J:\GitHub\vcpkg\buildtrees\openssl\x86-windows-rel\libcrypto-3.pdb
Overview
overview
3Static
static
3libcrypto-3.dll
windows7-x64
3libcrypto-3.dll
windows10-2004-x64
3libcurl.dll
windows7-x64
3libcurl.dll
windows10-2004-x64
3libmysql.dll
windows7-x64
3libmysql.dll
windows10-2004-x64
3wolfMP.exe
windows7-x64
3wolfMP.exe
windows10-2004-x64
3wolfMP_129.exe
windows7-x64
3wolfMP_129.exe
windows10-2004-x64
3wolfssl.dll
windows7-x64
3wolfssl.dll
windows10-2004-x64
3zlib1.dll
windows7-x64
3zlib1.dll
windows10-2004-x64
3Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
libcrypto-3.dll
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
libcrypto-3.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral3
Sample
libcurl.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral4
Sample
libcurl.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral5
Sample
libmysql.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
libmysql.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
wolfMP.exe
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
wolfMP.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
wolfMP_129.exe
Resource
win7-20240704-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
wolfMP_129.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral11
Sample
wolfssl.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
wolfssl.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral13
Sample
zlib1.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral14
Sample
zlib1.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
rtcwpro_131_client.zip
-
Size
4.3MB
-
MD5
42c96df72311e982adc5f726c592491b
-
SHA1
af145f7a3ce8b888624e33724dc17d913dddc2f0
-
SHA256
493883858f865949bb11e99028e6cf61d37941d1fe693e424c53ee9a687bd6b3
-
SHA512
56b1f41ad97c61c01f4a899d33e50847f46e5214a219b52854acf07b713288582095cdf9a96f38a0c36c5c5dc62c2059ff9349e1f999ff425db9d6f1b8433f2f
-
SSDEEP
98304:DKbqZ7aOxR+jjNc5iTloEHvNdkkuIWPqn61I8aRTV6s4:DKbDlvoMrbk/Iwqvz1VB4
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack001/libcrypto-3.dll unpack001/libcurl.dll unpack001/libmysql.dll unpack001/wolfssl.dll unpack001/zlib1.dll
Files
-
rtcwpro_131_client.zip.zip
Password: infected
-
libcrypto-3.dll.dll windows:6 windows x86 arch:x86
Password: infected
eabf520ad66f6a4edf2940dc969aeda6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
accept
WSACleanup
WSAStartup
select
htonl
closesocket
getsockname
ioctlsocket
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
ntohs
inet_ntoa
inet_addr
htons
connect
listen
setsockopt
socket
shutdown
recv
send
recvfrom
sendto
bind
getsockopt
advapi32
CryptCreateHash
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
DeregisterEventSource
CryptDecrypt
CryptExportKey
CryptGetUserKey
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
user32
GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation
bcrypt
BCryptGenRandom
kernel32
InitializeSRWLock
FindNextFileW
ReleaseSRWLockExclusive
FindClose
VirtualLock
VirtualFree
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetConsoleMode
ReadConsoleA
ReadConsoleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
FindFirstFileW
SetConsoleMode
VirtualProtect
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
GetACP
WideCharToMultiByte
ConvertFiberToThread
ConvertThreadToFiberEx
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageA
Sleep
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
CloseHandle
LoadLibraryW
GetEnvironmentVariableW
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
vcruntime140
__std_type_info_destroy_list
wcsstr
memchr
strstr
strchr
memmove
strrchr
memset
memcpy
_except_handler4_common
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__stdio_common_vsscanf
fputs
_setmode
setvbuf
__stdio_common_vswprintf
ftell
fseek
_wfopen
fopen
fread
__stdio_common_vsprintf_s
_fileno
fgets
clearerr
setbuf
fflush
ferror
feof
__stdio_common_vfprintf
fclose
fwrite
__stdio_common_vsprintf
api-ms-win-crt-convert-l1-1-0
atoi
strtoul
strtol
api-ms-win-crt-string-l1-1-0
strncmp
strncpy
strspn
strcspn
tolower
strcmp
strcat_s
strncpy_s
isspace
_strdup
