Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
7Static
static
392e72c3435...7d.exe
windows7-x64
792e72c3435...7d.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$WINDIR/tw...am.dll
windows7-x64
3$WINDIR/tw...am.dll
windows10-2004-x64
3$WINDIR/tw...am.dll
windows7-x64
1$WINDIR/tw...am.dll
windows10-2004-x64
1drivers/x64/amcam.sys
windows7-x64
1drivers/x64/amcam.sys
windows10-2004-x64
1drivers/x6...st.exe
windows7-x64
4drivers/x6...st.exe
windows10-2004-x64
4drivers/x86/amcam.sys
windows7-x64
1drivers/x86/amcam.sys
windows10-2004-x64
1drivers/x8...st.exe
windows7-x64
4drivers/x8...st.exe
windows10-2004-x64
4uninst.exe
windows7-x64
7uninst.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d.exe
Resource
win7-20240708-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
$WINDIR/twain_32/amcam.dll
Resource
win7-20240704-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral8
Sample
$WINDIR/twain_32/amcam.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral9
Sample
$WINDIR/twain_64/amcam.dll
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$WINDIR/twain_64/amcam.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
drivers/x64/amcam.sys
Resource
win7-20240705-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
drivers/x64/amcam.sys
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
drivers/x64/dpinst.exe
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral14
Sample
drivers/x64/dpinst.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral15
Sample
drivers/x86/amcam.sys
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
drivers/x86/amcam.sys
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
drivers/x86/dpinst.exe
Resource
win7-20240708-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral18
Sample
drivers/x86/dpinst.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral19
Sample
uninst.exe
Resource
win7-20240708-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral20
Sample
uninst.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral21
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral22
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
-
Size
5.3MB
-
MD5
ec2a5c041640815b2ae4bb05e728bd61
-
SHA1
8f5885d962bb4e57eb7786e694f8d87e23da7b7d
-
SHA256
92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
-
SHA512
25ad53c776f6f9533c2b5ee432476cf336c04e461f1e516b1b85009357612fbe2f695a843546a9ee92a136493578915e0d95dd24a83f5e1ac67db201fe8af10e
-
SSDEEP
98304:K8WjhvkwMtNG+6B3fTWH00q0Nl4SbcJtcNg+VUBuAxuTycBZwLLGBIJl:KfvkwANG+6B3CHDq0fPacN5quTycBZwH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
resource 92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/uninst.exe unpack002/$PLUGINSDIR/System.dll unpack002/$PLUGINSDIR/nsDialogs.dll
Files
-
92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d.exe windows:4 windows x86 arch:x86
c05041e01f84e1ccca9c4451f3b6a383
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 160KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 648B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
6b5c4f7d679059f68f1269aad3a5cecd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc
user32
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW
gdi32
SetTextColor
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 638B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/twain_32/amcam.ds.dll windows:5 windows x86 arch:x86
303241a41d4db76d3723e10020411410
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
61:29:15:27:00:00:00:00:00:2aCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-04-2011 19:55Not After15-04-2021 20:05SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28-07-2020 00:00Not After18-03-2029 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28-07-2020 00:00Not After28-07-2030 00:00SubjectCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:ad:7d:6d:d7:dc:92:7b:51:15:9f:58Certificate
IssuerCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before03-11-2022 01:57Not After03-11-2025 01:57SubjectCN=United Scope LLC,O=United Scope LLC,L=Irvine,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
