldSet@protobuf@google@@AAEXXZ
?AddVarint@UnknownFieldSet@protobuf@google@@QAEXH_K@Z
?Swap@UnknownFieldSet@protobuf@google@@QAEXPAV123@@Z
?MergeFrom@UnknownFieldSet@protobuf@google@@QAEXABV123@@Z
?empty@UnknownFieldSet@protobuf@google@@QBE_NXZ
??1UnknownFieldSet@protobuf@google@@QAE@XZ
??0UnknownFieldSet@protobuf@google@@QAE@XZ
?Swap@RepeatedPtrFieldBase@internal@protobuf@google@@IAEXPAV1234@@Z
?Reserve@RepeatedPtrFieldBase@internal@protobuf@google@@IAEXH@Z
?InternalRegisterGeneratedMessage@MessageFactory@protobuf@google@@SAXPBVDescriptor@23@PBVMessage@23@@Z
?InternalRegisterGeneratedFile@MessageFactory@protobuf@google@@SAXPBDP6AXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?generated_factory@MessageFactory@protobuf@google@@SAPAV123@XZ
??1Message@protobuf@google@@UAE@XZ
?InternalAddGeneratedFile@DescriptorPool@protobuf@google@@SAXPBXH@Z
?FindFileByName@DescriptorPool@protobuf@google@@QBEPBVFileDescriptor@23@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?generated_pool@DescriptorPool@protobuf@google@@SAPBV123@XZ
?GetEmptyString@internal@protobuf@google@@YAABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GoogleOnceInitImpl@protobuf@google@@YAXPAHPAVClosure@12@@Z
?OnShutdown@internal@protobuf@google@@YAXP6AXXZ@Z
??1FunctionClosure0@internal@protobuf@google@@UAE@XZ
??4LogFinisher@internal@protobuf@google@@QAEXAAVLogMessage@123@@Z
??6LogMessage@internal@protobuf@google@@QAEAAV0123@PBD@Z
??1LogMessage@internal@protobuf@google@@QAE@XZ
??0LogMessage@internal@protobuf@google@@QAE@W4LogLevel@23@PBDH@Z
?VerifyVersion@internal@protobuf@google@@YAXHHPBD@Z
?SerializeToString@MessageLite@protobuf@google@@QBE_NPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ParseFromArray@MessageLite@protobuf@google@@QAE_NPBXH@Z
?GetEmptyStringAlreadyInited@internal@protobuf@google@@YAABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?AddUInt64@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_K@Z
?SetBool@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@_N@Z
?SetEnum@GeneratedMessageReflection@internal@protobuf@google@@UBEXPAVMessage@34@PBVFieldDescriptor@34@PBVEnumValueDescriptor@34@@Z

kernel32

DecodePointer
SetEndOfFile
ReadConsoleW
ReadFile
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetConsoleCtrlHandler
OutputDebugStringW
MultiByteToWideChar
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
GetLastError
InitializeSListHead
GetSystemTimeAsFileTime
TerminateProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
CreateEventW
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
GetTickCount64
InitOnceExecuteOnce
SetErrorMode
GetErrorMode
VerifyVersionInfoW
lstrcmpW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
GetSystemDirectoryW
CreateProcessW
CreateProcessA
GetCurrentProcess
GetFullPathNameW
GetFileAttributesW
CreateFileW
ExpandEnvironmentStringsW
VerSetConditionMask
MoveFileExA
CopyFileA
LocalFree
LocalAlloc
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocalTime
GetCurrentThreadId
GetCurrentThread
OutputDebugStringA
WriteFile
GetFinalPathNameByHandleA
GetFileSizeEx
GetFileAttributesA
DeleteFileA
CreateFileA
CreateDirectoryA
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
SetLastError
WaitForMultipleObjects
GetCurrentProcessId
CreateEventA
ResetEvent
SetEvent
CloseHandle

Exports

Exports

CreateIpcClient
CreateIpcProxyInterface

Sections

.text
Size: 608KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LICENSE/edr/NvBackendAPI32.dll
.dll windows:6 windows x86 arch:x86

c90e061bd7d84bd9062d1cbb8595942e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:b4:f3:60:f7:81:f6:88:e3:80:b7:8e:b5:2f:63:6c:c8:ff:76:f5:c4:52:67:fe:73:c4:76:52:c7:a0:21:9f
Signer

Actual PE Digest

99:b4:f3:60:f7:81:f6:88:e3:80:b7:8e:b5:2f:63:6c:c8:ff:76:f5:c4:52:67:fe:73:c4:76:52:c7:a0:21:9f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dvs\p4\build\sw\rel\gfclient\rel_03_28\backend\build\bin\Win32\Release\NvBackendAPI32.pdb

Imports

advapi32

OpenServiceW
StartServiceW
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
SetSecurityDescriptorDacl
SetEntriesInAclW
ConvertStringSidToSidW
GetTokenInformation
OpenProcessToken
InitializeSecurityDescriptor
SetSecurityDescriptorOwner

kernel32

ProcessIdToSessionId
MapViewOfFile
VirtualQuery
FileTimeToSystemTime
UnmapViewOfFile
GetLastError
Sleep
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OpenFileMappingW
WriteConsoleW
WaitForSingleObject
OpenEventW
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
SetEvent
ResetEvent
CreateEventW
lstrlenA
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FormatMessageW
LocalFree
GetNativeSystemInfo
GetVersionExW
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetTickCount
FindClose
FindNextFileW
CreateFileA
WaitNamedPipeA
FlushFileBuffers
DisconnectNamedPipe
ConnectNamedPipe
WaitForMultipleObjects
GetOverlappedResult
CancelIo
GetCurrentProcess
CreateNamedPipeA
GetStringTypeW
TryEnterCriticalSection
GetCurrentThreadId
FindFirstFileExW
SetLastError
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
VirtualAlloc
VirtualProtect
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
RtlUnwind
RaiseException
ExitThread
ResumeThread
GetModuleHandleExW
ExitProcess
HeapAlloc
HeapFree
GetStdHandle
GetFileType
HeapReAlloc
GetFileSizeEx
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize

ws2_32

listen
htons
connect
closesocket
shutdown
accept
send
recv
WSAStartup
WSACleanup
select
__WSAFDIsSet
getsockname
WSACloseEvent
htonl
getsockopt
WSAResetEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
setsockopt
socket
gethostbyname
inet_addr
WSAGetLastError
ioctlsocket
bind
WSACreateEvent