strcpy_s
isdigit
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64_s
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
calloc
free
realloc
malloc
api-ms-win-crt-runtime-l1-1-0
_seh_filter_dll
signal
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
strerror_s
_crt_atexit
raise
_exit
_errno
perror
_cexit
_configure_narrow_argv
_initterm_e
_initterm
api-ms-win-crt-filesystem-l1-1-0
_stat64i32
_chmod
_fstat64i32
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_dup
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_dup
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_print_ex
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_dup
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_bio_ex
ASN1_item_d2i_ex
ASN1_item_d2i_fp
ASN1_item_d2i_fp_ex
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_i2d_mem_bio
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_new_ex
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_sign_ex
ASN1_item_unpack
ASN1_item_verify
ASN1_item_verify_ctx
ASN1_item_verify_ex
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_callback
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_get_status
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_callback
ASYNC_WAIT_CTX_set_status
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_debug_callback_ex
BIO_dgram_non_fatal_error
BIO_do_connect_retry
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_prefix
BIO_f_readbuffer
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_line
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_ex
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_from_core_bio
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_core
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_socket_wait
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_wait
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 679KB - Virtual size: 679KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 952B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 94KB - Virtual size: 93KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libcurl.dll.dll windows:6 windows x86 arch:x86
Password: infected
99e84054f40f1a17962ac7b0ef773ebe
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
J:\GitHub\vcpkg\buildtrees\curl\x86-windows-rel\lib\libcurl.pdb
Imports
ws2_32
__WSAFDIsSet
htonl
ioctlsocket
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
select
accept
gethostname
freeaddrinfo
getaddrinfo
inet_ntop
inet_pton
WSAIoctl
WSASetLastError
socket
setsockopt
WSAStartup
WSACleanup
recvfrom
sendto
ntohs
getsockopt
getsockname
getpeername
connect
bind
WSAGetLastError
send
listen
closesocket
recv
htons
zlib1
inflateInit_
inflateInit2_
zlibVersion
inflate
inflateEnd
advapi32
CryptAcquireContextW
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext
crypt32
CertFreeCertificateContext
CryptDecodeObjectEx
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptStringToBinaryW
PFXImportCertStore
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringW
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFindCertificateInStore
CertFreeCertificateChain
bcrypt
BCryptGenRandom
kernel32
FormatMessageW
SetLastError
GetLastError
GetCurrentProcessId
MoveFileExW
Sleep
GetEnvironmentVariableA
AcquireSRWLockExclusive
QueryPerformanceFrequency
WaitForSingleObjectEx
CloseHandle
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
SleepEx
DeleteCriticalSection
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryW
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
GetModuleHandleA
VerifyVersionInfoW
CreateFileW
GetFileSizeEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
ReleaseSRWLockExclusive
VerSetConditionMask
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
vcruntime140
__std_type_info_destroy_list
memchr
strstr
wcschr
memmove
strrchr
strchr
memset
memcpy
_except_handler4_common
api-ms-win-crt-stdio-l1-1-0
fflush
__stdio_common_vsscanf
_close
feof
fputs
ftell
_read
__stdio_common_vsprintf
fputc
_write
__acrt_iob_func
fclose
fseek
fread
_lseeki64
fgets
fwrite
_wopen
_wfopen
api-ms-win-crt-convert-l1-1-0