61:29:15:27:00:00:00:00:00:2aCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-04-2011 19:55Not After15-04-2021 20:05SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28-07-2020 00:00Not After18-03-2029 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28-07-2020 00:00Not After28-07-2030 00:00SubjectCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:ad:7d:6d:d7:dc:92:7b:51:15:9f:58Certificate
IssuerCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before03-11-2022 01:57Not After03-11-2025 01:57SubjectCN=United Scope LLC,O=United Scope LLC,L=Irvine,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
d6:89:0a:ed:b2:32:ff:2d:e5:8d:38:e0:26:82:3e:e8:33:ca:7e:0a:db:c3:b6:c7:ab:f4:aa:95:82:6f:fb:47Signer
Actual PE Digestd6:89:0a:ed:b2:32:ff:2d:e5:8d:38:e0:26:82:3e:e8:33:ca:7e:0a:db:c3:b6:c7:ab:f4:aa:95:82:6f:fb:47Digest Algorithmsha256PE Digest Matchestrue92:dc:90:56:ad:17:cb:55:4e:1c:5d:73:3b:f7:09:16:ed:e8:5b:3eSigner
Actual PE Digest92:dc:90:56:ad:17:cb:55:4e:1c:5d:73:3b:f7:09:16:ed:e8:5b:3eDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
comctl32
ord17
kernel32
EnterCriticalSection
GetSystemTimes
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
QueryPerformanceFrequency
GetSystemInfo
QueryPerformanceCounter
GlobalHandle
WriteFile
CreateFileA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
DisableThreadLibraryCalls
lstrcpynA
FreeLibrary
HeapFree
SetLastError
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
MulDiv
UnregisterWaitEx
QueryDepthSList
ReleaseSemaphore
VirtualProtect
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
SetEndOfFile
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLastError
QueryDosDeviceW
FindNextFileA
FindFirstFileExA
FindClose
GetOEMCP
IsValidCodePage
SetStdHandle
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetModuleFileNameA
GetACP
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFileAttributesExW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
GetCPInfo
GetLocaleInfoW
LCMapStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetExitCodeThread
SwitchToThread
DuplicateHandle
GetStringTypeW
WideCharToMultiByte
TryEnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThread
ResumeThread
SetThreadPriority
InterlockedDecrement
InterlockedCompareExchange
SetEvent
WaitForSingleObject
DeleteCriticalSection
DecodePointer
RaiseException
LocalFree
FindResourceW
LoadResource
LockResource
FormatMessageW
InitializeCriticalSectionAndSpinCount
GetUserDefaultUILanguage
SizeofResource
GlobalMemoryStatusEx
GetLocalTime
GetCurrentThreadId
GetModuleFileNameW
OutputDebugStringA
GetTickCount
InterlockedIncrement
GetProcAddress
GetModuleHandleW
GetOverlappedResult
ResetEvent
LoadLibraryW
GetCommandLineA
Sleep
CreateEventW
GetVersionExW
CreateFileW
WaitForMultipleObjects
DeviceIoControl
ReadFile
CloseHandle
GetCommandLineW
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
user32
SystemParametersInfoW
SetWindowLongW
CreateWindowExW
WaitMessage
RegisterClassExW
DispatchMessageW
GetMonitorInfoW
PeekMessageW
IsRectEmpty
SetFocus
TranslateMessage
SetParent
GetDesktopWindow
GetClassInfoExW
GetWindowTextLengthW
GetMessagePos
FillRect
ScreenToClient
EndDialog
GetActiveWindow
IsWindow
RegisterDeviceNotificationW
GetCapture
SetTimer
SetDlgItemTextW
TrackMouseEvent
GetDlgItemTextW
SendDlgItemMessageW
IsWindowEnabled
IsDlgButtonChecked
LoadCursorW
SetCapture
SetCursor
GetDlgItemInt
GetDlgItem
SetRect
KillTimer
CheckDlgButton
GetSysColorBrush
SetDlgItemInt
DialogBoxParamW
UnregisterDeviceNotification
ReleaseCapture
EnableWindow
CreateDialogParamW
DestroyWindow
IsWindowVisible
GetSystemMetrics
IsDialogMessageW
SetScrollInfo
DeferWindowPos
DefWindowProcW
ShowScrollBar
PostMessageW
InflateRect
GetDC
UnregisterClassW
GetScrollInfo
GetScrollPos
ShowWindow
BeginDeferWindowPos
OffsetRect
GetSysColor
EndDeferWindowPos
GetClientRect
DrawTextW
SetScrollPos
GetParent
PtInRect
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