Exports

Exports

AddFeedback
AddFeedback_5
Application_FreeFeatureStates
Application_FreeTranslation
Application_GetFeatureStates
Application_GetSettingsSpace_2
Application_GetSliderSettings
Application_GetState_4
Application_GetTranslation
Application_Launch
Application_OptimizeForSDK
Application_RegisterStateChangedCallback
Application_RevertOPS
Application_SetBattery
Application_SetSettings
Application_ShouldReportTelemetry
Application_UnregisterStateChangedCallback
ClaimLicense
EasyAPIDeinit
EasyAPIInit
EnsureThatBackendIsRunning
FRLGetState
FRLSetState
FreeApplication
FreeApplicationState_4
FreeApplications
FreeDriverUpdates
FreeFeatureSupportState
FreeKeyValueFieldArray
FreeQuietMode2FeatureSupportState
FreeSYSTEMTIME
FreeSettingsSpace_2
FreeSignGPUIDOutput
FreeSliderSettings
FreeSupportedApplications
GetApplicationByImagePath
GetApplications
GetBatteryBoost2State
GetBatteryBoost2SupportState
GetBatteryBoostFRLState
GetDaemonVersion
GetDeepDVCState
GetDriverUpdates
GetEnableAutomaticDriverDownload
GetGRDEditorPreviewMode
GetGlobalConfigurationSettings
GetHardwareInformation
GetHardwareInformation_2
GetLastApplicationScanTime
GetNIS2State
GetPerformanceModeState
GetPerformanceModeSupportState
GetQuietMode2State
GetQuietMode2SupportState
GetQuietModeFRLState
GetQuietModeState
GetQuietModeSupportState
GetSignedGPUID
GetSupportedApplications_2
GetUserDriverTypePreference
IsFRLSupported
LauncherPid_Get
NVBAPI_MigratePreGalaxSettings
NVBAPI_Streaming_FreeInterface_1
NVBAPI_Streaming_FreeInterface_10
NVBAPI_Streaming_FreeInterface_2
NVBAPI_Streaming_FreeInterface_3
NVBAPI_Streaming_FreeInterface_4
NVBAPI_Streaming_FreeInterface_5
NVBAPI_Streaming_FreeInterface_6
NVBAPI_Streaming_FreeInterface_7
NVBAPI_Streaming_FreeInterface_8
NVBAPI_Streaming_FreeInterface_9
NVBAPI_Streaming_GetInterface_1
NVBAPI_Streaming_GetInterface_2
NotifyExperimentalFeaturesChange
NotifyUiLanguageChange
NotifyUserIdChange
RefreshApplicationsState
RegisterApplicationListChangeCallbacks_2
RegisterApplicationScanProgressCallback_2
RegisterBatteryBoost2StateCallback
RegisterDriverUpdateCheckProgressCallbacks
RegisterNIS2StateCallback
RegisterNvBackendReadyCallback
RegisterPerformanceModeStateCallback
RegisterPerformanceModeSupportStateCallback
RegisterQuietMode2StateCallback
RegisterQuietMode2SupportStateCallback
RegisterQuietModeStateCallback
RegisterQuietModeSupportStateCallback
RegisterRewardsCheckProgressCallbacks
ScanAndCheckUpdates
ScanAndCheckUpdates_2
ScrubApplications
SearchPaths_Add
SearchPaths_Free
SearchPaths_Get_2
SearchPaths_Remove
SetBatteryBoost2State
SetBatteryBoostFRLState
SetDeepDVCState
SetEnableAutomaticDriverDownload
SetGFWSLUrl
SetGlobalConfigurationSettings
SetJarvisUrl
SetNIS2State
SetOOTBStatus
SetPerformanceModeState
SetQuietMode2State
SetQuietModeFRLState
SetQuietModeState
SetUserDriverTypePreference
StartDriverUpdatesCheck
UnRegisterBatteryBoost2StateCallback
UnregisterApplicationListChangeCallbacks
UnregisterApplicationScanProgressCallback
UnregisterDriverUpdateCheckProgressCallbacks
UnregisterNIS2StateCallback
UnregisterNvBackendReadyCallback
UnregisterPerformanceModeStateCallback
UnregisterPerformanceModeSupportStateCallback
UnregisterQuietMode2StateCallback
UnregisterQuietMode2SupportStateCallback
UnregisterQuietModeStateCallback
UnregisterQuietModeSupportStateCallback
UnregisterRewardsCheckProgressCallbacks
VOPS_FreePath
VOPS_GetPath_2
VOPS_GetStatus
VOPS_RegisterCallback
VOPS_UnregisterCallback

Sections

.text
Size: 629KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LICENSE/edr/dxwebsetup.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:ba:f7:87:7a:93:e9:f2:77:9a:d0:d8:84:ae:dd:db:7d:05:48:fb
Signer

Actual PE Digest

25:ba:f7:87:7a:93:e9:f2:77:9a:d0:d8:84:ae:dd:db:7d:05:48:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LICENSE/winfoirms/nvspapix.dll
.dll windows:6 windows x86 arch:x86

8ff3daa5d7e4a8f3e092102aa2d6a3f5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f1:75:1f:1b:09:c9:d9:ec:68:f6:69:46:a5:39:63:32:29:f0:f6:52:1d:66:69:5d:e8:e4:e5:c8:59:de:ce:d1
Signer

Actual PE Digest

f1:75:1f:1b:09:c9:d9:ec:68:f6:69:46:a5:39:63:32:29:f0:f6:52:1d:66:69:5d:e8:e4:e5:c8:59:de:ce:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dvs\p4\build\sw\rel\gfclient\rel_03_28\shadowplayx\api\win7_x86_release\nvspapix.pdb

Imports

shell32

SHGetFolderPathA
SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoTaskMemFree

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
SysAllocString
GetErrorInfo
VariantCopy
SetErrorInfo
CreateErrorInfo

advapi32

SetSecurityDescriptorDacl
ConvertStringSidToSidW
OpenSCManagerA
CloseServiceHandle
SetTokenInformation
DuplicateTokenEx
RegDeleteKeyValueA
RegSetValueExA
RegQueryValueExW
RegDeleteKeyExA
RegCreateKeyExA
ConvertSidToStringSidA
LookupAccountNameA
SetThreadToken
OpenThreadToken
AllocateAndInitializeSid
CreateRestrictedToken
CreateWellKnownSid
FreeSid
GetSecurityDescriptorDacl
ImpersonateSelf
InitializeSecurityDescriptor
RevertToSelf
GetLengthSid
GetUserNameA
GetUserNameW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
SetEntriesInAclA
OpenProcessToken
CopySid
GetTokenInformation