strtoul
strtoll
wcstombs
atoi
strtol
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64
strftime
api-ms-win-crt-runtime-l1-1-0
_beginthreadex
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_execute_onexit_table
_errno
__sys_nerr
__sys_errlist
api-ms-win-crt-string-l1-1-0
wcspbrk
strpbrk
strncmp
strcspn
_strdup
wcsncmp
strncpy
_wcsdup
wcsncpy
strspn
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-filesystem-l1-1-0
_wstat64
_fstat64
_waccess
_unlink
api-ms-win-crt-heap-l1-1-0
calloc
free
malloc
realloc
api-ms-win-crt-math-l1-1-0
_fdopen
Exports
Exports
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_header
curl_easy_init
curl_easy_nextheader
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_url_strerror
curl_version
curl_version_info
curl_ws_meta
curl_ws_recv
curl_ws_send
Sections
.text Size: 339KB - Virtual size: 338KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libmysql.dll.dll windows:5 windows x86 arch:x86
Password: infected
766baee93ad8ded466ba37bcc4146b83
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
F:\ade\build\sb_0-13191046-1410445640.56\release\libmysql\RelWithDebInfo\libmysql.pdb
Imports
kernel32
GetLastError
InterlockedDecrement
GetCurrentThread
GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapSize
IsProcessorFeaturePresent
SetCurrentDirectoryA
GetCurrentDirectoryA
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
InitializeCriticalSection
FormatMessageA
TlsAlloc
CloseHandle
SetNamedPipeHandleState
WaitNamedPipeA
CreateFileA
UnmapViewOfFile
WaitForSingleObject
SetEvent
MapViewOfFile
OpenFileMappingA
OpenEventA
GetConsoleCP
CreateEventA
WaitForMultipleObjects
CancelIo
GetOverlappedResult
ReadFile
PeekNamedPipe
DisconnectNamedPipe
QueryPerformanceFrequency
GetLocaleInfoA
GetFileAttributesA
GetFullPathNameA
GetModuleHandleA
ResetEvent
SetFilePointerEx
SetEndOfFile
GetFileSizeEx
DuplicateHandle
GetFileAttributesExA
FlushFileBuffers
TryEnterCriticalSection
OpenThread
TerminateThread
InterlockedCompareExchange
GetLogicalDrives
GetSystemDirectoryA
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetTimeZoneInformation
SetStdHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
ExitThread
CreateThread
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFilePointer
RaiseException
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
EncodePointer
GetCommandLineA
DecodePointer
LoadLibraryExA
GetCurrentThreadId
SetEnvironmentVariableW
secur32
GetUserNameExW
FreeCredentialsHandle
DeleteSecurityContext
AcquireCredentialsHandleA
FreeContextBuffer
InitializeSecurityContextW
CompleteAuthToken
advapi32
CryptReleaseContext
RegOpenKeyExA
RegEnumValueA
RegCloseKey
CryptAcquireContextA
CryptGenRandom
IsValidSid
EqualSid
LookupAccountNameW
GetTokenInformation
ws2_32
closesocket
bind
WSAGetLastError
socket
freeaddrinfo
getaddrinfo
WSASetLastError
connect
getsockname
send
recv
getsockopt
setsockopt
shutdown
WSAIoctl
ioctlsocket
__WSAFDIsSet
select
getnameinfo
htonl
WSACleanup
WSAStartup
getservbyname
ntohs
getpeername
Exports
Exports
get_tty_password
handle_options
load_defaults
my_init
myodbc_remove_escape
mysql_affected_rows
mysql_autocommit
mysql_change_user
mysql_character_set_name
mysql_client_find_plugin
mysql_client_register_plugin
mysql_close
mysql_commit
mysql_data_seek
mysql_debug
mysql_dump_debug_info
mysql_embedded
mysql_eof
mysql_errno
mysql_error
mysql_escape_string
mysql_fetch_field
mysql_fetch_field_direct
mysql_fetch_fields
mysql_fetch_lengths
mysql_fetch_row
mysql_field_count
mysql_field_seek
mysql_field_tell
mysql_free_result
mysql_get_character_set_info
mysql_get_client_info
mysql_get_client_version
mysql_get_host_info
mysql_get_proto_info
mysql_get_server_info
mysql_get_server_version
mysql_get_ssl_cipher
mysql_hex_string
mysql_info
mysql_init
mysql_insert_id
mysql_kill
mysql_list_dbs
mysql_list_fields
mysql_list_processes
mysql_list_tables
mysql_load_plugin
mysql_load_plugin_v
mysql_more_results
mysql_next_result
mysql_num_fields
mysql_num_rows
mysql_options
mysql_options4
mysql_ping
mysql_plugin_options
mysql_query
mysql_read_query_result
mysql_real_connect