MessageBoxW
EnumChildWindows
SetWindowTextW
GetWindowTextW
GetWindowLongW
CallWindowProcW
GetWindowRect
SetWindowPos
GetPropW
SendMessageW
SetPropW
MonitorFromWindow
gdi32
StretchDIBits
CreateRectRgn
SetTextColor
SelectClipRgn
SetStretchBltMode
SetROP2
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Polyline
LineTo
CreatePen
Rectangle
SetViewportOrgEx
MoveToEx
SelectObject
GetStockObject
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetBkMode
Polygon
SetBkColor
DeleteObject
CreateFontIndirectW
ExtTextOutW
comdlg32
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
advapi32
RegSetValueExW
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueExW
RegSetValueExA
RegCloseKey
RegOpenKeyExW
ole32
CoCreateInstance
oleaut32
SysAllocString
SysFreeString
VariantClear
setupapi
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
shlwapi
PathFindFileNameW
PathStripPathW
ord12
Exports
Exports
DS_Entry
Sections
.text Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IPPCODE Size: 219KB - Virtual size: 218KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 810KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 413KB - Virtual size: 412KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/twain_64/amcam.ds.dll windows:6 windows x64 arch:x64
f9d6d86d0c46b76b15a6932427771c1a
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
61:29:15:27:00:00:00:00:00:2aCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-04-2011 19:55Not After15-04-2021 20:05SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28-07-2020 00:00Not After18-03-2029 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28-07-2020 00:00Not After28-07-2030 00:00SubjectCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:ad:7d:6d:d7:dc:92:7b:51:15:9f:58Certificate
IssuerCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before03-11-2022 01:57Not After03-11-2025 01:57SubjectCN=United Scope LLC,O=United Scope LLC,L=Irvine,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19-09-2018 00:00Not After28-01-2028 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
61:29:15:27:00:00:00:00:00:2aCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-04-2011 19:55Not After15-04-2021 20:05SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28-07-2020 00:00Not After18-03-2029 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28-07-2020 00:00Not After28-07-2030 00:00SubjectCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
60:ad:7d:6d:d7:dc:92:7b:51:15:9f:58Certificate
IssuerCN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before03-11-2022 01:57Not After03-11-2025 01:57SubjectCN=United Scope LLC,O=United Scope LLC,L=Irvine,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8b:7c:36:44:f3:5b:d0:32:aa:c9:4f:8c:cf:d4:e9:d1:5c:dd:9c:ff:9e:3a:2a:e7:48:55:66:f0:a2:f1:cc:3bSigner
Actual PE Digest8b:7c:36:44:f3:5b:d0:32:aa:c9:4f:8c:cf:d4:e9:d1:5c:dd:9c:ff:9e:3a:2a:e7:48:55:66:f0:a2:f1:cc:3bDigest Algorithmsha256PE Digest Matchestrue49:62:d7:62:04:23:7b:f8:4e:12:2b:40:3e:78:bc:1a:02:92:1c:a2Signer
Actual PE Digest49:62:d7:62:04:23:7b:f8:4e:12:2b:40:3e:78:bc:1a:02:92:1c:a2Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
comctl32
ord17
kernel32
MultiByteToWideChar
QueryPerformanceFrequency
GetSystemInfo
QueryPerformanceCounter
GlobalHandle
WriteFile
CreateFileA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
DisableThreadLibraryCalls
lstrcpynA
FreeLibrary
HeapFree
SetLastError
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
HeapDestroy
GetProcessHeap
MulDiv
SetEndOfFile
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindNextFileW
FindFirstFileExW
FindClose
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetFileType
GetStdHandle
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFileAttributesExW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
GetCPInfo
LCMapStringEx
EncodePointer
GetExitCodeThread
WaitForSingleObjectEx
GetStringTypeW
WakeConditionVariable
LeaveCriticalSection
GetSystemTimes
EnterCriticalSection
QueryDosDeviceW
GetCurrentThread