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

shlwapi

PathFileExistsW
PathFindFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapSize
SetFilePointerEx
SetStdHandle
GetConsoleCP
GetConsoleMode
HeapAlloc
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetSystemDirectoryW
FreeLibrary
GetProcAddress
CloseHandle
Sleep
WaitForSingleObject
CreateEventExA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
CreateEventA
WaitForMultipleObjects
ResetEvent
CreateThread
GetCurrentThreadId
GetThreadId
WideCharToMultiByte
CreateFileA
GetTickCount
DeleteFileW
GetTempPathW
HeapFree
GetProcessHeap
OpenEventA
SetDllDirectoryA
MoveFileExW
GetModuleHandleA
CreateDirectoryA
DeleteFileA
GetFileAttributesA
GetFileSizeEx
GetFinalPathNameByHandleA
WriteFile
OutputDebugStringA
GetCurrentThread
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
LocalAlloc
LocalFree
CopyFileA
MoveFileExA
CreateFileW
ReadFile
WaitNamedPipeW
CreateEventW
QueryPerformanceCounter
QueryPerformanceFrequency
OpenProcess
LoadLibraryA
FlushFileBuffers
DisconnectNamedPipe
ReleaseMutex
UnmapViewOfFile
OpenFileMappingA
ConnectNamedPipe
ReadConsoleW
CreateMutexA
MapViewOfFile
OpenMutexA
CreateFileMappingA
CreateNamedPipeA
GetModuleFileNameA
WTSGetActiveConsoleSessionId
VerSetConditionMask
ExpandEnvironmentStringsW
GetFileAttributesW
GetFullPathNameW
SetLastError
CreateProcessA
CreateProcessW
LoadLibraryExW
lstrcmpW
VerifyVersionInfoW
DecodePointer
RaiseException
InitializeCriticalSectionEx
SetCurrentDirectoryA
GetVolumeInformationA
TerminateProcess
ProcessIdToSessionId
GetSystemDirectoryA
GetVersionExA
MultiByteToWideChar
K32GetProcessMemoryInfo
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FormatMessageW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
GetDateFormatW
SetConsoleCtrlHandler
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind

user32

FindWindowExW
FindWindowW
FindWindowA
RegisterClassExA
UnregisterClassA
DefWindowProcA
DispatchMessageA
EnumWindows
GetMessageA
PostThreadMessageA
EnumDisplayDevicesA
RedrawWindow
GetForegroundWindow
GetWindowThreadProcessId
WaitForInputIdle
PostMessageA
GetShellWindow
TranslateMessage
EnumDisplaySettingsExA
SendMessageA
EnumDisplaySettingsA
wsprintfW
ChangeWindowMessageFilterEx
CreateWindowExA
DestroyWindow

Exports

Exports

CreateOverlayApiInterface
CreateShadowPlayApiInterface

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Macro/assist/Assembley/nvspapi.dll
.dll windows:6 windows x86 arch:x86

e4cccd03ffea21888ae6cb531dd52752

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:70:08:24:54:3c:a4:12:16:72:47:b9:89:6e:0b:6f:a3:2c:b3:a9:fd:79:9a:ae:9d:19:ed:ce:d3:a1:2d:67
Signer

Actual PE Digest

08:70:08:24:54:3c:a4:12:16:72:47:b9:89:6e:0b:6f:a3:2c:b3:a9:fd:79:9a:ae:9d:19:ed:ce:d3:a1:2d:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dvs\p4\build\sw\rel\gfclient\rel_03_28\shadowplay2\api\win7_x86_release\nvspapi.pdb

Imports

shell32

SHGetFolderPathA
SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoTaskMemFree

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
SysAllocString
GetErrorInfo
VariantCopy
SetErrorInfo
CreateErrorInfo

advapi32

SetSecurityDescriptorDacl
ConvertStringSidToSidW
OpenSCManagerA
CloseServiceHandle
SetTokenInformation
DuplicateTokenEx
RegDeleteKeyValueA
RegSetValueExA
RegQueryValueExW
RegDeleteKeyExA
RegCreateKeyExA
ConvertSidToStringSidA
LookupAccountNameA
SetThreadToken
OpenThreadToken
AllocateAndInitializeSid
CreateRestrictedToken
CreateWellKnownSid
FreeSid
GetSecurityDescriptorDacl
ImpersonateSelf
InitializeSecurityDescriptor
RevertToSelf
GetLengthSid
GetUserNameA
GetUserNameW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
SetEntriesInAclA
OpenProcessToken
CopySid
GetTokenInformation

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

shlwapi

PathFileExistsW
PathFindFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapSize
SetFilePointerEx
SetStdHandle
GetConsoleCP
GetConsoleMode
HeapAlloc
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetSystemDirectoryW
FreeLibrary
GetProcAddress
CloseHandle
Sleep
WaitForSingleObject
CreateEventExA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
CreateEventA
WaitForMultipleObjects
ResetEvent
CreateThread
GetCurrentThreadId
GetThreadId
WideCharToMultiByte
CreateFileA
GetTickCount
DeleteFileW
GetTempPathW
HeapFree
GetProcessHeap
OpenEventA
MoveFileExW
GetModuleHandleA
CreateDirectoryA
DeleteFileA
GetFileAttributesA
GetFileSizeEx
GetFinalPathNameByHandleA
WriteFile
OutputDebugStringA
GetCurrentThread
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
LocalAlloc
LocalFree
CopyFileA
MoveFileExA
CreateFileW
ReadFile
WaitNamedPipeW
CreateEventW
QueryPerformanceCounter
QueryPerformanceFrequency
OpenProcess
LoadLibraryA
FlushFileBuffers
DisconnectNamedPipe
ReleaseMutex
UnmapViewOfFile
OpenFileMappingA
ConnectNamedPipe
ReadConsoleW
CreateMutexA
MapViewOfFile
OpenMutexA
CreateFileMappingA
CreateNamedPipeA
GetModuleFileNameA
WTSGetActiveConsoleSessionId
VerSetConditionMask
ExpandEnvironmentStringsW
GetFileAttributesW
GetFullPathNameW
SetLastError
CreateProcessA
CreateProcessW
LoadLibraryExW
lstrcmpW
VerifyVersionInfoW
DecodePointer
RaiseException
InitializeCriticalSectionEx
SetCurrentDirectoryA
GetVolumeInformationA
TerminateProcess
ProcessIdToSessionId
GetSystemDirectoryA
GetVersionExA
MultiByteToWideChar
K32GetProcessMemoryInfo
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FormatMessageW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
GetDateFormatW
SetConsoleCtrlHandler
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind

user32

FindWindowExW
FindWindowW
FindWindowA
RegisterClassExA
UnregisterClassA
DefWindowProcA
DispatchMessageA
EnumWindows
GetMessageA
PostThreadMessageA
EnumDisplayDevicesA
RedrawWindow
GetForegroundWindow
GetWindowThreadProcessId
WaitForInputIdle
PostMessageA
GetShellWindow
TranslateMessage
EnumDisplaySettingsExA
SendMessageA
EnumDisplaySettingsA
wsprintfW
ChangeWindowMessageFilterEx
CreateWindowExA
DestroyWindow