mysql_real_escape_string
mysql_real_query
mysql_refresh
mysql_rollback
mysql_row_seek
mysql_row_tell
mysql_select_db
mysql_send_query
mysql_server_end
mysql_server_init
mysql_set_character_set
mysql_set_local_infile_default
mysql_set_local_infile_handler
mysql_set_server_option
mysql_shutdown
mysql_sqlstate
mysql_ssl_set
mysql_stat
mysql_stmt_affected_rows
mysql_stmt_attr_get
mysql_stmt_attr_set
mysql_stmt_bind_param
mysql_stmt_bind_result
mysql_stmt_close
mysql_stmt_data_seek
mysql_stmt_errno
mysql_stmt_error
mysql_stmt_execute
mysql_stmt_fetch
mysql_stmt_fetch_column
mysql_stmt_field_count
mysql_stmt_free_result
mysql_stmt_init
mysql_stmt_insert_id
mysql_stmt_next_result
mysql_stmt_num_rows
mysql_stmt_param_count
mysql_stmt_param_metadata
mysql_stmt_prepare
mysql_stmt_reset
mysql_stmt_result_metadata
mysql_stmt_row_seek
mysql_stmt_row_tell
mysql_stmt_send_long_data
mysql_stmt_sqlstate
mysql_stmt_store_result
mysql_store_result
mysql_thread_end
mysql_thread_id
mysql_thread_init
mysql_thread_safe
mysql_use_result
mysql_warning_count
Sections
.text Size: 803KB - Virtual size: 802KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3.2MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
wolfMP.exe.exe windows:6 windows x86 arch:x86
Password: infected
2486027b527cac93ddfb372048d4dc53
Code Sign
13:ea:ef:ba:db:03:79:9c:45:fb:6c:f4:11:71:aa:7cCertificate
IssuerCN=RtcwProCert2023Not Before06/09/2023, 16:12Not After06/09/2024, 16:32SubjectCN=RtcwProCert2023Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:11:9b:78:07:23:0b:90:1c:8d:6e:51:23:e9:47:fb:f8:7c:7b:c1:e0:cc:dd:53:d4:78:9b:c7:72:fa:07:edSigner
Actual PE Digest30:11:9b:78:07:23:0b:90:1c:8d:6e:51:23:e9:47:fb:f8:7c:7b:c1:e0:cc:dd:53:d4:78:9b:c7:72:fa:07:edDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
J:\GitHub\RTCW-Pro\src\Builds\Release\wolf\wolfMP.pdb
Imports
winmm
joyGetNumDevs
joyGetDevCapsA
timeGetTime
timeBeginPeriod
timeEndPeriod
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
joyGetPosEx
midiInStart
midiInClose
midiInOpen
midiInGetDevCapsA
waveOutReset
midiInGetNumDevs
wsock32
bind
closesocket
connect
inet_ntoa
htons
ioctlsocket
ntohl
ntohs
WSAGetLastError
WSACleanup
WSAStartup
gethostname
gethostbyname
socket
setsockopt
sendto
send
select
recvfrom
recv
libcurl
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo
kernel32
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
SetEnvironmentVariableW
GetCurrentThread
GetModuleFileNameW
SetEndOfFile
WriteConsoleW
HeapSize
SetConsoleCtrlHandler
GetProcessHeap
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
OutputDebugStringW
CreateDirectoryW
HeapReAlloc
SetStdHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
DeleteFileW
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
Sleep
GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
GetDriveTypeA
SetErrorMode
CreateProcessA
GetSystemInfo
GetVersionExA
FreeLibrary
GlobalSize
GlobalUnlock
GlobalLock
GlobalMemoryStatus
SleepEx
GlobalAlloc
GlobalFree
MulDiv
WriteFile
GetStdHandle
FreeLibraryAndExitThread
ResumeThread
ExitThread
FindNextFileW
FindFirstFileExW
FindClose
GetFullPathNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CloseHandle
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
RaiseException
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
DecodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemDirectoryA
WideCharToMultiByte
MultiByteToWideChar
HeapFree
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
CreateThread
CreateEventA
GetLastError
VirtualAlloc
VirtualFree
FormatMessageA
SetEvent
ResetEvent
WaitForSingleObject
user32
MonitorFromRect
SystemParametersInfoA
GetWindowLongA
GetKeyState
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageA
LoadIconA
LoadCursorA
GetDesktopWindow
AdjustWindowRect
GetWindowTextA
SetWindowTextA
InvalidateRect
ReleaseDC
GetDC
SetForegroundWindow
UpdateWindow
SetTimer
SetWindowPos
CloseWindow
DestroyWindow
GetMonitorInfoA
RegisterClassA
CallWindowProcA
PostQuitMessage
DefWindowProcA
SendMessageA
MessageBoxA
SetFocus
GetClipboardData
CloseClipboard
OpenClipboard