ResumeThread
SetThreadPriority
SetEvent
WaitForSingleObject
DeleteCriticalSection
DecodePointer
LocalFree
FindResourceW
LoadResource
LockResource
FormatMessageW
InitializeCriticalSectionEx
GetUserDefaultUILanguage
SizeofResource
GlobalMemoryStatusEx
GetLocalTime
GetCurrentThreadId
GetModuleFileNameW
OutputDebugStringA
GetTickCount
GetModuleHandleW
InitializeCriticalSection
GetProcAddress
GetOverlappedResult
ResetEvent
LoadLibraryW
CloseHandle
GetLastError
Sleep
CreateEventW
GetVersionExW
CreateFileW
WaitForMultipleObjects
DeviceIoControl
ReadFile
WideCharToMultiByte
TryAcquireSRWLockExclusive
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
RtlUnwind
user32
CreateDialogParamW
MonitorFromWindow
CreateWindowExW
WaitMessage
RegisterClassExW
DispatchMessageW
GetMonitorInfoW
PeekMessageW
IsRectEmpty
SetFocus
TranslateMessage
SetParent
GetDesktopWindow
GetClassInfoExW
GetWindowTextLengthW
GetMessagePos
FillRect
ScreenToClient
EndDialog
GetActiveWindow
IsWindow
RegisterDeviceNotificationW
GetCapture
SetTimer
SetDlgItemTextW
TrackMouseEvent
GetDlgItemTextW
SendDlgItemMessageW
IsWindowEnabled
IsDlgButtonChecked
LoadCursorW
SetCapture
SetCursor
GetDlgItemInt
GetDlgItem
SetRect
SystemParametersInfoW
CheckDlgButton
GetSysColorBrush
SetDlgItemInt
DialogBoxParamW
UnregisterDeviceNotification
ReleaseCapture
EnableWindow
KillTimer
DestroyWindow
IsWindowVisible
GetSystemMetrics
IsDialogMessageW
SetScrollInfo
DeferWindowPos
DefWindowProcW
ShowScrollBar
PostMessageW
InflateRect
GetDC
UnregisterClassW
GetScrollInfo
GetWindowLongPtrW
GetScrollPos
ShowWindow
BeginDeferWindowPos
OffsetRect
GetSysColor
EndDeferWindowPos
GetClientRect
DrawTextW
SetScrollPos
GetParent
PtInRect
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
MessageBoxW
EnumChildWindows
SetWindowTextW
GetWindowTextW
GetWindowLongW
CallWindowProcW
GetWindowRect
SetWindowPos
GetPropW
SetWindowLongPtrW
SendMessageW
SetPropW
gdi32
StretchDIBits
CreateRectRgn
SetTextColor
SelectClipRgn
SetStretchBltMode
SetROP2
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Polyline
LineTo
CreatePen
Rectangle
SetViewportOrgEx
MoveToEx
SelectObject
GetStockObject
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetBkMode
Polygon
SetBkColor
DeleteObject
CreateFontIndirectW
ExtTextOutW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
advapi32
RegSetValueExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
ole32
CoCreateInstance
oleaut32
VariantClear
SysAllocString
SysFreeString
setupapi
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
shlwapi
PathFindFileNameW
PathStripPathW
ord12
Exports
Exports
DS_Entry
Sections
.text Size: 9.8MB - Virtual size: 9.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IPPCODE Size: 273KB - Virtual size: 272KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 860KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 142KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IPPDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 267KB - Virtual size: 266KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
drivers/x64/amcam.cat
-
drivers/x64/amcam.inf
-
drivers/x64/amcam.sys.sys windows:6 windows x64 arch:x64
b81df4c99cf5668be28b98bd11816232
Code Sign
04:00:00:00:00:01:2f:4e:e1:52:d7Certificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13-04-2011 10:00Not After28-01-2028 12:00SubjectCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13-04-2011 10:00Not After13-04-2019 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate
IssuerCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BENot Before24-05-2016 00:00Not After24-06-2027 00:00SubjectCN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SGExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:42:f4:03:85:f6:21:1f:3e:73:bb:26:5a:0a:7e:f1:55Certificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before24-09-2013 21:28Not After23-09-2016 21:35SubjectCN=iScope Corp.,OU=United Scope LLC.,O=iScope Corp.,L=Irvine,ST=CA,C=US,1.2.840.113549.1.9.1=#0c156d61726b6574696e6740616d73636f70652e636f6dExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