Exports

Exports

CreateOverlayApiInterface
CreateShadowPlayApiInterface

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Macro/assist/esp/CiCpFips32.dll
.dll windows:4 windows x86 arch:x86

404a19d57aa31ad0cb9e16e8e8121076

Code Sign

90:83:4f:f4:56:e4:b6:94:2c:d3:28:01:b8:6f:9b:2f
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

31/10/2017, 00:00

Not After

30/10/2020, 23:59

Subject

CN=Bitvise Limited,O=Bitvise Limited,POSTALCODE=76034,STREET=4105 Lombardy Ct,L=Colleyville,ST=Texas,C=US,2.5.4.18=#13053736303334

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:83:4f:f4:56:e4:b6:94:2c:d3:28:01:b8:6f:9b:2f
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

31/10/2017, 00:00

Not After

30/10/2020, 23:59

Subject

CN=Bitvise Limited,O=Bitvise Limited,POSTALCODE=76034,STREET=4105 Lombardy Ct,L=Colleyville,ST=Texas,C=US,2.5.4.18=#13053736303334

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:5d:c6:fa:62:f3:de:6c:f6:2c:3f:6e:54:49:78:0e:e2:07:b9:f8:e6:ea:26:c2:ae:ae:d8:13:7d:08:c6:31
Signer

Actual PE Digest

75:5d:c6:fa:62:f3:de:6c:f6:2c:3f:6e:54:49:78:0e:e2:07:b9:f8:e6:ea:26:c2:ae:ae:d8:13:7d:08:c6:31

Digest Algorithm

sha256

PE Digest Matches

true

4b:54:56:aa:f1:aa:82:8a:57:da:c1:35:c4:92:18:2c:97:ea:34:4f
Signer

Actual PE Digest

4b:54:56:aa:f1:aa:82:8a:57:da:c1:35:c4:92:18:2c:97:ea:34:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\repos\main\SSH2\Release\pdbs\CiCpFips32.pdb

Imports

kernel32

FlushFileBuffers
InitializeCriticalSection
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
InterlockedDecrement
GetLastError
DeleteCriticalSection
InterlockedIncrement
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle

ole32

CoTaskMemFree
CoTaskMemAlloc

cryptopp530fips32

ord3512
ord909
ord2653
ord1954
ord2568
ord1989
ord2590
ord3189
ord545
ord2381
ord2639
ord2846
ord211
ord2784
ord2663
ord3405
ord3418
ord2004
ord2021
ord2673
ord3497
ord3596
ord1908
ord2027
ord1913
ord2244
ord915
ord1994
ord2516
ord1952
ord2800
ord512
ord2638
ord2197
ord3607
ord3219
ord3030
ord2635
ord1794
ord2191
ord2649
ord878
ord3416
ord828
ord3037
ord675
ord2384
ord1902
ord3496
ord3603
ord1970
ord2178
ord3597
ord2768
ord2895
ord1805
ord524
ord2204
ord1877
ord1909
ord1951
ord429
ord3399
ord3019
ord846
ord1965
ord836
ord3027
ord3218
ord3001
ord2916
ord3521
ord2114
ord537
ord2765
ord3324
ord2005
ord3100
ord3176
ord2906
ord2933
ord782
ord1816
ord827
ord3216
ord1977
ord2396
ord3002
ord546
ord2177
ord3507
ord2306
ord357
ord229
ord2748
ord2255
ord367
ord2704
ord2016
ord2664
ord928
ord3103
ord3520
ord3226
ord2105
ord734
ord548
ord3462
ord2903
ord1905
ord324
ord3290
ord511
ord3007
ord2116
ord2062
ord3587
ord2676
ord453
ord2750
ord2460
ord346
ord3221
ord3112
ord3183
ord213
ord2636
ord748
ord1978
ord2086
ord3504
ord3605
ord1227
ord80
ord3461
ord3347
ord2010
ord970
ord864
ord2102
ord2303
ord2537
ord3181
ord2680
ord2787
ord1899
ord2645
ord616
ord3500
ord2339
ord3116
ord3255
ord157
ord2688
ord2781
ord3554
ord3612
ord3188
ord1787
ord1789
ord407
ord3493
ord867
ord457
ord3259
ord3499
ord2057
ord3223
ord2017
ord3393
ord2774
ord2111
ord2591
ord1773
ord2659
ord2261
ord2179
ord3551
ord732
ord2256
ord2025
ord2802
ord2103
ord3523
ord3109
ord2006
ord3584
ord3229
ord1912
ord972
ord2572
ord440
ord413
ord2279
ord507
ord3182
ord2299
ord2474
ord3033
ord2661
ord2245
ord3085
ord975
ord982
ord3257
ord3017
ord3220
ord1942
ord3345
ord1964
ord76
ord568
ord2047
ord2461
ord3215
ord881
ord3552
ord2237
ord3422
ord3272
ord162
ord3577
ord3171
ord2767
ord997
ord2462
ord3408
ord838
ord3246
ord3104
ord2531
ord3514
ord3364
ord3344
ord2230
ord2918
ord159
ord419
ord245
ord3022
ord2633
ord2896
ord650
ord3119
ord2720
ord3394
ord2329
ord1903
ord3403
ord3365
ord3342
ord2229
ord246
ord654
ord3185
ord2905
ord973
ord692
ord3404
ord350
ord2879
ord2428
ord2934
ord2942
ord3006
ord3348
ord3118
ord2227
ord3322
ord2115
ord2939
ord2780
ord830
ord875
ord3423
ord3547
ord2902
ord2648
ord351
ord3083
ord2223
ord1916
ord2292
ord2475
ord1069
ord2429
ord2253
ord1906
ord789
ord3412
ord831
ord2840
ord2914
ord2940
ord1922
ord3113
ord425
ord2566
ord2665
ord2647
ord1925
ord332
ord3164
ord3467
ord2000
ord2301
ord2930
ord428
ord3339
ord3346
ord974
ord3217
ord1346
ord3450
ord1949
ord164
ord143
ord3034
ord2011
ord751
ord662
ord2541
ord2195
ord2239
ord3470
ord1373
ord231
ord2695
ord2637
ord3214
ord2893
ord2621
ord649
ord3230
ord1808
ord3291
ord2304
ord558
ord3459
ord1968
ord3362
ord3010
ord3023
ord2067
ord2868
ord3028
ord3536
ord677
ord1788
ord3227
ord2700
ord946
ord2901
ord2028
ord2627
ord1947
ord2675
ord3566
ord1255
ord1200
ord3172
ord1897
ord559
ord2219
ord421
ord2013
ord2074
ord3235
ord2886
ord3589
ord3059
ord2618
ord506
ord2257
ord2751
ord2701
ord2171
ord1996
ord2614
ord3186
ord2490
ord1795
ord2652
ord2552
ord3060
ord2398
ord2366
ord233
ord590
ord2841
ord640
ord335
ord3039
ord2427
ord2106
ord841
ord854
ord937
ord938
ord2788
ord3158
ord2126
ord2405
ord3534
ord3343
ord500
ord1936
ord1306
ord3548
ord2383
ord3035
ord3036
ord449
ord344
ord2263
ord2401
ord2809
ord2471
ord2764
ord2406
ord2022
ord2719
ord2330
ord2952
ord356
ord383
ord570
ord3413
ord2775
ord2260
ord3524
ord3157
ord2536
ord3096
ord2604
ord3340
ord3121
ord3024
ord644
ord2799
ord1917
ord2218
ord3095
ord502
ord3135
ord2514
ord2008
ord2403
ord3098
ord209
ord2885
ord3026
ord3419
ord584
ord2907
ord1995
ord3509
ord495
ord2610
ord3093
ord2014
ord2593
ord906
ord1370
ord2369
ord3510
ord883
ord2430
ord1875
ord3432
ord2925
ord3555
ord2703
ord497
ord873
ord646
ord959
ord2031
ord485
ord3560
ord3591
ord1898
ord2247
ord2160
ord2358
ord3468
ord452
ord3325
ord3260
ord2562
ord927
ord617
ord3563
ord932
ord3420
ord2026
ord3486
ord2697
ord2129
ord2944