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
ClipCursor
GetCursorPos
SetCursorPos
ShowCursor
GetWindowRect
GetSystemMetrics
ReleaseCapture
SetCapture
GetForegroundWindow
ShowWindow
CreateWindowExA
ChangeDisplaySettingsA
EnumDisplaySettingsA
SetWindowLongA
gdi32
SetPixelFormat
SwapBuffers
GetDeviceGammaRamp
SetBkColor
DescribePixelFormat
SetTextColor
SetDeviceGammaRamp
GetDeviceCaps
CreateSolidBrush
CreateFontA
advapi32
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegCloseKey
shell32
ShellExecuteA
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 13.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
wolfMP_129.exe.exe windows:6 windows x86 arch:x86
Password: infected
b70a06f5e4edf9d0ded8a55658dd2ff5
Code Sign
13:ea:ef:ba:db:03:79:9c:45:fb:6c:f4:11:71:aa:7cCertificate
IssuerCN=RtcwProCert2023Not Before06/09/2023, 16:12Not After06/09/2024, 16:32SubjectCN=RtcwProCert2023Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14/07/2023, 00:00Not After13/10/2034, 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/08/2022, 00:00Not After09/11/2031, 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
b8:e3:06:d1:b7:36:cf:71:11:06:e2:3a:89:a6:95:1f:09:73:5b:26:a4:3b:cb:d0:65:a8:99:1c:b3:73:5f:c6Signer
Actual PE Digestb8:e3:06:d1:b7:36:cf:71:11:06:e2:3a:89:a6:95:1f:09:73:5b:26:a4:3b:cb:d0:65:a8:99:1c:b3:73:5f:c6Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
J:\GitHub\RTCW-Pro\src\Builds\Release\wolf\wolfMP.pdb
Imports
winmm
midiInGetNumDevs
midiInGetDevCapsA
midiInOpen
midiInClose
midiInStart
joyGetPosEx
joyGetNumDevs
joyGetDevCapsA
timeGetTime
timeBeginPeriod
timeEndPeriod
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
wsock32
bind
WSAGetLastError
WSACleanup
WSAStartup
gethostname
gethostbyname
socket
setsockopt
sendto
send
select
recvfrom
recv
ntohs
ntohl
ioctlsocket
htons
inet_ntoa
connect
closesocket
libcurl
curl_slist_append
curl_slist_free_all
curl_easy_strerror
curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_easy_cleanup
curl_version
curl_global_init
curl_global_cleanup
curl_multi_init
curl_multi_add_handle
curl_multi_remove_handle
curl_multi_perform
curl_multi_cleanup
curl_multi_info_read
curl_easy_getinfo
kernel32
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
OutputDebugStringW
CreateDirectoryW
HeapReAlloc
SetStdHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
ReadConsoleW
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
SetEnvironmentVariableW
WideCharToMultiByte
MoveFileExW
DeleteFileW
MultiByteToWideChar
HeapFree
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
DecodePointer
GetCurrentThread
GetModuleFileNameW
WriteFile
GetStdHandle
FreeLibraryAndExitThread
ResumeThread
ExitThread
Sleep
GetProcAddress
LoadLibraryA
GetCurrentDirectoryA
GetDriveTypeA
SetErrorMode
CreateProcessA
GetSystemInfo
GetVersionExA
FreeLibrary
GlobalSize
GlobalUnlock
GetCommandLineW
GlobalMemoryStatus
SleepEx
GlobalAlloc
GlobalFree
MulDiv
GetFullPathNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CloseHandle
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindNextFileW
EncodePointer
SetLastError
RaiseException
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemDirectoryA
CreateThread
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
FormatMessageA
VirtualFree
VirtualAlloc
GetLastError
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetProcessHeap
SetConsoleCtrlHandler
GetCommandLineA
HeapSize
SetEndOfFile
WriteConsoleW
FindClose
FindFirstFileExW
GlobalLock
user32
GetMonitorInfoA
MonitorFromRect
SystemParametersInfoA
GetWindowLongA
GetKeyState
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageA
LoadIconA
LoadCursorA
GetDesktopWindow
SetWindowLongA
AdjustWindowRect
GetWindowTextA
SetWindowTextA
InvalidateRect
ReleaseDC
GetDC
SetForegroundWindow
UpdateWindow
SetTimer
SetWindowPos
CloseWindow
EnumDisplaySettingsA
CreateWindowExA
RegisterClassA
CallWindowProcA
PostQuitMessage
SendMessageA
MessageBoxA
SetFocus
GetClipboardData
CloseClipboard
OpenClipboard
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
ClipCursor
GetCursorPos
SetCursorPos
ShowCursor