61:0b:7f:6b:00:00:00:00:00:19Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before23-05-2006 17:00Not After23-05-2016 17:10SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
1b:e0:e6:17:2d:4f:cd:02:36:2e:d8:ff:7a:d6:e6:d4:03:fe:1b:0fSigner
Actual PE Digest1b:e0:e6:17:2d:4f:cd:02:36:2e:d8:ff:7a:d6:e6:d4:03:fe:1b:0fDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
c:\dev\image\sys\amscope\amd64\amcam.pdb
Imports
ntoskrnl.exe
IoDeleteDevice
KeSetEvent
swprintf
KeInitializeEvent
IoDetachDevice
PoRequestPowerIrp
PoSetPowerState
MmMapLockedPagesSpecifyCache
ExAllocatePool
RtlInitUnicodeString
PoStartNextPowerIrp
IofCompleteRequest
KeWaitForSingleObject
IoAttachDeviceToDeviceStack
PoCallDriver
IoCreateSymbolicLink
IoCreateDevice
IofCallDriver
KeBugCheckEx
IoDeleteSymbolicLink
IoBuildDeviceIoControlRequest
ExFreePool
sprintf
usbd.sys
USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx
USBD_GetUSBDIVersion
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 896B - Virtual size: 836B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 384B - Virtual size: 272B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 432B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
drivers/x64/dpinst.exe.exe windows:6 windows x64 arch:x64
3eacb9638877275335da4b58e52824f8
Code Sign
61:15:23:0f:00:00:00:00:00:0aCertificate
IssuerCN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07-12-2009 21:57Not After07-03-2011 21:57SubjectCN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
61:16:b5:29:00:00:00:00:00:10Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04-01-2010 21:12Not After04-01-2013 21:22SubjectCN=Microsoft Time-Stamp Service,OU=nCipher+OU=nCipher DSE ESN:ACD3-AE66-E0B5,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
61:16:b5:29:00:00:00:00:00:10Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04-01-2010 21:12Not After04-01-2013 21:22SubjectCN=Microsoft Time-Stamp Service,OU=nCipher+OU=nCipher DSE ESN:ACD3-AE66-E0B5,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
79:ad:16:a1:4a:a0:a5:ad:4c:73:58:f4:07:13:2e:65Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before09-05-2001 23:19Not After09-05-2021 23:28SubjectCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dKey Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:07:02:dc:00:00:00:00:00:0bCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before15-09-2005 21:55Not After15-03-2016 22:05SubjectCN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
bf:2c:50:54:a4:3a:a3:54:81:e2:9a:d4:b6:4d:5c:bc:8e:cd:ae:c6Signer
Actual PE Digestbf:2c:50:54:a4:3a:a3:54:81:e2:9a:d4:b6:4d:5c:bc:8e:cd:ae:c6Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
DpInst.pdb
Imports
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
IsTextUnicode
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
DeleteService
CloseServiceHandle
ControlService
StartServiceW
OpenServiceW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
QueryServiceStatus
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
CheckTokenMembership
kernel32
CreateMutexW
ReleaseMutex
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryW
GetProcAddress
GetStdHandle
GetConsoleMode
SetConsoleMode
ReadConsoleOutputW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
FreeConsole
FreeLibrary
WriteConsoleOutputW
WriteConsoleW
IsValidLocale
VirtualProtect
Sleep
GetFileAttributesW
DeleteFileW
FormatMessageW
RaiseException
CopyFileW
SetFileAttributesW
GetTempFileNameW
FindClose
FindNextFileW
CompareStringW
lstrcmpW
FindFirstFileW
lstrlenW
UnmapViewOfFile
GetConsoleScreenBufferInfo
CreateFileMappingW
LCMapStringW
WaitForMultipleObjectsEx
WaitForSingleObjectEx
SetEndOfFile
CreateEventW
SetEvent
LocalReAlloc
DeviceIoControl
VerifyVersionInfoW
VerSetConditionMask
GetSystemDirectoryW
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
GetShortPathNameW
RemoveDirectoryW
MoveFileExW
CreateDirectoryW
GetFullPathNameW
SetLastError
GetLocaleInfoW
LoadLibraryExW