Exports

Exports

CiDhAgree
CiDhAgreedSize
CiDhFree
CiDhInit
CiDhModulusBits
CiDhPubStore
CiDhPubStoredSize
CiEcdhAgree
CiEcdhAgreedSize
CiEcdhEnum
CiEcdhFree
CiEcdhInit
CiEcdhPubStore
CiEcdhPubStoredSize
CiFree
CiGenRandomBytes
CiHashDigest
CiHashDigestSize
CiHashFree
CiHashKeyedEnum
CiHashKeyedInit
CiHashUnkeyedEnum
CiHashUnkeyedInit
CiHashUpdate
CiInit
CiPkEnum
CiPkPrivAlgs
CiPkPrivFree
CiPkPrivGenerate
CiPkPrivInit
CiPkPrivKeyBits
CiPkPrivMitigateSigTiming
CiPkPrivSigSize
CiPkPrivSign
CiPkPrivStore
CiPkPrivStoredSize
CiPkPubAlgs
CiPkPubFree
CiPkPubFromPriv
CiPkPubInit
CiPkPubKeyBits
CiPkPubStore
CiPkPubStoredSize
CiPkPubVerify
CiSymEnum
CiSymFree
CiSymInfo
CiSymInit
CiSymMsgDecrypt
CiSymMsgEncrypt
CiSymMsgPeekLen
CiSymProcess
CiSymProcessInPlace
SetNewAndDeleteFromCryptoPP

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Macro/norecoil/cargrp.dat
Macro/norecoil/default.dat
Macro/norecoil/default.ide
Macro/v2/00007A.dat
Macro/v2/00007B.dat
Macro/v2/00007C.dat
Macro/v2/00007D.dat
Macro/v2/00007E.dat
Macro/v2/00008A.dat
Macro/v8/GZFlashingFix by alferov.asi
.dll windows:6 windows x86 arch:x86

7d160b88661881130511c74ebf7466bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
VirtualProtect
ExitThread
GetModuleHandleA
CloseHandle
CreateThread
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent

user32

MessageBoxA

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
_Query_perf_frequency

vcruntime140

memcpy
__std_terminate
_except_handler4_common
memset
__std_exception_copy
__std_type_info_destroy_list
memmove
__CxxFrameHandler3
__std_exception_destroy
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_crt_atexit
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Macro/v8/Licenses/License.Apache2.0.txt
Macro/v8/Licenses/License.BouncyCastle.txt
Macro/v8/Licenses/License.NotifyIcon.txt
Macro/v8/Licenses/License.WebSocketSharp.txt
Macro/v8/Licenses/License.avro.txt
Macro/v8/Licenses/License.bzip2.txt
Macro/v8/Licenses/License.cefsharp.txt
Macro/v8/Licenses/License.cpol.htm
Macro/v8/Licenses/License.ionc.zip.txt
Macro/v8/Licenses/License.jose-jwt.txt
Macro/v8/Licenses/License.zlib.txt
Macro/v8/gtaweap3.ttf
Macro/v8/lua51.dll
.dll windows:6 windows x86 arch:x86

9466a71df1d3a59794f8605626534abe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
SetLastError
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
FreeLibrary
GetModuleHandleExA
GetProcAddress
LoadLibraryExA
FormatMessageA
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
Sleep
CreateThread
RtlUnwind
GetModuleFileNameA
GetModuleHandleA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
SetEndOfFile
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ReadFile
CloseHandle
DuplicateHandle
CreateProcessA
GetTempPathW
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
DecodePointer
GetACP
SetFilePointerEx
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
CreateFileW
GetTimeZoneInformation
DeleteFileW
MoveFileExW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
SetStdHandle
GetStringTypeW
HeapSize
HeapReAlloc
WriteConsoleW

Exports

Exports

luaJIT_profile_dumpstack
luaJIT_profile_start
luaJIT_profile_stop
luaJIT_setmode
luaJIT_version_2_1_0_beta3
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_error
luaL_execresult
luaL_fileresult
luaL_findtable
luaL_getmetafield
luaL_gsub
luaL_loadbuffer
luaL_loadbufferx
luaL_loadfile
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffer
luaL_pushmodule
luaL_pushresult
luaL_ref
luaL_register
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_traceback
luaL_typerror
luaL_unref
luaL_where
lua_atpanic
lua_call
lua_checkstack
lua_close
lua_concat
lua_copy
lua_cpcall
lua_createtable
lua_dump
lua_equal
lua_error
lua_gc
lua_getallocf
lua_getfenv
lua_getfield
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_insert
lua_iscfunction
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_lessthan
lua_load
lua_loadx
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_objlen
lua_pcall
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawset
lua_rawseti
lua_remove
lua_replace
lua_resume
lua_setallocf
lua_setfenv
lua_setfield
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointeger
lua_tointegerx
lua_tolstring
lua_tonumber
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
lua_yield
luaopen_base
luaopen_bit
luaopen_debug
luaopen_ffi
luaopen_io
luaopen_jit
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table

Sections

.text
Size: 479KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resource/ahk/script/iediagcmd.exe
.exe windows:10 windows x64 arch:x64

8ad7d3f07924e8c2b7127391afd2da11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