GetWindowRect
GetSystemMetrics
ReleaseCapture
SetCapture
GetForegroundWindow
ShowWindow
DestroyWindow
ChangeDisplaySettingsA
DefWindowProcA
gdi32
SwapBuffers
GetDeviceGammaRamp
SetPixelFormat
DescribePixelFormat
SetTextColor
SetBkColor
GetDeviceCaps
CreateSolidBrush
CreateFontA
SetDeviceGammaRamp
advapi32
GetUserNameA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
ShellExecuteA
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 185KB - Virtual size: 184KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 13.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
wolfssl.dll.dll windows:6 windows x86 arch:x86
Password: infected
b5dc0b49828e7b1ccf46d8245e664afa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
J:\GitHub\vcpkg\buildtrees\wolfssl\x86-windows-rel\wolfssl.pdb
Imports
ws2_32
gethostbyname
socket
send
recv
listen
htons
connect
closesocket
bind
WSAGetLastError
accept
kernel32
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
FindClose
FindFirstFileA
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FindNextFileA
UnhandledExceptionFilter
advapi32
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertOpenSystemStoreA
vcruntime140
memset
memmove
strstr
__std_type_info_destroy_list
_except_handler4_common
memcpy
api-ms-win-crt-stdio-l1-1-0
fread
fseek
ftell
fwrite
rewind
fgets
__stdio_common_vfprintf
__stdio_common_vsprintf
fflush
fopen
fclose
api-ms-win-crt-string-l1-1-0
_stricmp
strtok_s
tolower
strncat
toupper
isspace
_strnicmp
strncpy
strncmp
api-ms-win-crt-filesystem-l1-1-0
_stat64i32
api-ms-win-crt-heap-l1-1-0
malloc
free
realloc
api-ms-win-crt-math-l1-1-0
_libm_sse2_log_precise
_libm_sse2_pow_precise
api-ms-win-crt-time-l1-1-0
_time64
_mktime64
_gmtime64
api-ms-win-crt-convert-l1-1-0
atoi
strtol
api-ms-win-crt-runtime-l1-1-0
_errno
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
AddSessionToCache
AddSignature
AltNameNew
Base16_Decode
Base16_Encode
Base64_Decode
Base64_Encode
Base64_EncodeEsc
Base64_Encode_NoNl
BioReceive
BioSend
BuildTls13Message
CheckRunTimeFastMath
CheckRunTimeSettings
ERR_load_SSL_strings
EccEnumToNID
EmbedOcspLookup
EmbedOcspRespFree
EmbedReceive
EmbedSend
FreeAltNames
FreeDecodedCert
FreeNameSubtrees
InitDecodedCert
ParseCert
SSL_COMP_get_compression_methods
SSL_CTX_set_tmp_dh_callback
SSL_ResourceFree
SSL_SESSION_set1_id
SSL_SESSION_set1_id_context
SetName
ToTraditional
ToTraditional_ex
TraditionalEnc
UnTraditionalEnc
WOLFSSL_CIPHER_mode
WOLFSSL_ERROR
WOLFSSL_ERROR_MSG
WOLFSSL_EVP_CIPHER_mode
mp_cond_copy
mp_rand
wc_AesCbcDecrypt
wc_AesCbcDecryptWithKey
wc_AesCbcEncrypt
wc_AesCbcEncryptWithKey
wc_AesCfb1Decrypt
wc_AesCfb1Encrypt
wc_AesCfb8Decrypt
wc_AesCfb8Encrypt
wc_AesCfbDecrypt
wc_AesCfbEncrypt
wc_AesDecryptDirect
wc_AesEncryptDirect
wc_AesFree
wc_AesGcmDecrypt
wc_AesGcmEncrypt
wc_AesGcmEncrypt_ex
wc_AesGcmSetExtIV
wc_AesGcmSetIV
wc_AesGcmSetKey
wc_AesGetKeySize
wc_AesInit
wc_AesInit_Id
wc_AesInit_Label
wc_AesKeyUnWrap
wc_AesKeyUnWrap_ex
wc_AesKeyWrap
wc_AesKeyWrap_ex
wc_AesSetIV
wc_AesSetKey
wc_AesSetKeyDirect
wc_AllocDer
wc_BufferKeyDecrypt
wc_BufferKeyEncrypt
wc_CertFree
wc_CertNew
wc_CertPemToDer
wc_ChaCha20Poly1305_CheckTag
wc_ChaCha20Poly1305_Decrypt
wc_ChaCha20Poly1305_Encrypt
wc_ChaCha20Poly1305_Final
wc_ChaCha20Poly1305_Init
wc_ChaCha20Poly1305_UpdateAad
wc_ChaCha20Poly1305_UpdateData
wc_Chacha_Process
wc_Chacha_SetIV
wc_Chacha_SetKey
wc_CheckCertSigPubKey
wc_CheckProbablePrime
wc_CheckProbablePrime_ex
wc_CreateEncryptedPKCS8Key
wc_CreatePKCS8Key
wc_CryptoCb_DefaultDevID
wc_CryptoCb_RegisterDevice
wc_CryptoCb_UnRegisterDevice
wc_DecryptPKCS8Key
wc_DerToPem
wc_DerToPemEx
wc_Des3Free
wc_Des3Init
wc_Des3_CbcDecrypt
wc_Des3_CbcDecryptWithKey
wc_Des3_CbcEncrypt
wc_Des3_CbcEncryptWithKey
wc_Des3_EcbEncrypt
wc_Des3_SetIV
wc_Des3_SetKey
wc_Des_CbcDecrypt
wc_Des_CbcDecryptWithKey
wc_Des_CbcEncrypt
wc_Des_CbcEncryptWithKey
wc_Des_EcbEncrypt
wc_Des_SetIV
wc_Des_SetKey
wc_DhAgree
wc_DhCheckKeyPair
wc_DhCheckPrivKey
wc_DhCheckPrivKey_ex
wc_DhCheckPubKey
wc_DhCheckPubKey_ex
wc_DhCheckPubValue
wc_DhCmpNamedKey
wc_DhCopyNamedKey
wc_DhExportParamsRaw
wc_DhGenerateKeyPair