GetSystemDefaultUILanguage
SearchPathW
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
OutputDebugStringA
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapSize
HeapReAlloc
HeapDestroy
GetFileSize
CreateThread
SetThreadLocale
GetThreadLocale
WriteFile
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetCurrentProcess
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
SetCurrentDirectoryW
GetUserDefaultUILanguage
EnumResourceLanguagesW
GetModuleFileNameW
GetExitCodeProcess
WaitForSingleObject
LocalFree
GlobalFree
LocalAlloc
GetLastError
GetCommandLineW
CloseHandle
MapViewOfFile
gdi32
CreateBitmap
CreateCompatibleBitmap
GetObjectW
DeleteDC
SetLayout
CreateCompatibleDC
EndPage
StartPage
EndDoc
StartDocW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
DeleteObject
SelectObject
user32
DestroyIcon
CreateIconIndirect
DrawIconEx
GetIconInfo
LoadIconW
LoadBitmapW
CharLowerW
UnregisterClassA
PostQuitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
ShowWindow
AllowSetForegroundWindow
DialogBoxParamW
SetDlgItemTextW
EndDialog
MessageBoxW
GetDlgItem
SendMessageW
GetProcessWindowStation
GetUserObjectInformationW
LoadImageW
SetWindowTextW
PostMessageW
GetParent
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
SendDlgItemMessageW
InvalidateRect
GetSystemMetrics
GetSysColor
DestroyWindow
SetWindowLongW
SystemParametersInfoW
GetDC
ReleaseDC
DrawTextExW
msvcrt
_wcmdln
exit
_cexit
_exit
_XcptFilter
__wgetmainargs
_resetstkoflw
__C_specific_handler
memset
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
fread
_initterm
fclose
fwprintf
_wfopen
realloc
??2@YAPEAX_K@Z
wcsstr
_wcsicmp
_wtol
_vscwprintf
free
malloc
??_V@YAXPEAX@Z
??3@YAXPEAX@Z
_amsg_exit
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
??1type_info@@UEAA@XZ
memcpy
memmove
_CxxThrowException
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
_wcsnicmp
_vsnwprintf
wcsncmp
bsearch
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
iswalpha
??_U@YAPEAX_K@Z
wcschr
wcspbrk
wcsrchr
iswdigit
feof
memcmp
ntdll
NtQueryInformationToken
RtlNtStatusToDosError
NtClose
NtOpenThreadToken
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtOpenProcessToken
shell32
ord59
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
setupapi
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
pSetupSetGlobalFlags
SetupDefaultQueueCallbackW
pSetupGetGlobalFlags
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupGetFieldCount
SetupGetIntField
SetupGetStringFieldW
SetupFindNextMatchLineW
SetupFindNextLine
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupPromptReboot
SetupDiGetDeviceInstanceIdW
SetupFindFirstLineW
SetupOpenAppendInfFileW
SetupGetLineCountW
SetupDiGetActualSectionToInstallW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetSelectedDriverW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupQueueCopyW
CMP_WaitNoPendingInstallEvents
SetupCloseFileQueue
SetupOpenFileQueue
SetupDiGetDriverInfoDetailW
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupInstallFilesFromInfSectionW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
CM_Enumerate_Classes
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
CM_Get_Device_IDW
SetupCopyOEMInfW
SetupGetTargetPathW
wintrust
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust
ole32
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID
oleaut32
VariantInit
VariantClear
SysAllocString
SysFreeString
VariantChangeType
comctl32
PropertySheetW
CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
comdlg32
PrintDlgExW
GetSaveFileNameW
crypt32
CertFreeCTLContext
CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Sections
.text Size: 510KB - Virtual size: 510KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 470KB - Virtual size: 472KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
drivers/x86/amcam.cat
-
drivers/x86/amcam.inf
-
drivers/x86/amcam.sys.sys windows:6 windows x86 arch:x86
9d65fd58c8133e8b6aa50533422bb66e
Code Sign