IEDiagCmd.pdb

Imports

msvcrt

_vsnwprintf
_callnewh
malloc
?terminate@@YAXXZ
_amsg_exit
_cexit
??3@YAXPEAX@Z
memcpy
memset
_itow
_errno

kernel32

SetLastError
GetModuleHandleA
GetProcAddress
GetVersion
GetLastError
VirtualQuery
TerminateProcess
GetCurrentProcess
Sleep
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
LoadLibraryW
FreeLibrary
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetUnhandledExceptionFilter
QueryPerformanceCounter

mscoree

CorBindToRuntimeEx
_CorExeMain

ole32

CoCreateInstance

comctl32

ord332
ord334
ord386
ord328

oleacc

ObjectFromLresult

oleaut32

VariantInit
SysFreeString
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString

user32

RegisterWindowMessageW
SendMessageTimeoutW

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nep
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resource/bypassing/0000/_DataPerfCounters_d.ini
Resource/bypassing/0000A1.dat
Resource/bypassing/0000A3.dat
Resource/bypassing/0000A4.dat
Resource/bypassing/0000A7.dat
Resource/bypassing/0000A8.dat
Resource/bypassing/0000A9.dat
Resource/bypassing/0000AA.dat
Resource/bypassing/0000AB.dat
Resource/bypassing/0000AC.dat
Resource/bypassing/0000AF.dat
Resource/bypassing/0000B0.dat
Resource/bypassing/0000B1.dat
Resource/bypassing/0000B9.dat
Resource/bypassing/0000BA.dat
Resource/bypassing/0002A0.dat
Resource/bypassing/0002A1.dat
Resource/bypassing/0002A2.dat
Resource/bypassing/0002A3.dat
Resource/bypassing/0002A5.dat
Resource/bypassing/0002A6.dat
Resource/bypassing/0002A7.dat
Resource/bypassing/0002A8.dat
Resource/bypassing/0002B0.dat
Resource/bypassing/0002B1.dat
Resource/bypassing/0002B3.dat
Resource/bypassing/0002B4.dat
Resource/bypassing/0002B6.dat
Resource/bypassing/0002B7.dat
Resource/bypassing/0002B8.dat
Resource/bypassing/0002B9.dat
Resource/bypassing/0002BA.dat
Resource/bypassing/000A21.dat
Resource/bypassing/000A22.dat
Resource/bypassing/000A23.dat
Resource/bypassing/000A24.dat
Resource/bypassing/000C02.dat
Resource/bypassing/000C04.dat
Resource/bypassing/000C05.dat
Resource/bypassing/000C06.dat
Resource/bypassing/000C08.dat
Resource/bypassing/000F12.dat
Resource/bypassing/000F19.dat
Resource/bypassing/000F1D.dat
Resource/bypassing/000F20.dat
Resource/bypassing/000F21.dat
Resource/bypassing/000F26.dat
Resource/bypassing/000F27.dat
Resource/bypassing/000F28.dat
Resource/bypassing/000F2B.dat
Resource/bypassing/000F35.dat
Resource/bypassing/000F36.dat
Resource/exitol/RzDevU_0a24_Dkm.inf
Resource/exitol/RzDev_0a24.sys
.sys windows:10 windows x64 arch:x64

44fb28a5aa33fb250e641a1dfcad1c13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

20:4d:91:bf:90:e3:9d:b9:02:f6:91:84:aa:80:00:93
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

22/11/2018, 00:00

Not After

21/11/2021, 23:59

Subject

SERIALNUMBER=3887964,CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#1306497276696e65,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:97:d7:9f:85:90:6e:a3:18:a4:00:00:00:00:00:97
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/03/2020, 17:47

Not After

05/03/2021, 17:47

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8a:cb:49:f5:51:bb:65:d4:87:da:59:b0:a6:21:88:16:1a:7f:69:9a:3c:2f:e9:c7:ce:51:4a:95:01:cc:01:a0
Signer

Actual PE Digest

8a:cb:49:f5:51:bb:65:d4:87:da:59:b0:a6:21:88:16:1a:7f:69:9a:3c:2f:e9:c7:ce:51:4a:95:01:cc:01:a0

Digest Algorithm

sha256

PE Digest Matches

true

61:3c:6b:c5:26:77:54:a8:a0:6e:2b:a6:a5:af:a7:ce:ad:36:68:a9
Signer

Actual PE Digest

61:3c:6b:c5:26:77:54:a8:a0:6e:2b:a6:a5:af:a7:ce:ad:36:68:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\GitBucket\driver3\RzDriver\Build\x64\Release_UD\RzDev_0a24.pdb

Imports

ntoskrnl.exe

RtlCopyUnicodeString
wcsstr
IoWMIRegistrationControl
RtlCompareMemory
MmGetSystemRoutineAddress
RtlInitUnicodeString
_vsnwprintf

wpprecorder.sys

WppAutoLogStop
WppAutoLogStart
WppAutoLogTrace

wdfldr.sys

WdfVersionUnbindClass
WdfVersionBindClass
WdfVersionUnbind
WdfVersionBind

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resource/exitol/rzdev_0a24_dkm.cat
Resource/lua/CefSharp.WinForms.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:28:98:d1:b8:31:29:40:d0:d8:36:be:d0:7d:bb:a0:53:78:cc:f6:5d:2a:2b:bc:35:8f:09:ad:e7:0d:de:29
Signer

Actual PE Digest

57:28:98:d1:b8:31:29:40:d0:d8:36:be:d0:7d:bb:a0:53:78:cc:f6:5d:2a:2b:bc:35:8f:09:ad:e7:0d:de:29

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\cefsharp\CefSharp.WinForms\obj\Release\net462\CefSharp.WinForms.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Settings/winje/clientui.uifont
Version/plugins/FlowSshNetSamples/FlowSshNet_Exec.ps1
.ps1
Version/plugins/FlowSshNetSamples/FlowSshNet_Sftp.ps1
.ps1
Version/plugins/config/conver/Countries.bin
Version/plugins/en-US/effectsPC.txd
Version/plugins/en-US/fonts.txd
Version/plugins/es-ES/Razer Central.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ec:4c:32:86:4e:12:38:0c:1c:b8:0b:94:59:85:26:16:1a:c7:b5:00:ca:b5:ab:95:48:95:02:73:81:77:1c:d1
Signer

Actual PE Digest

ec:4c:32:86:4e:12:38:0c:1c:b8:0b:94:59:85:26:16:1a:c7:b5:00:ca:b5:ab:95:48:95:02:73:81:77:1c:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/plugins/es-ES/Razer Updater.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

64:c0:e2:ae:25:12:fe:db:f1:fc:5a:7e:90:6b:6b:f6:93:8c:c6:81:aa:8a:3d:52:93:cc:47:c1:a6:c6:2e:27
Signer

Actual PE Digest

64:c0:e2:ae:25:12:fe:db:f1:fc:5a:7e:90:6b:6b:f6:93:8c:c6:81:aa:8a:3d:52:93:cc:47:c1:a6:c6:2e:27