wc_DhGenerateParams
wc_DhGetNamedKeyMinSize
wc_DhGetNamedKeyParamSize
wc_DhKeyDecode
wc_DhParamsLoad
wc_DhSetCheckKey
wc_DhSetKey
wc_DhSetKey_ex
wc_DhSetNamedKey
wc_Dh_ffdhe2048_Get
wc_ERR_print_errors_cb
wc_ERR_print_errors_fp
wc_ERR_remove_state
wc_EccKeyDerSize
wc_EccKeyToDer
wc_EccKeyToPKCS8
wc_EccPrivateKeyDecode
wc_EccPrivateKeyToDer
wc_EccPrivateKeyToPKCS8
wc_EccPublicKeyDecode
wc_EccPublicKeyDerSize
wc_EccPublicKeyToDer
wc_EccPublicKeyToDer_ex
wc_EncodeSignature
wc_EncryptPKCS8Key
wc_EncryptedInfoGet
wc_ErrorString
wc_FileExists
wc_FreeDecodedCert
wc_FreeDer
wc_FreeDhKey
wc_FreeMutex
wc_FreeRng
wc_FreeRsaKey
wc_GenerateSeed
wc_GetCTC_HashOID
wc_GetDateAsCalendarTime
wc_GetDateInfo
wc_GetErrorString
wc_GetPkcs8TraditionalOffset
wc_GetPubKeyDerFromCert
wc_GetSubjectRaw
wc_GetTime
wc_Gmac
wc_GmacSetKey
wc_GmacUpdate
wc_GmacVerify
wc_HKDF
wc_HKDF_Expand
wc_HKDF_Extract
wc_Hash
wc_HashFinal
wc_HashFree
wc_HashGetBlockSize
wc_HashGetDigestSize
wc_HashGetFlags
wc_HashGetOID
wc_HashInit
wc_HashInit_ex
wc_HashSetFlags
wc_HashTypeConvert
wc_HashUpdate
wc_HmacFinal
wc_HmacFree
wc_HmacInit
wc_HmacInit_Id
wc_HmacInit_Label
wc_HmacSetKey
wc_HmacSizeByType
wc_HmacUpdate
wc_InitAndAllocMutex
wc_InitCert
wc_InitCert_ex
wc_InitDecodedCert
wc_InitDhKey
wc_InitDhKey_ex
wc_InitMd5
wc_InitMd5_ex
wc_InitMutex
wc_InitRng
wc_InitRngNonce
wc_InitRngNonce_ex
wc_InitRng_ex
wc_InitRsaKey
wc_InitRsaKey_Id
wc_InitRsaKey_Label
wc_InitRsaKey_ex
wc_InitSha
wc_InitSha256
wc_InitSha256_ex
wc_InitSha384
wc_InitSha384_ex
wc_InitSha512
wc_InitSha512_224
wc_InitSha512_224_ex
wc_InitSha512_256
wc_InitSha512_256_ex
wc_InitSha512_ex
wc_InitSha_ex
wc_KeyPemToDer
wc_LockMutex
wc_LockMutex_ex
wc_MakeCert
wc_MakeCertReq
wc_MakeCertReq_ex
wc_MakeCert_ex
wc_MakeRsaKey
wc_MakeSelfCert
wc_Md5Copy
wc_Md5Final
wc_Md5Free
wc_Md5GetFlags
wc_Md5GetHash
wc_Md5Hash
wc_Md5SetFlags
wc_Md5Transform
wc_Md5Update
wc_OidGetHash
wc_PBKDF1
wc_PBKDF1_ex
wc_PBKDF2
wc_PBKDF2_ex
wc_PKCS12_PBKDF
wc_PKCS12_PBKDF_ex
wc_PKCS12_create
wc_PKCS12_free
wc_PKCS12_new
wc_PKCS12_parse
wc_PKCS7_AddCertificate
wc_PKCS7_AddRecipient_KARI
wc_PKCS7_AddRecipient_KEKRI
wc_PKCS7_AddRecipient_KTRI
wc_PKCS7_AddRecipient_ORI
wc_PKCS7_AddRecipient_PWRI
wc_PKCS7_AllowDegenerate
wc_PKCS7_DecodeAuthEnvelopedData
wc_PKCS7_DecodeEncryptedData
wc_PKCS7_DecodeEnvelopedData
wc_PKCS7_EncodeAuthEnvelopedData
wc_PKCS7_EncodeData
wc_PKCS7_EncodeEncryptedData
wc_PKCS7_EncodeEnvelopedData
wc_PKCS7_EncodeSignedData
wc_PKCS7_EncodeSignedData_ex
wc_PKCS7_EncodeSignedEncryptedFPD
wc_PKCS7_EncodeSignedFPD
wc_PKCS7_Free
wc_PKCS7_GetAttributeValue
wc_PKCS7_GetPadSize
wc_PKCS7_GetSignerSID
wc_PKCS7_Init
wc_PKCS7_InitWithCert
wc_PKCS7_New
wc_PKCS7_NoDefaultSignedAttribs
wc_PKCS7_PadData
wc_PKCS7_SetContentType
wc_PKCS7_SetDecodeEncryptedCb
wc_PKCS7_SetDecodeEncryptedCtx
wc_PKCS7_SetDetached
wc_PKCS7_SetKey
wc_PKCS7_SetOriDecryptCb
wc_PKCS7_SetOriDecryptCtx
wc_PKCS7_SetOriEncryptCtx
wc_PKCS7_SetPassword
wc_PKCS7_SetSignerIdentifierType
wc_PKCS7_SetWrapCEKCb
wc_PKCS7_VerifySignedData
wc_PKCS7_VerifySignedData_ex
wc_PRF
wc_PRF_TLS
wc_PRF_TLSv1
wc_ParseCert
wc_PemCertToDer
wc_PemCertToDer_ex
wc_PemGetHeaderFooter
wc_PemPubKeyToDer
wc_PemPubKeyToDer_ex
wc_PemToDer
wc_Poly1305Final
wc_Poly1305SetKey
wc_Poly1305Update
wc_Poly1305_EncodeSizes
wc_Poly1305_EncodeSizes64
wc_Poly1305_MAC
wc_Poly1305_Pad
wc_PubKeyPemToDer
wc_RNG_GenerateBlock
wc_RNG_GenerateByte
wc_RNG_HealthTest
wc_RNG_HealthTest_ex
wc_RNG_TestSeed
wc_ReadDirClose
wc_ReadDirFirst
wc_ReadDirNext
wc_RsaEncryptSize
wc_RsaExportKey
wc_RsaFlattenPublicKey
wc_RsaFunction
wc_RsaKeyToDer
wc_RsaKeyToPublicDer
wc_RsaKeyToPublicDer_ex
wc_RsaPSS_CheckPadding
wc_RsaPSS_CheckPadding_ex
wc_RsaPSS_CheckPadding_ex2
wc_RsaPSS_Sign
wc_RsaPSS_Sign_ex
wc_RsaPSS_Verify
wc_RsaPSS_VerifyCheck
wc_RsaPSS_VerifyCheckInline
wc_RsaPSS_VerifyInline
wc_RsaPSS_VerifyInline_ex
wc_RsaPSS_Verify_ex
wc_RsaPrivateDecrypt
wc_RsaPrivateDecryptInline
wc_RsaPrivateDecryptInline_ex
wc_RsaPrivateDecrypt_ex
wc_RsaPrivateKeyDecode
wc_RsaPublicEncrypt
wc_RsaPublicEncrypt_ex
wc_RsaPublicKeyDecode
wc_RsaPublicKeyDecodeRaw