04:00:00:00:00:01:2f:4e:e1:52:d7Certificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13-04-2011 10:00Not After28-01-2028 12:00SubjectCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13-04-2011 10:00Not After13-04-2019 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate
IssuerCN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BENot Before24-05-2016 00:00Not After24-06-2027 00:00SubjectCN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SGExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:42:f4:03:85:f6:21:1f:3e:73:bb:26:5a:0a:7e:f1:55Certificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before24-09-2013 21:28Not After23-09-2016 21:35SubjectCN=iScope Corp.,OU=United Scope LLC.,O=iScope Corp.,L=Irvine,ST=CA,C=US,1.2.840.113549.1.9.1=#0c156d61726b6574696e6740616d73636f70652e636f6dExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
61:0b:7f:6b:00:00:00:00:00:19Certificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before23-05-2006 17:00Not After23-05-2016 17:10SubjectCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
b7:c2:5b:e0:e8:cd:9c:31:1e:4a:a7:d9:a4:c3:9e:ee:55:c7:87:ffSigner
Actual PE Digestb7:c2:5b:e0:e8:cd:9c:31:1e:4a:a7:d9:a4:c3:9e:ee:55:c7:87:ffDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
c:\dev\image\sys\amscope\i386\amcam.pdb
Imports
ntoskrnl.exe
IofCallDriver
KeSetEvent
KeWaitForSingleObject
KeInitializeEvent
IofCompleteRequest
IoDeleteSymbolicLink
RtlInitUnicodeString
ExFreePool
PoStartNextPowerIrp
PoSetPowerState
IoCreateDevice
swprintf
memset
IoBuildDeviceIoControlRequest
ExAllocatePool
memcpy
sprintf
InterlockedDecrement
InterlockedIncrement
PoRequestPowerIrp
IoAttachDeviceToDeviceStack
MmMapLockedPagesSpecifyCache
PoCallDriver
IoDeleteDevice
IoDetachDevice
IoCreateSymbolicLink
KeTickCount
KeBugCheckEx
usbd.sys
USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx
USBD_GetUSBDIVersion
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1024B - Virtual size: 938B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 388B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
drivers/x86/dpinst.exe.exe windows:6 windows x86 arch:x86
3ab7cc62e4963955ad408cd420cd8ef1
Code Sign
61:03:dc:f6:00:00:00:00:00:0cCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before25-07-2008 19:12Not After25-07-2011 19:22SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
61:15:23:0f:00:00:00:00:00:0aCertificate
IssuerCN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07-12-2009 21:57Not After07-03-2011 21:57SubjectCN=Microsoft Windows,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03-04-2007 12:53Not After03-04-2021 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:07:02:dc:00:00:00:00:00:0bCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before15-09-2005 21:55Not After15-03-2016 22:05SubjectCN=Microsoft Windows Verification PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
71:85:11:e5:d1:4c:f1:de:16:92:e6:78:64:21:75:0c:36:76:a6:9eSigner
Actual PE Digest71:85:11:e5:d1:4c:f1:de:16:92:e6:78:64:21:75:0c:36:76:a6:9eDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
DpInst.pdb
Imports
advapi32
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
IsTextUnicode
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
DeleteService
StartServiceW
ControlService
OpenSCManagerW
CloseServiceHandle
OpenServiceW
QueryServiceStatus
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
kernel32
GetFileAttributesW
DeleteFileW
ReleaseMutex
SetFilePointer
HeapFree
GetProcessHeap
HeapAlloc
CreateMutexW
FreeConsole
SetConsoleMode
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FreeLibrary
FillConsoleOutputCharacterW
ReadConsoleOutputW
GetConsoleMode
GetStdHandle
GetProcAddress
LoadLibraryW
WriteConsoleW
IsValidLocale
lstrlenW
lstrcmpW
CompareStringW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
SetFileAttributesW
FormatMessageW
RaiseException
GetFileSize
CreateFileMappingW
MapViewOfFile
WriteConsoleOutputW
UnmapViewOfFile
InterlockedDecrement
InterlockedIncrement
CreateFileW
WriteFile
CreateThread
WaitForMultipleObjectsEx
InterlockedCompareExchange