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/plugins/fr-FR/Razer Central.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fa:3a:d8:f4:4f:19:37:21:ce:db:ba:fb:e5:6c:08:6b:a0:44:9a:44:f9:50:15:2b:85:ae:f5:5f:09:c7:eb:2d
Signer

Actual PE Digest

fa:3a:d8:f4:4f:19:37:21:ce:db:ba:fb:e5:6c:08:6b:a0:44:9a:44:f9:50:15:2b:85:ae:f5:5f:09:c7:eb:2d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/plugins/fr-FR/Razer Updater.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

31:ff:c7:09:71:88:df:7c:ea:c8:b4:ad:7e:c8:5e:06:95:8c:26:dc:63:62:a8:55:0b:e6:a9:66:68:b8:8e:75
Signer

Actual PE Digest

31:ff:c7:09:71:88:df:7c:ea:c8:b4:ad:7e:c8:5e:06:95:8c:26:dc:63:62:a8:55:0b:e6:a9:66:68:b8:8e:75

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/plugins/ja-JP/Razer Central.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

83:d7:02:7a:f2:f4:b1:d4:9f:9e:55:40:d6:53:62:0c:48:97:cf:b3:fd:64:6d:37:95:a2:c3:93:27:2c:72:5c
Signer

Actual PE Digest

83:d7:02:7a:f2:f4:b1:d4:9f:9e:55:40:d6:53:62:0c:48:97:cf:b3:fd:64:6d:37:95:a2:c3:93:27:2c:72:5c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/plugins/ja-JP/Razer Updater.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ba:86:da:24:68:c6:88:7e:f0:d9:bf:f9:98:dc:1d:22:41:17:49:85:da:ab:05:d3:11:72:a7:18:6e:91:28:d1
Signer

Actual PE Digest

ba:86:da:24:68:c6:88:7e:f0:d9:bf:f9:98:dc:1d:22:41:17:49:85:da:ab:05:d3:11:72:a7:18:6e:91:28:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Version/themes/grass0_4.dff
Version/themes/grass1_1.dff
Version/themes/grass1_2.dff
Version/themes/grass1_3.dff
Version/themes/grass1_4.dff
Version/themes/grass2_1.dff
Version/themes/grass2_2.dff
Version/themes/grass2_3.dff
Version/themes/grass2_4.dff
Version/themes/grass3_1.dff
Version/themes/grass3_2.dff
Version/themes/grass3_3.dff
Version/themes/grass3_4.dff
Version/themes/plant1.dff
Version/themes/plant1.txd
Version/v3/AudioEventHistory.txt
Version/v3/BankLkup.dat
Version/v3/BankSlot.dat
Version/v3/EventVol.dat
Version/v3/PakFiles.dat
Version/v3/StrmPaks.dat
Version/v3/TrakLkup.dat
Version/v4/Hardcodet.Wpf.TaskbarNotification.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f4:97:8c:65:d7:61:66:2c:7e:f0:9e:32:d4:d3:ae:bb:a5:94:09:23:00:59:bf:a9:df:b8:47:a3:dc:b1:ae:64
Signer

Actual PE Digest

f4:97:8c:65:d7:61:66:2c:7e:f0:9e:32:d4:d3:ae:bb:a5:94:09:23:00:59:bf:a9:df:b8:47:a3:dc:b1:ae:64

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\jenkins\workspace\CommonTools\Natasha_Master\3rdParty\NotifyIconWpf\obj\x86\Release\Hardcodet.Wpf.TaskbarNotification.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lnjector.exe
.exe windows:6 windows x86 arch:x86

0d2afadf94e4636078a3712b8340d1f1

Code Sign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:0e:aa:29:4c:d4:ab:d9:eb:1c:c7:84:c9:24:24:3d
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

03/12/2019, 00:00

Not After

07/12/2022, 12:00

Subject

CN=VMware\, Inc.,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US,1.2.840.113549.1.9.1=#0c126e6f7265706c7940766d776172652e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:c6:f2:b2:76:a1:46:a0:7d:0e:6d:93:57:b5:e1:08
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10/08/2021, 00:00

Not After

10/08/2023, 23:59

Subject

CN=VMware\, Inc.,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US,1.2.840.113549.1.9.1=#0c126e6f7265706c7940766d776172652e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:bb:c5:96:3b:a0:8e:7a:cf:1e:db:b7:00:d8:b9:23:fb:ca:06:2e:62:33:e9:50:51:cf:0d:77:d9:5c:90:50
Signer

Actual PE Digest

78:bb:c5:96:3b:a0:8e:7a:cf:1e:db:b7:00:d8:b9:23:fb:ca:06:2e:62:33:e9:50:51:cf:0d:77:d9:5c:90:50

Digest Algorithm

sha256

PE Digest Matches

false

ff:f1:66:05:a5:31:2e:39:8c:34:db:61:af:cc:8b:e1:84:b9:3e:d2
Signer

Actual PE Digest

ff:f1:66:05:a5:31:2e:39:8c:34:db:61:af:cc:8b:e1:84:b9:3e:d2

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\build\ob\bora-20800274\bora\build\build\vmui\release\win32\vmware.pdb

Imports

kernel32

GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
GetVersion
GetVersionExW
GetProcessHeap
HeapFree
HeapAlloc
GetVersionExA
lstrcmpiW
SizeofResource
LoadLibraryExW
FreeLibrary
SetUnhandledExceptionFilter
VerSetConditionMask
CloseHandle
RaiseException
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentThreadId
SetProcessShutdownParameters
GetModuleFileNameW
GlobalAlloc
GlobalUnlock
GlobalLock
LocalAlloc
MulDiv
FormatMessageW
lstrcmpW
VerifyVersionInfoW
GetModuleHandleW
GetProcAddress
lstrlenW
OpenProcess
LoadResource
LockResource
FindResourceW
GlobalHandle
GlobalFree
OutputDebugStringW
WaitNamedPipeW
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
CreateThread
TerminateThread
LocalFree
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
ReleaseMutex
CreateMutexW
GetCurrentProcessId
GetStartupInfoW
EncodePointer
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA

shell32

DragFinish
SHOpenFolderAndSelectItems
ord190
ord155
DragAcceptFiles
SHGetFolderPathW
DragQueryFileW
SHParseDisplayName
SHBindToParent