wc_RsaPublicKeyDecode_ex
wc_RsaPublicKeyDerSize
wc_RsaSSL_Sign
wc_RsaSSL_Verify
wc_RsaSSL_VerifyInline
wc_RsaSSL_Verify_ex
wc_RsaSSL_Verify_ex2
wc_RsaSetRNG
wc_SetAuthKeyId
wc_SetAuthKeyIdFromCert
wc_SetAuthKeyIdFromPublicKey
wc_SetAuthKeyIdFromPublicKey_ex
wc_SetCustomExtension
wc_SetExtKeyUsage
wc_SetIssuer
wc_SetIssuerBuffer
wc_SetIssuerRaw
wc_SetKeyUsage
wc_SetLoggingHeap
wc_SetMutexCb
wc_SetSubject
wc_SetSubjectBuffer
wc_SetSubjectKeyId
wc_SetSubjectKeyIdFromPublicKey
wc_SetSubjectKeyIdFromPublicKey_ex
wc_SetSubjectRaw
wc_SetTimeCb
wc_Sha256Copy
wc_Sha256Final
wc_Sha256FinalRaw
wc_Sha256Free
wc_Sha256GetFlags
wc_Sha256GetHash
wc_Sha256Hash
wc_Sha256SetFlags
wc_Sha256Transform
wc_Sha256Update
wc_Sha384Copy
wc_Sha384Final
wc_Sha384FinalRaw
wc_Sha384Free
wc_Sha384GetFlags
wc_Sha384GetHash
wc_Sha384Hash
wc_Sha384SetFlags
wc_Sha384Update
wc_Sha512Copy
wc_Sha512Final
wc_Sha512FinalRaw
wc_Sha512Free
wc_Sha512GetFlags
wc_Sha512GetHash
wc_Sha512Hash
wc_Sha512SetFlags
wc_Sha512Transform
wc_Sha512Update
wc_Sha512_224Copy
wc_Sha512_224Final
wc_Sha512_224FinalRaw
wc_Sha512_224Free
wc_Sha512_224GetFlags
wc_Sha512_224GetHash
wc_Sha512_224Hash
wc_Sha512_224SetFlags
wc_Sha512_224Transform
wc_Sha512_224Update
wc_Sha512_256Copy
wc_Sha512_256Final
wc_Sha512_256FinalRaw
wc_Sha512_256Free
wc_Sha512_256GetFlags
wc_Sha512_256GetHash
wc_Sha512_256Hash
wc_Sha512_256SetFlags
wc_Sha512_256Transform
wc_Sha512_256Update
wc_ShaCopy
wc_ShaFinal
wc_ShaFinalRaw
wc_ShaFree
wc_ShaGetFlags
wc_ShaGetHash
wc_ShaHash
wc_ShaSetFlags
wc_ShaTransform
wc_ShaUpdate
wc_SignCert
wc_SignCert_ex
wc_SignatureGenerate
wc_SignatureGenerateHash
wc_SignatureGenerateHash_ex
wc_SignatureGenerate_ex
wc_SignatureGetSize
wc_SignatureVerify
wc_SignatureVerifyHash
wc_Time
wc_Tls13_HKDF_Expand_Label
wc_Tls13_HKDF_Extract
wc_UnLockMutex
wc_X963_KDF
wc_d2i_PKCS12
wc_d2i_PKCS12_fp
wc_ecc_check_key
wc_ecc_cmp_point
wc_ecc_copy_point
wc_ecc_del_point
wc_ecc_del_point_h
wc_ecc_export_ex
wc_ecc_export_point_der
wc_ecc_export_point_der_ex
wc_ecc_export_private_only
wc_ecc_export_private_raw
wc_ecc_export_public_raw
wc_ecc_export_x963
wc_ecc_export_x963_ex
wc_ecc_forcezero_point
wc_ecc_free
wc_ecc_gen_k
wc_ecc_get_curve_id
wc_ecc_get_curve_id_from_dp_params
wc_ecc_get_curve_id_from_name
wc_ecc_get_curve_id_from_oid
wc_ecc_get_curve_id_from_params
wc_ecc_get_curve_idx
wc_ecc_get_curve_idx_from_name
wc_ecc_get_curve_params
wc_ecc_get_curve_size_from_id
wc_ecc_get_curve_size_from_name
wc_ecc_get_generator
wc_ecc_get_name
wc_ecc_get_oid
wc_ecc_import_point_der
wc_ecc_import_point_der_ex
wc_ecc_import_private_key
wc_ecc_import_private_key_ex
wc_ecc_import_raw
wc_ecc_import_raw_ex
wc_ecc_import_unsigned
wc_ecc_import_x963
wc_ecc_import_x963_ex
wc_ecc_init
wc_ecc_init_ex
wc_ecc_init_id
wc_ecc_init_label
wc_ecc_is_point
wc_ecc_is_valid_idx
wc_ecc_key_free
wc_ecc_key_new
wc_ecc_make_key
wc_ecc_make_key_ex
wc_ecc_make_key_ex2
wc_ecc_make_pub
wc_ecc_make_pub_ex
wc_ecc_mulmod
Sections
.text Size: 704KB - Virtual size: 703KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 147KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
zlib1.dll.dll windows:6 windows x86 arch:x86
Password: infected
9f31a4a1ad30ea434fc9edb2b671d02e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
J:\GitHub\vcpkg\buildtrees\zlib\x86-windows-rel\zlib.pdb
Imports
vcruntime140
__std_type_info_destroy_list
memmove
memchr
memset
_except_handler4_common
memcpy
api-ms-win-crt-stdio-l1-1-0
_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64
api-ms-win-crt-heap-l1-1-0
malloc
free
api-ms-win-crt-convert-l1-1-0
wcstombs
api-ms-win-crt-runtime-l1-1-0
_cexit
_initialize_onexit_table
_execute_onexit_table
_errno
strerror
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
kernel32
InitializeSListHead
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
UnhandledExceptionFilter
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
Exports
Exports
adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine_gen
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 916B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