WaitForSingleObjectEx
SetEvent
CreateEventW
GetExitCodeProcess
DeviceIoControl
VerSetConditionMask
VerifyVersionInfoW
CreateDirectoryW
RemoveDirectoryW
GetCurrentDirectoryW
GetShortPathNameW
GetFullPathNameW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
MoveFileExW
SearchPathW
GetSystemDefaultUILanguage
LoadLibraryExW
CreateFileA
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetConsoleCP
GetLocaleInfoA
Sleep
LoadLibraryExA
ReadFile
LCMapStringW
LCMapStringA
GetThreadLocale
SetThreadLocale
GetUserDefaultUILanguage
GetVersionExW
GetLocalTime
GetWindowsDirectoryW
GetModuleFileNameW
SetCurrentDirectoryW
WaitForSingleObject
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
GetStartupInfoW
GetEnvironmentVariableW
lstrcmpiW
WideCharToMultiByte
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetCommandLineW
LocalAlloc
GlobalFree
LocalFree
MultiByteToWideChar
GetCurrentProcess
GetLastError
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceLanguagesW
LocalReAlloc
EnterCriticalSection
gdi32
SetLayout
DeleteDC
GetObjectW
CreateCompatibleBitmap
CreateBitmap
SelectObject
StartPage
EndPage
StartDocW
EndDoc
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
CreateCompatibleDC
user32
AllowSetForegroundWindow
DefWindowProcW
PostQuitMessage
GetUserObjectInformationW
GetProcessWindowStation
GetIconInfo
DrawIconEx
CreateIconIndirect
LoadIconW
LoadBitmapW
DrawTextExW
LoadImageW
GetSystemMetrics
GetSysColor
DestroyWindow
GetWindowLongW
SendDlgItemMessageW
InvalidateRect
SystemParametersInfoW
GetDC
ReleaseDC
SetWindowLongW
SetWindowTextW
GetParent
PostMessageW
IsDlgButtonChecked
CheckDlgButton
SetFocus
CallWindowProcW
DestroyIcon
DialogBoxParamW
SetDlgItemTextW
CharLowerW
GetDlgItem
SendMessageW
MessageBoxW
RegisterClassExW
CreateWindowExW
ShowWindow
UnregisterClassA
EndDialog
ntdll
RtlNtStatusToDosError
NtOpenThreadToken
NtQueryInformationToken
NtOpenProcessToken
RtlUnwind
NtClose
shell32
SHGetFolderPathW
ShellExecuteExW
ord59
CommandLineToArgvW
setupapi
SetupDiClassNameFromGuidW
SetupDiOpenClassRegKey
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupGetLineCountW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW
pSetupSetGlobalFlags
pSetupGetGlobalFlags
SetupGetFieldCount
SetupGetIntField
SetupOpenAppendInfFileW
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
CM_Enumerate_Classes
CM_Get_DevNode_Status
SetupDiCreateDeviceInfoList
SetupDiSetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetSelectedDevice
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupQueueCopyIndirectW
SetupQueueCopyW
SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupCloseFileQueue
SetupCopyOEMInfW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_Device_IDW
CM_Setup_DevNode
SetupDiEnumDeviceInfo
CMP_WaitNoPendingInstallEvents
CM_Query_And_Remove_SubTreeW
wintrust
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle
ole32
CoTaskMemFree
StringFromCLSID
CoUninitialize
CoInitialize
CoCreateInstance
oleaut32
VariantInit
VariantClear
VariantChangeType
SysAllocString
SysFreeString
comctl32
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW
ImageList_Create
comdlg32
PrintDlgExW
GetSaveFileNameW
crypt32
CertFreeCertificateContext
CertFreeCTLContext
CertGetCTLContextProperty
CryptQueryObject
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
Sections
.text Size: 392KB - Virtual size: 391KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 470KB - Virtual size: 472KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
uninst.exe.exe windows:4 windows x86 arch:x86
c05041e01f84e1ccca9c4451f3b6a383
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 160KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 648B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
6b5c4f7d679059f68f1269aad3a5cecd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc
user32
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW
gdi32
SetTextColor
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 638B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