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegEnumValueW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW

user32

CreatePopupMenu
CopyIcon
CreateIcon
GetCapture
BringWindowToTop
FrameRect
ScrollWindow
DrawFocusRect
SetScrollPos
ScrollWindowEx
UpdateWindow
SetMenuDefaultItem
ShowScrollBar
SetMenuItemInfoW
AppendMenuW
GetMenuItemID
GetSubMenu
GetMenuState
ShutdownBlockReasonDestroy
ShutdownBlockReasonCreate
MonitorFromPoint
SystemParametersInfoA
MapDialogRect
IsDialogMessageW
DrawIconEx
InflateRect
SetRectEmpty
TranslateAcceleratorW
LoadAcceleratorsW
KillTimer
SetTimer
GetActiveWindow
SendDlgItemMessageW
CreateDialogParamW
IsZoomed
SetWindowPlacement
SendNotifyMessageW
ChangeWindowMessageFilter
GetWindowThreadProcessId
FindWindowExW
SetForegroundWindow
ShowWindowAsync
GetCursorPos
InsertMenuItemW
CreateMenu
IsMenu
NotifyWinEvent
GetScrollInfo
SetScrollInfo
CopyImage
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
GetCursor
RegisterWindowMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetMessagePos
SendMessageW
SendMessageTimeoutW
DefWindowProcW
PostQuitMessage
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
IsChild
DestroyWindow
ShowWindow
MoveWindow
SetWindowPos
GetWindowPlacement
GetDlgItem
OpenClipboard
CloseClipboard
EnumClipboardFormats
CharNextW
SetFocus
GetFocus
SetCapture
ReleaseCapture
IsWindowEnabled
CreateAcceleratorTableW
DestroyAcceleratorTable
GetSystemMetrics
GetMenuStringW
CheckMenuItem
EnableMenuItem
GetMenuItemCount
DeleteMenu
GetMenuItemInfoW
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
InvalidateRgn
RedrawWindow
GetPropW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
MessageBoxW
SetCursor
ClientToScreen
ScreenToClient
WindowFromPoint
GetSysColor
FillRect
SetRect
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetParent
GetClassNameW
GetWindow
CheckMenuRadioItem
LoadCursorW
SystemParametersInfoW
MonitorFromWindow
GetAncestor
RealGetWindowClassW
IsIconic
SetClipboardData
EmptyClipboard
PostMessageW
SetDlgItemTextW
EnumChildWindows
GetSystemMenu
CheckRadioButton
IsDlgButtonChecked
EnableWindow
DestroyIcon
MapWindowPoints
GetSysColorBrush
GetMonitorInfoW
FlashWindowEx
IsWindowVisible
CreateDialogIndirectParamW
EndDialog
DrawTextW
GetWindowDC
SetPropW
CopyRect
IsRectEmpty
EqualRect
LoadImageW
GetIconInfo
SetActiveWindow
GetForegroundWindow
OffsetRect
DestroyMenu
InsertMenuW
RemoveMenu
TrackPopupMenu
LoadStringW
GetDoubleClickTime
DestroyCursor
TrackMouseEvent
DrawEdge
GetDlgCtrlID
RegisterClipboardFormatW
GetKeyState

gdi32

SetWindowOrgEx
LineTo
SetViewportOrgEx
MoveToEx
Polyline
SetDCBrushColor
GetTextMetricsW
ExtTextOutW
CreatePen
Rectangle
StretchBlt
CreateFontW
GetTextExtentPoint32W
Polygon
SetTextColor
SetBkMode
SetBkColor
SaveDC
RestoreDC
IntersectClipRect
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetDCPenColor
CreateFontIndirectW

comctl32

CreatePropertySheetPageW
PropertySheetW
InitCommonControlsEx
ord381
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy

comdlg32

GetSaveFileNameW
GetOpenFileNameW

gdiplus

GdipDrawImageRectI
GdipDrawImageRect
GdipDrawImageI
GdipFillRectangleI
GdipFillRectangle
GdipReleaseDC
GdipGetDC
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateSolidFill
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFillPieI
GdipDrawEllipseI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushFromRectI
GdipGetImageHeight
GdipDeletePen
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateHatchBrush
GdipCreatePen1

uxtheme

IsAppThemed

oleacc

CreateStdAccessibleObject
LresultFromObject

ole32

OleInitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
StringFromGUID2
PropVariantClear
RevokeDragDrop
DoDragDrop
OleUninitialize
ReleaseStgMedium
CoTaskMemRealloc
RegisterDragDrop
CreateStreamOnHGlobal
CoUninitialize
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID

oleaut32

GetErrorInfo
VarUI4FromStr
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

SHAutoComplete
PathRemoveFileSpecW

Exports

Exports

??4CInitGdiplus@wui@@QAEAAV01@ABV01@@Z
??_FCInitGdiplus@wui@@QAEXXZ

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 935KB - Virtual size: 935KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0a9b0668fbe668ab78fdf99f06fc8f4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

5d:b9:7e:57:64:97:b7:84:f0:22:78:27:eb:83:18:73:b0:e9:3f:2a:54:0b:f5:a3:e5:7d:fc:04:80:29:49:26Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

advapi32

user32

libprotobuf

kernel32

Exports

Exports

Sections

.text Size: 608KB - Virtual size: 607KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 6KB - Virtual size: 13KB

.idata Size: 22KB - Virtual size: 22KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 21KB

c90e061bd7d84bd9062d1cbb8595942e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

99:b4:f3:60:f7:81:f6:88:e3:80:b7:8e:b5:2f:63:6c:c8:ff:76:f5:c4:52:67:fe:73:c4:76:52:c7:a0:21:9fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 629KB - Virtual size: 628KB

.rdata Size: 169KB - Virtual size: 168KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 38KB - Virtual size: 37KB

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

5d:b9:7e:57:64:97:b7:84:f0:22:78:27:eb:83:18:73:b0:e9:3f:2a:54:0b:f5:a3:e5:7d:fc:04:80:29:49:26
Signer

.text
Size: 608KB - Virtual size: 607KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 6KB - Virtual size: 13KB

.idata
Size: 22KB - Virtual size: 22KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 21KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

99:b4:f3:60:f7:81:f6:88:e3:80:b7:8e:b5:2f:63:6c:c8:ff:76:f5:c4:52:67:fe:73:c4:76:52:c7:a0:21:9f
Signer

.text
Size: 629KB - Virtual size: 628KB

.rdata
Size: 169KB - Virtual size: 168KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 38KB - Virtual size: 37KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:b2:9b:00:00:00:00:00:15
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:05:a2:30:00:00:00:00:00:08
Certificate

25:ba:f7:87:7a:93:e9:f2:77:9a:d0:d8:84:ae:dd:db:7d:05:48:fb
Signer

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 243KB - Virtual size: 244KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

f1:75:1f:1b:09:c9:d9:ec:68:f6:69:46:a5:39:63:32:29:f0:f6:52:1d:66:69:5d:e8:e4:e5:c8:59:de:ce:d1
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 247KB - Virtual size: 246KB

.data
Size: 11KB - Virtual size: 31KB

.idata
Size: 8KB - Virtual size: 7KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 91KB - Virtual size: 91KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate