delta[.]zip | Triage

Resubmissions

02/09/2024, 08:39

240902-kkpg3awfjk 5

02/09/2024, 08:37

240902-kjhccsxdkf 3

Sharing

Copy URL Twitter E-mail

General

Target

delta.zip
Size

12.5MB
MD5

7b279ead2b5ae7a38ba0b0f0a98cf38a
SHA1

2ce1f235e981dbf5953e17f4bcbf784b0a4fcaaf
SHA256

e5908a577c139297b3222da2a69bb696dcfcba9763c34e4386dcf5c190e03a61
SHA512

4b6f1a294ed34e03da4bd133dfb24dfdbcd1c09bb7446e0ee60eca778fe2e204b4bddacf1bcc28697dbf39895caa10a0fc8304759179fc0579cbf51c2c939a4f
SSDEEP

196608:0sVXNXTwO8kzxn9BA1jdmnNDDhC460yLYkwjC+/TuqlMtzUQPe5YxeJ87CwZDHZb:0QFH2Ya0gaPLuqytztB3/2RqRV

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0Origami3.exe
unpack001/AppointmentApis.dll
unpack001/WINSSNAP.DLL
unpack001/WSDApi.dll
unpack001/wlanpref.dll
unpack001/wlidcli.dll

Files

delta.zip
.zip
0Origami3.exe
.exe windows:6 windows x86 arch:x86

39d5c04458acdb2fecb1fc360743ee8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
QueryPerformanceFrequency
QueryPerformanceCounter
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 419KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 407KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.idata
.rdata
.reloc
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4.ico
.rsrc/ICON/5.ico
.rsrc/ICON/6.ico
.rsrc/ICON/7.ico
.rsrc/MANIFEST/1
.xml
.symtab
.text
21b642e0527ed701701d0000b415b817.msvcp_win.dll
.dll windows:10 windows x86 arch:x86

7ff2109eb5928c63ce5604b079145da9

Code Sign

33:00:00:01:bb:34:d5:ee:69:78:e6:94:db:00:00:00:00:01:bb
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/06/2018, 18:57

Not After

29/05/2019, 18:57

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:b8:d7:9c:bf:57:62:e0:64:47:90:ad:16:c3:0f:7e:37:40:eb:ef:7d:e4:7c:0b:57:2a:da:e2:88:4e:01:53
Signer

Actual PE Digest

90:b8:d7:9c:bf:57:62:e0:64:47:90:ad:16:c3:0f:7e:37:40:eb:ef:7d:e4:7c:0b:57:2a:da:e2:88:4e:01:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp_win.pdb

Imports

api-ms-win-crt-string-l1-1-0

strcspn
wcsnlen
__strncnt
memset

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__beginthreadex
_o__callnewh
_o__calloc_base
_o__cexit
_o__CIlog
_o__CIpow
_o__configure_narrow_argv
_o__crt_atexit
_o__endthreadex
_o__errno
_o__execute_onexit_table
_o__free_base
_o__fseeki64
_o__fsopen
_o__get_stream_buffer_pointers
_o__Getdays
_o__Getmonths
_o__Gettnames
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__ismbblead
_o__lock_file
_o__malloc_base
_o__purecall
_o__realloc_base
memmove
_o__seh_filter_dll
_o__set_new_handler
_o__unlock_file
_o__W_Getdays
_o__W_Getmonths
_o__W_Gettnames
_o__wchdir
_o__wcsdup
_o__Wcsftime
_o__wfsopen
_o__wgetcwd
_o__wremove
_o__wrename
_o__wrmdir
_o_abort
_o_btowc
_o_calloc
_o_fclose
_o_fflush
_o_fgetc
_o_fgetpos
_o_fgetwc
_o_fputc
_o_fputs
_o_fputwc
_o_free
_o_frexp
_o_fseek
_o_fsetpos
_o_fwrite
_o_isalnum
_o_isdigit
_o_islower
_o_isspace
_o_isupper
_o_iswctype
_o_isxdigit
_o_ldexp
_o_localeconv
_o_malloc
_o_rand_s
_o_setlocale
_o_setvbuf
_o_strtod
_o_strtof
_o_terminate
_o_tolower
_o_ungetc
_o_ungetwc
_o_wcscpy_s
_except_handler4_common
_CxxThrowException
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___pctype_func
_o___acrt_iob_func
_o____mb_cur_max_func
_o____lc_locale_name_func
_o____lc_collate_cp_func
_o____lc_codepage_func
__GetPlatformExceptionInfo
__processing_throw
__AdjustPointer
__current_exception
__uncaught_exceptions
__uncaught_exception
_o___stdio_common_vsprintf_s
__std_terminate
__CxxFrameHandler3
memchr
memcmp
memcpy
_o__Strftime
_o__register_onexit_function

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
CompareStringEx
WideCharToMultiByte

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
AcquireSRWLockExclusive
InitializeSRWLock
ReleaseSRWLockExclusive

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-synch-l1-2-0

InitializeConditionVariable
SleepConditionVariableSRW
InitOnceExecuteOnce
WakeAllConditionVariable
WakeConditionVariable
Sleep

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime
GetNativeSystemInfo

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-file-l1-1-0

SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
SetFileTime
SetEndOfFile
GetFileAttributesExW
GetFileInformationByHandle
SetFileAttributesW
CreateDirectoryW
CreateFileW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-file-l2-1-0

CreateSymbolicLinkW
CreateHardLinkW
CopyFile2

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-localization-l1-2-0

GetCPInfo
GetLocaleInfoEx
LCMapStringEx
FormatMessageW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolWork
CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-1-0

DisableThreadLibraryCalls

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@G@std@@QAE@ABV01@@Z
??0?$_Yarn@G@std@@QAE@PBG@Z
??0?$_Yarn@G@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@ABV01@@Z
??0?$_Yarn@_W@std@@QAE@PB_W@Z
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0task_continuation_context@Concurrency@@AAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@G@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@G@std@@QAEAAV01@PBG@Z
??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z
??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@G@std@@QBEPBGXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@G@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
29216adb9440d701bb5600002011ec0a.msdelta.dll
.dll windows:10 windows x64 arch:x64

586bfc2187d979f718ae10cff575f58c

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:a5:c5:24:d9:5b:a6:41:cc:44:87:10:17:bd:c3:28:fd:3a:60:f7:29:f0:da:56:99:ce:f8:0a:69:5d:04:99
Signer

Actual PE Digest

61:a5:c5:24:d9:5b:a6:41:cc:44:87:10:17:bd:c3:28:fd:3a:60:f7:29:f0:da:56:99:ce:f8:0a:69:5d:04:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msdelta.pdb

Imports

msvcrt

_purecall
_XcptFilter
_amsg_exit
_initterm
malloc
__C_specific_handler
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
memmove
free
__CxxFrameHandler3
_CxxThrowException
log
memcmp
memcpy
memset

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

api-ms-win-core-libraryloader-l1-1-0

FreeLibrary
GetProcAddress
LoadLibraryExA

api-ms-win-core-file-l1-1-0

SetFilePointer
SetFileTime
GetFileTime
SetEndOfFile
CreateFileA
WriteFile
ReadFile
GetFileSize
CreateFileW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

api-ms-win-core-sysinfo-l1-1-0

GetSystemTime
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapReAlloc
HeapAlloc

api-ms-win-security-cryptoapi-l1-1-0

CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
CryptHashData
CryptDestroyHash
CryptCreateHash

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-eventing-controller-l1-1-0

ControlTraceW

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
GetTraceEnableLevel
GetTraceLoggerHandle
GetTraceEnableFlags

Exports

Exports

ApplyDeltaA
ApplyDeltaB
ApplyDeltaProvidedB
ApplyDeltaW
CreateDeltaA
CreateDeltaB
CreateDeltaW
DeltaFree
DeltaNormalizeProvidedB
GetDeltaInfoA
GetDeltaInfoB
GetDeltaInfoW
GetDeltaSignatureA
GetDeltaSignatureB
GetDeltaSignatureW

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
46da96564d7ed70140040000b415b817.clbcatq.dll
.dll regsvr32 windows:10 windows x64 arch:x64

3773d947c51aa49608827241d89c54a6

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:da:be:ac:e6:05:9c:e0:1a:3f:2b:76:de:aa:8c:2e:d1:50:2b:87:97:6c:51:59:72:af:54:8b:0c:6b:29:8f
Signer

Actual PE Digest

92:da:be:ac:e6:05:9c:e0:1a:3f:2b:76:de:aa:8c:2e:d1:50:2b:87:97:6c:51:59:72:af:54:8b:0c:6b:29:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

CLBCatQ.pdb

Imports

msvcrt

??1type_info@@UEAA@XZ
_lock
??0exception@@QEAA@AEBV0@@Z
_vsnprintf_s
_wstrtime
wcsncmp
_waccess
__CxxFrameHandler3
_wtol
??0exception@@QEAA@XZ
wcschr
free
_wcsnicmp
wcstombs
mbstowcs
towupper
_wcsicmp
wcsstr
_wcslwr
wcstol
_ltow
??1exception@@UEAA@XZ
__dllonexit
_onexit
_wsplitpath_s
realloc
memset
?terminate@@YAXXZ
memmove
_initterm
_amsg_exit
_XcptFilter
_vsnprintf
memcpy
wcsrchr
memcmp
_CxxThrowException
_purecall
_local_unwind
qsort
_wmakepath_s
_wstrdate
_stricmp
malloc
_unlock
_i64tow_s
memcpy_s
_vsnwprintf
__C_specific_handler
wcscmp

ntdll

RtlAllocateHeap
NtQueryEvent
RtlInitUnicodeString
NtOpenEvent
RtlImageNtHeader
RtlFreeHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlWow64IsWowGuestMachineSupported
NtQueryInformationProcess
WinSqmSetDWORD

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegCloseKey
RegDeleteTreeW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegFlushKey
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyExW
RegOpenKeyExW

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleHandleExW
LockResource
FindResourceExW
LoadResource
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
LoadStringW
LoadLibraryExW
GetModuleFileNameW

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
GetTraceEnableFlags
UnregisterTraceGuids
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel

api-ms-win-security-base-l1-1-0

GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
AddAccessDeniedAce
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
AddAccessAllowedAce
SetSecurityDescriptorGroup
DuplicateTokenEx
GetSecurityDescriptorDacl
GetAclInformation
GetSecurityDescriptorLength

api-ms-win-core-processthreads-l1-1-0

CreateProcessW
TerminateProcess
OpenThreadToken
SetThreadToken
OpenProcessToken
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
CreateProcessAsUserW
SetThreadStackGuarantee

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
GetCurrentDirectoryW

api-ms-win-core-sysinfo-l1-1-0

GlobalMemoryStatusEx
GetLocalTime
GetSystemInfo
GetTickCount
GetVersionExW
GetSystemTimeAsFileTime
GetSystemDirectoryW

api-ms-win-core-wow64-l1-1-1

GetSystemWow64DirectoryW

api-ms-win-core-localization-l1-2-0

GetSystemDefaultLCID
FormatMessageW
IsDBCSLeadByte

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
VirtualFree
MapViewOfFile
OpenFileMappingW
VirtualAlloc
VirtualProtect
UnmapViewOfFile
VirtualQuery

api-ms-win-core-file-l2-1-0

MoveFileWithProgressW
MoveFileExW

api-ms-win-core-file-l1-1-0

CreateFileW
GetLongPathNameW
WriteFile
FindFirstFileW
FindNextFileW
FindClose
SetFileAttributesW
CreateDirectoryW
GetFileType
GetFileSizeEx
FlushFileBuffers
GetFileAttributesW
GetTempFileNameW
DeleteFileW
SetEndOfFile
ReadFile
SetFilePointer

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar
CompareStringW

api-ms-win-core-string-l2-1-0

CharLowerW
CharNextW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-localization-obsolete-l1-2-0

CompareStringA

api-ms-win-security-base-private-l1-1-0

MakeAbsoluteSD2

rpcrt4

UuidFromStringW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-processthreads-l1-1-1

GetThreadContext

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

kernel32

GetComputerNameW

Exports

Exports

ActivatorUpdateForIsRouterChanges
CLSIDFromStringByBitness
CheckMemoryGates
CoRegCleanup
ComPlusEnablePartitions
ComPlusEnableRemoteAccess
ComPlusMigrate
ComPlusPartitionsEnabled
ComPlusRemoteAccessEnabled
CreateComponentLibraryEx
DeleteAllActivatorsForClsid
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
DowngradeAPL
GetCatalogObject
GetCatalogObject2
GetComputerObject
GetGlobalBabyJITEnabled
GetSimpleTableDispenser
InprocServer32FromString
OpenComponentLibraryEx
OpenComponentLibraryOnMemEx
OpenComponentLibraryOnStreamEx
ServerGetApplicationType
SetSetupOpen
SetSetupSave
SetupOpen
SetupSave
UpdateFromAppChange
UpdateFromComponentChange

Sections

.text
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
687db277507ed701c3140000b415b817.msvcr120_clr0400.dll
.dll windows:6 windows x64 arch:x64

8f18e22935ef8b336e246ee763fbec97

Code Sign

33:00:00:00:c8:47:22:9d:a3:0d:ca:c0:58:00:00:00:00:00:c8
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:47:15:e0:23:9f:5f:cc:be:1d:f1:83:c6:ea:67:2a:15:75:f6:a7:73:34:bc:bd:e5:6c:15:d9:c5:ef:d7:0b
Signer

Actual PE Digest

1e:47:15:e0:23:9f:5f:cc:be:1d:f1:83:c6:ea:67:2a:15:75:f6:a7:73:34:bc:bd:e5:6c:15:d9:c5:ef:d7:0b

Digest Algorithm

sha256

PE Digest Matches

true

07:b5:e1:f0:73:f3:08:46:11:f2:85:a2:9c:9c:cd:4c:4d:78:da:5c
Signer

Actual PE Digest

07:b5:e1:f0:73:f3:08:46:11:f2:85:a2:9c:9c:cd:4c:4d:78:da:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msvcr120_clr0400.amd64.pdb

Imports

kernel32

EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
IsProcessorFeaturePresent
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QEAA@PEBD@Z
??0_Interruption_exception@details@Concurrency@@QEAA@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0__non_rtti_object@std@@QEAA@AEBV01@@Z
??0__non_rtti_object@std@@QEAA@PEBD@Z
??0bad_cast@std@@AEAA@PEBQEBD@Z
??0bad_cast@std@@QEAA@AEBV01@@Z
??0bad_cast@std@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0bad_typeid@std@@QEAA@AEBV01@@Z
??0bad_typeid@std@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@AEBQEBDH@Z
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_operation@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0task_canceled@Concurrency@@QEAA@PEBD@Z
??0task_canceled@Concurrency@@QEAA@XZ
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1__non_rtti_object@std@@UEAA@XZ
??1bad_cast@std@@UEAA@XZ
??1bad_typeid@std@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1exception@std@@UEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??1type_info@@UEAA@XZ
??2@YAPEAX_K@Z
??2@YAPEAX_KHPEBDH@Z
??3@YAXPEAX@Z
??3@YAXPEAXHPEBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??4__non_rtti_object@std@@QEAAAEAV01@AEBV01@@Z
??4bad_cast@std@@QEAAAEAV01@AEBV01@@Z
??4bad_typeid@std@@QEAAAEAV01@AEBV01@@Z
??4exception@std@@QEAAAEAV01@AEBV01@@Z
??8type_info@@QEBA_NAEBV0@@Z
??9type_info@@QEBA_NAEBV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
??_Fbad_cast@std@@QEAAXXZ
??_Fbad_typeid@std@@QEAAXXZ
??_U@YAPEAX_K@Z
??_U@YAPEAX_KHPEBDH@Z
??_V@YAXPEAX@Z
??_V@YAXPEAXHPEBDH@Z
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAK_K@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_Copy_str@exception@std@@AEAAXPEBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_Name_base@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Tidy@exception@std@@AEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_Type_info_dtor@type_info@@CAXPEAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPEAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6A_JXZ@Z
?_ValidateRead@@YAHPEBXI@Z
?_ValidateWrite@@YAHPEAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCompare@@YA_NPEBX0@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrSwap@@YAXPEAX0@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPEBG00I_K@Z
?_is_exception_typeof@@YAHAEBVtype_info@@PEAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?_open@@YAHPEBDHH@Z
?_query_new_handler@@YAP6AH_K@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AH_K@ZH@Z
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPEBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?_wopen@@YAHPEB_WHH@Z
?_wsopen@@YAHPEB_WHHH@Z
?before@type_info@@QEBA_NAEBV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?name@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?raw_name@type_info@@QEBAPEBDXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?what@exception@std@@UEBAPEBDXZ
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_FCbuild
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__create_locale
__crtCaptureCurrentContext
__crtCapturePreviousContext
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert

Sections

.text
Size: 686KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6fbeecf99440d701ec5700002011ec0a.msvcr120_clr0400.dll
.dll windows:6 windows x64 arch:x64

8f18e22935ef8b336e246ee763fbec97

Code Sign

33:00:00:00:c8:47:22:9d:a3:0d:ca:c0:58:00:00:00:00:00:c8
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:47:15:e0:23:9f:5f:cc:be:1d:f1:83:c6:ea:67:2a:15:75:f6:a7:73:34:bc:bd:e5:6c:15:d9:c5:ef:d7:0b
Signer

Actual PE Digest

1e:47:15:e0:23:9f:5f:cc:be:1d:f1:83:c6:ea:67:2a:15:75:f6:a7:73:34:bc:bd:e5:6c:15:d9:c5:ef:d7:0b

Digest Algorithm

sha256

PE Digest Matches

true

07:b5:e1:f0:73:f3:08:46:11:f2:85:a2:9c:9c:cd:4c:4d:78:da:5c
Signer

Actual PE Digest

07:b5:e1:f0:73:f3:08:46:11:f2:85:a2:9c:9c:cd:4c:4d:78:da:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msvcr120_clr0400.amd64.pdb

Imports

kernel32

EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
IsProcessorFeaturePresent
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z
??0SchedulerPolicy@Concurrency@@QEAA@XZ
??0SchedulerPolicy@Concurrency@@QEAA@_KZZ
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??0_Condition_variable@details@Concurrency@@QEAA@XZ
??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QEAA@PEBD@Z
??0_Interruption_exception@details@Concurrency@@QEAA@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??0_ReentrantLock@details@Concurrency@@QEAA@XZ
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QEAA@XZ
??0_Timer@details@Concurrency@@IEAA@I_N@Z
??0__non_rtti_object@std@@QEAA@AEBV01@@Z
??0__non_rtti_object@std@@QEAA@PEBD@Z
??0bad_cast@std@@AEAA@PEBQEBD@Z
??0bad_cast@std@@QEAA@AEBV01@@Z
??0bad_cast@std@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0bad_typeid@std@@QEAA@AEBV01@@Z
??0bad_typeid@std@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@PEBD@Z
??0context_self_unblock@Concurrency@@QEAA@XZ
??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z
??0context_unblock_unbalanced@Concurrency@@QEAA@XZ
??0critical_section@Concurrency@@QEAA@XZ
??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z
??0default_scheduler_exists@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@AEBQEBDH@Z
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@XZ
??0improper_lock@Concurrency@@QEAA@PEBD@Z
??0improper_lock@Concurrency@@QEAA@XZ
??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_attach@Concurrency@@QEAA@XZ
??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_detach@Concurrency@@QEAA@XZ
??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z
??0improper_scheduler_reference@Concurrency@@QEAA@XZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0invalid_link_target@Concurrency@@QEAA@XZ
??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z
??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ
??0invalid_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_operation@Concurrency@@QEAA@XZ
??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ
??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@PEBD@Z
??0message_not_found@Concurrency@@QEAA@XZ
??0missing_wait@Concurrency@@QEAA@PEBD@Z
??0missing_wait@Concurrency@@QEAA@XZ
??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ
??0operation_timed_out@Concurrency@@QEAA@PEBD@Z
??0operation_timed_out@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z
??0scheduler_not_attached@Concurrency@@QEAA@XZ
??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z
??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??0task_canceled@Concurrency@@QEAA@PEBD@Z
??0task_canceled@Concurrency@@QEAA@XZ
??0unsupported_os@Concurrency@@QEAA@PEBD@Z
??0unsupported_os@Concurrency@@QEAA@XZ
??1SchedulerPolicy@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Condition_variable@details@Concurrency@@QEAA@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_SpinLock@details@Concurrency@@QEAA@XZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
??1_TaskCollection@details@Concurrency@@QEAA@XZ
??1_Timer@details@Concurrency@@MEAA@XZ
??1__non_rtti_object@std@@UEAA@XZ
??1bad_cast@std@@UEAA@XZ
??1bad_typeid@std@@UEAA@XZ
??1critical_section@Concurrency@@QEAA@XZ
??1event@Concurrency@@QEAA@XZ
??1exception@std@@UEAA@XZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??1type_info@@UEAA@XZ
??2@YAPEAX_K@Z
??2@YAPEAX_KHPEBDH@Z
??3@YAXPEAX@Z
??3@YAXPEAXHPEBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z
??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z
??4__non_rtti_object@std@@QEAAAEAV01@AEBV01@@Z
??4bad_cast@std@@QEAAAEAV01@AEBV01@@Z
??4bad_typeid@std@@QEAAAEAV01@AEBV01@@Z
??4exception@std@@QEAAAEAV01@AEBV01@@Z
??8type_info@@QEBA_NAEBV0@@Z
??9type_info@@QEBA_NAEBV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ
??_F_Context@details@Concurrency@@QEAAXXZ
??_F_Scheduler@details@Concurrency@@QEAAXXZ
??_Fbad_cast@std@@QEAAXXZ
??_Fbad_typeid@std@@QEAAXXZ
??_U@YAPEAX_K@Z
??_U@YAPEAX_KHPEBDH@Z
??_V@YAXPEAX@Z
??_V@YAXPEAXHPEBDH@Z
?Alloc@Concurrency@@YAPEAX_K@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPEAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPEAX@Z
?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAK_K@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_Copy_str@exception@std@@AEAAXPEBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_Name_base@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPEBDPEBV1@PEAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ
?_Release@_Scheduler@details@Concurrency@@QEAAIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IEAAXXZ
?_Stop@_Timer@details@Concurrency@@IEAAXXZ
?_Tidy@exception@std@@AEAAXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ
?_Type_info_dtor@type_info@@CAXPEAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPEAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6A_JXZ@Z
?_ValidateRead@@YAHPEBXI@Z
?_ValidateWrite@@YAHPEAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCompare@@YA_NPEBX0@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrSwap@@YAXPEAX0@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPEBG00I_K@Z
?_is_exception_typeof@@YAHAEBVtype_info@@PEAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?_open@@YAHPEBDHH@Z
?_query_new_handler@@YAP6AH_K@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AH_K@ZH@Z
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPEBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?_wopen@@YAHPEB_WHH@Z
?_wsopen@@YAHPEB_WHHH@Z
?before@type_info@@QEBA_NAEBV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
?lock@critical_section@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
?name@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ
?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ
?raw_name@type_info@@QEBAPEBDXZ
?reset@event@Concurrency@@QEAAXXZ
?set@event@Concurrency@@QEAAXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAX_K@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QEAA_NXZ
?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ
?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QEAAXXZ
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z
?wait@event@Concurrency@@QEAA_KI@Z
?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z
?what@exception@std@@UEBAPEBDXZ
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_FCbuild
_FindAndUnlinkFrame
_GetImageBase
_GetThrowImageBase
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_SetImageBase
_SetThrowImageBase
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__create_locale
__crtCaptureCurrentContext
__crtCapturePreviousContext
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert

Sections

.text
Size: 686KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AAD.Core.dll
.dll windows:6 windows x64 arch:x64

e939187780fd83ca9b5930928c19b8a8

Code Sign

33:00:00:02:ed:2c:45:e4:c1:45:cf:48:44:00:00:00:00:02:ed
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:29

Not After

02/12/2021, 21:29

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:a2:dd:b9:8f:62:b9:70:34:66:84:58:11:06:83:67:8e:7d:f2:c9:44:1c:b2:23:17:35:1d:a3:e3:f9:f2:79
Signer

Actual PE Digest

03:a2:dd:b9:8f:62:b9:70:34:66:84:58:11:06:83:67:8e:7d:f2:c9:44:1c:b2:23:17:35:1d:a3:e3:f9:f2:79

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

AAD.Core.pdb

Imports

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlGetDeviceFamilyInfoEnum
RtlInitUnicodeString
ZwQueryLicenseValue
RtlNtStatusToDosError

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventActivityIdControl
EventRegister
EventSetInformation
EventWriteTransfer

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringA
DebugBreak
OutputDebugStringW

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
HeapAlloc

api-ms-win-core-synch-l1-1-0

ResetEvent
CreateEventExW
ReleaseSRWLockShared
CreateMutexExW
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SetEvent
WaitForSingleObject
InitializeCriticalSectionEx
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
OpenSemaphoreW
CreateSemaphoreExW
DeleteCriticalSection
ReleaseMutex
AcquireSRWLockShared

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoOriginateError

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError

api-ms-win-core-util-l1-1-0

DecodePointer

api-ms-win-core-com-l1-1-0

StringFromGUID2
CoCreateInstanceFromApp
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoGetContextToken
CoGetObjectContext
CoGetApartmentType
CLSIDFromString
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoTaskMemFree

api-ms-win-core-localization-l1-2-0

FormatMessageW
ResolveLocaleName

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetProcAddress
GetModuleHandleW
GetModuleHandleExW

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetCurrentThreadId

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegOpenKeyExW
RegGetValueW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-synch-l1-2-0

Sleep
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-security-cryptoapi-l1-1-0

CryptReleaseContext

wincorlib

?__abi_FailFast@@YAXXZ
?UninitializeData@Details@Platform@@YAXH@Z
?InitializeData@Details@Platform@@YAJH@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
??0ClassNotRegisteredException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0COMException@Platform@@QE$AAA@HPE$AAVString@1@@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
??0InvalidArgumentException@Platform@@QE$AAA@PE$AAVString@1@@Z
?ToString@Guid@Platform@@QEAAPE$AAVString@2@XZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
??0ChangedStateException@Platform@@QE$AAA@XZ
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z
??0OutOfBoundsException@Platform@@QE$AAA@XZ
??0FailureException@Platform@@QE$AAA@XZ
??0OutOfMemoryException@Platform@@QE$AAA@XZ
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
??0FailureException@Platform@@QE$AAA@PE$AAVString@1@@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
??0DisconnectedException@Platform@@QE$AAA@XZ
?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z
?CreateException@Exception@Platform@@SAPE$AAV12@H@Z
?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
??0Delegate@Platform@@QE$AAA@XZ
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0NotImplementedException@Platform@@QE$AAA@PE$AAVString@1@@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?ToString@Enum@Platform@@QE$AAAPE$AAVString@2@XZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
??0Object@Platform@@QE$AAA@XZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?ReCreateFromException@Details@Platform@@YAJPE$AAVException@2@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?TerminateModule@Details@Platform@@YA_NPEAVModuleBase@1WRL@Microsoft@@@Z
?GetActivationFactory@Details@Platform@@YAJPEAVModuleBase@1WRL@Microsoft@@PEAUHSTRING__@@PEAPEAUIActivationFactory@@@Z
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z

msvcrt

??8type_info@@QEBAHAEBV0@@Z
memmove
memcpy
_callnewh
swprintf_s
isalnum
wcscat_s
wcsncpy_s
??3@YAXPEAX@Z
__CxxFrameHandler3
memcpy_s
memmove_s
wcsstr
vswprintf_s
_vscwprintf
??_V@YAXPEAX@Z
_purecall
time
??2@YAPEAX_KHPEBDH@Z
__RTDynamicCast
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
__ExceptionPtrDestroy
__ExceptionPtrCopy
__ExceptionPtrCurrentException
__ExceptionPtrCreate
?terminate@@YAXXZ
_wcsicmp
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBD@Z
wcschr
wcsnlen
wcsrchr
?name@type_info@@QEBAPEBDXZ
__RTtypeid
_time64
_gmtime64_s
wcsftime
__C_specific_handler
_vsnwprintf
_vsnprintf_s
iswspace
free
malloc
__ExceptionPtrCopyException
__ExceptionPtrAssign
__ExceptionPtrToBool
wcsncmp
srand
rand
_wcslwr_s
_wcsupr_s
wcscspn
wcsspn
difftime
_wcsicoll
wcspbrk
_wtol
??0exception@@QEAA@AEBQEBDH@Z
_wcsnicmp
memset
wcslen
_CxxThrowException
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
_onexit
_XcptFilter
_amsg_exit
_initterm
calloc
_ultoa_s
realloc
_errno
strncmp
_wtoi
_strlwr_s
__ExceptionPtrRethrow
memcmp
isalpha
??0exception@@QEAA@AEBV0@@Z

api-ms-win-security-lsalookup-l1-1-2

LsaLookupUserAccountType

api-ms-win-core-winrt-string-l1-1-0

WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsDeleteString
WindowsGetStringLen
WindowsCreateString
WindowsConcatString
WindowsCompareStringOrdinal
WindowsDuplicateString
WindowsCreateStringReference

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 939KB - Virtual size: 939KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppManMigrationPlugin.dll
.dll regsvr32 windows:10 windows x64 arch:x64

5e68bd9ef0b870dcd624eed2735f4630

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1c:95:d9:12:78:67:35:4d:6e:e1:24:b4:5a:a9:5a:76:fc:12:d6:29:f1:35:bf:45:49:20:77:46:85:bc:48:e5
Signer

Actual PE Digest

1c:95:d9:12:78:67:35:4d:6e:e1:24:b4:5a:a9:5a:76:fc:12:d6:29:f1:35:bf:45:49:20:77:46:85:bc:48:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

AppManMigrationPlugin.pdb

Imports

msvcrt

fseek
ldexp
___lc_collate_cp_func
setlocale
__pctype_func
isupper
___lc_handle_func
___lc_codepage_func
memcmp
___mb_cur_max_func
_ismbblead
memset
__uncaught_exception
islower
_wcsdup
??8type_info@@QEBAHAEBV0@@Z
memchr
__crtCompareStringW
__crtCompareStringA
__crtLCMapStringW
__crtLCMapStringA
_get_current_locale
_free_locale
_wfsopen
fflush
tolower
abort
isalnum
_Getdays
_Getmonths
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__mb_cur_max
_Gettnames
_Strftime
?name@type_info@@QEBAPEBDXZ
_fseeki64
fsetpos
mbstowcs_s
ungetc
setvbuf
fgetpos
fwrite
fgetc
fclose
fputc
sprintf_s
_stricmp
localeconv
strcspn
_wcsnicmp
time
swprintf_s
ldiv
isdigit
strchr
_wcsicmp
??0bad_cast@@QEAA@AEBV0@@Z
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
realloc
_errno
_initterm
_amsg_exit
_XcptFilter
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
isspace
strerror
calloc
_wtoi
wcscat_s
wcsncpy_s
malloc
memmove_s
free
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_purecall
wcscpy_s
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
__C_specific_handler
__CxxFrameHandler3
??3@YAXPEAX@Z
wcscmp

ntdll

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

kernel32

SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DecodePointer
EncodePointer
GetLocaleInfoW
InitializeCriticalSectionEx
GetStringTypeW
LocalAlloc
GetProcessMitigationPolicy
TlsFree
TlsGetValue
TlsAlloc
GetModuleFileNameA
SizeofResource
CreateSemaphoreExW
HeapFree
SetLastError
EnterCriticalSection
ReleaseSemaphore
GetModuleHandleExW
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
FormatMessageW
GetLastError
OutputDebugStringW
WaitForSingleObjectEx
LockResource
OpenSemaphoreW
CloseHandle
RaiseException
FindResourceExW
LoadResource
HeapAlloc
GetProcAddress
CreateMutexExW
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
DebugBreak
lstrcmpiW
LoadLibraryExW
IsDebuggerPresent
MultiByteToWideChar
GetThreadLocale
SetThreadLocale
InitOnceBeginInitialize
InitOnceComplete
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
GetFileAttributesW
HeapSize
HeapReAlloc
HeapDestroy
WideCharToMultiByte
LocalFree
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
TlsSetValue
ResetEvent
OpenEventA
ProcessIdToSessionId
GetFileTime
GetFileSize
SetEvent
SetFileAttributesW
CreateFileW
ExpandEnvironmentStringsW
WriteFile
CreateEventA
ReadFile
GetComputerNameExW
lstrlenA
SystemTimeToFileTime
GetLocalTime
LocalUnlock
AreFileApisANSI
CreateDirectoryW
DeviceIoControl
GetCurrentDirectoryW
FreeLibrary
DeleteFileW
LocalLock
FormatMessageA

ole32

OleRun
CoCreateInstance
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoUninitialize
CoInitializeEx
StringFromGUID2

oleaut32

SysAllocStringByteLen
VarUI4FromStr
SysStringLen
SysFreeString
LoadTypeLi
LoadRegTypeLi
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
VariantInit
VariantClear
GetErrorInfo

user32

UnregisterClassA
CharNextW

advapi32

EventSetInformation
EventWriteTransfer
RegQueryValueExW
RegGetValueW
RegDeleteValueW
RegQueryInfoKeyW
RegSetKeyValueW
EventRegister
EventUnregister
RegDeleteKeyExW
EqualSid
CreateWellKnownSid
GetNamedSecurityInfoW
OpenProcessToken
GetTokenInformation
RegEnumValueW
RegDeleteTreeW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHGetKnownFolderPath

activeds

ord3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 805KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppointmentApis.dll
.dll windows:10 windows x64 arch:x64

37ea5bc26bf34b464718f6cebb2849d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

AppointmentApis.pdb

Imports

msvcrt

memcmp
memcpy
memmove
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
_callnewh
wcstoul
_wcsicmp
_errno
_vsnwprintf_s
memmove_s
realloc
_purecall
wcsncpy_s
malloc
free
memcpy_s
_vsnwprintf
_lock
memset

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetProcAddress
LoadLibraryExW
GetModuleHandleW
SizeofResource
GetModuleFileNameA
DisableThreadLibraryCalls
FindResourceExW
GetModuleHandleExW
FreeLibrary
LoadResource

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
SetEvent
OpenSemaphoreW
ReleaseSRWLockShared
CreateMutexExW
ReleaseMutex
AcquireSRWLockShared
WaitForSingleObject
InitializeCriticalSection
CreateEventW
DeleteCriticalSection
CreateEventExW
InitializeCriticalSectionEx
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreExW
InitializeSRWLock

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-registry-l1-1-0

RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventSetInformation
EventActivityIdControl
EventRegister

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
OpenThreadToken
OpenProcessToken
GetCurrentProcess
GetCurrentProcessId
SetThreadToken
TerminateProcess
GetCurrentThread

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-threadpool-l1-2-0

SubmitThreadpoolWork
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CloseThreadpoolWork
SetThreadpoolWait
CreateThreadpoolWait
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns

api-ms-win-core-file-l1-1-0

CompareFileTime

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetTickCount64
GetSystemTimeAsFileTime
GetSystemTime

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

ntdll

RtlQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion

api-ms-win-service-management-l1-1-0

CloseServiceHandle
OpenSCManagerW
OpenServiceW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

userdataplatformhelperutil

GetUserContextFromHandle
GenerateUserModeServiceName
GetUserTokenFromContext
RunServicesInProc
StartAndWaitForServiceForUser
IsCommsSystemService

appointmentactivation

ShowAddAppointment
AwaitAppointmentActivation
ShowAddAppointmentAsync
GetWindowIdOfHost
ShowReplaceAppointment
ShowReplaceAppointmentAsync
ShowRemoveAppointment
ShowRemoveAppointmentAsync
ShowCalendarChooserAsync
ShowCalendarChooser
ShowTimeFrame
ShowAppointmentDetails

systemeventsbrokerclient

SebDeleteEvent
SebCreateCalendarNotificationEvent

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

CreatePropertiesFromRecurrencePattern
CreateRecurrencePatternFromProperties
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 503KB - Virtual size: 502KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WINSSNAP.DLL
.dll windows:10 windows x64 arch:x64

1b05a286c255eb22d1143fa1c05b9d98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

winssnap.pdb

Imports

mfc42u

ord5709
ord5246
ord4722
ord5352
ord5382
ord5114
ord5304
ord5583
ord5585
ord5584
ord6418
ord2422
ord2023
ord4542
ord2589
ord4743
ord3751
ord832
ord2326
ord6705
ord6708
ord4523
ord337
ord4557
ord3761
ord3754
ord1043
ord629
ord6221
ord6541
ord1847
ord4567
ord6393
ord4177
ord2393
ord1441
ord1648
ord1908
ord559
ord1003
ord1365
ord4583
ord5082
ord6199
ord549
ord999
ord408
ord904
ord4582
ord2902
ord2906
ord1906
ord3804
ord909
ord2922
ord4612
ord3868
ord4699
ord4779
ord2059
ord4787
ord5710
ord2532
ord1698
ord3892
ord1033
ord2379
ord2376
ord2318
ord3458
ord4046
ord644
ord2316
ord3417
ord5936
ord628
ord1042
ord1483
ord1383
ord5927
ord1787
ord2327
ord2094
ord2845
ord4521
ord2377
ord1035
ord2311
ord6632
ord4344
ord5931
ord6612
ord641
ord1404
ord2979
ord659
ord1063
ord4214
ord2752
ord1426
ord3916
ord3534
ord6053
ord5065
ord5724
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord4601
ord1082
ord288
ord812
ord1544
ord1586
ord1555
ord1583
ord1585
ord355
ord1477
ord1553
ord1416
ord1491
ord1577
ord3894
ord912
ord3806
ord3501
ord4747
ord2593
ord3396
ord6385
ord6395
ord4262
ord3177
ord4257
ord595
ord4246
ord6225
ord1443
ord6054
ord4550
ord1949
ord5061
ord6691
ord1650
ord3174
ord2449
ord3820
ord2595
ord4544
ord1533
ord4623
ord6102
ord4522
ord1123
ord2273
ord1066
ord663
ord2781
ord1262
ord6021
ord339
ord1812
ord1950
ord4860
ord551
ord3920
ord2857
ord1384
ord1124
ord4721
ord6050
ord4436
ord2783
ord4027
ord6544
ord6224
ord1286
ord4131
ord4127
ord6887
ord6767
ord6351
ord5807
ord3440
ord6614
ord2661
ord5077
ord2328
ord2384
ord2371
ord2329
ord3805
ord4746
ord2592
ord4543
ord2024
ord2425
ord6801
ord1774
ord3743
ord4741
ord2586
ord665
ord1067
ord3774
ord3535
ord5712
ord1778
ord6440
ord5687
ord5245
ord5406
ord6437
ord4365
ord1777
ord4752
ord5663
ord2399
ord5586
ord6812
ord4694
ord5702
ord4017
ord5229
ord4789
ord2670
ord2060
ord6814
ord3933
ord5484
ord1736
ord5683
ord2457
ord2140
ord5699
ord4988
ord4771
ord2412
ord3468
ord5722
ord5725
ord2753
ord4368
ord5066
ord5730
ord5711
ord3049
ord3243
ord3362
ord4815
ord3231
ord3366
ord5227
ord3052
ord3166
ord3046
ord3484
ord4082
ord4083
ord4077
ord3164
ord4371
ord4983
ord4770
ord3919
ord2121
ord2876
ord1024
ord599
ord6734
ord4481
ord911
ord2073
ord6832
ord5815
ord6821
ord5804
ord1977
ord1287
ord6823
ord877
ord370
ord621
ord1499
ord622
ord3652
ord2518
ord372
ord620
ord2517
ord2629
ord2846
ord1498
ord6880
ord1442
ord1284
ord5719
ord6886
ord1264
ord1259
ord5887
ord2975
ord4473
ord287
ord624
ord286
ord1574
ord2676
ord2408
ord1677
ord1463
ord852
ord867
ord822
ord1041
ord627
ord865
ord354
ord3830
ord1122
ord1040
ord626
ord1126
ord2324
ord2178
ord1537
ord4599

msvcrt

_strnicmp
_CxxThrowException
wcscat_s
wcscpy_s
_itow_s
strncpy_s
__C_specific_handler
sprintf_s
isdigit
iswdigit
_wcsicmp
strncmp
swprintf_s
malloc
__CxxFrameHandler3
memmove
memcpy
strcpy_s
strcat_s
memset
wcstok
_wtol
_vsnwprintf
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
??_V@YAXPEAX@Z
_tempnam
_purecall
wcstol
_wtoi
qsort
toupper
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
wcstoul
_wsetlocale
_snwprintf_s
setlocale
_strupr
wcsncpy_s
_stricmp
strchr
swscanf
_itow
free

atl

ord16
ord21
ord15
ord32

ntdll

RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
RtlInitUnicodeString
NtDeviceIoControlFile
NtClose
RtlUnicodeStringToAnsiString
RtlInitString
NtCreateFile
NtWaitForSingleObject
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlFreeAnsiString

kernel32

HeapFree
lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLangID
FormatMessageA
FreeLibrary
FormatMessageW
GetConsoleOutputCP
GetWindowsDirectoryW
GetCurrentThread
lstrcmpiW
GetModuleHandleW
GetCurrentThreadId
CreateMutexW
ReleaseMutex
OpenMutexW
ExpandEnvironmentStringsW
GlobalAlloc
HeapDestroy
GetProcAddress
WideCharToMultiByte
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
lstrcmpW
ResetEvent
HeapReAlloc
ReadFile
HeapSize
CreateProcessW
GetCurrentProcess
DuplicateHandle
CreatePipe
HeapAlloc
HeapCreate
GetSystemDirectoryW
GetVersionExW
CreateEventW
SetEvent
GetFileAttributesW
GetComputerNameW
SetFileAttributesW
CopyFileW
IsDBCSLeadByte
GlobalFree
GetStringTypeA
LocalFree
CreateThread
LoadLibraryW
CloseHandle
GetLastError
Sleep
QueryActCtxW
DeactivateActCtx
LocalAlloc
WaitForSingleObject
FindActCtxSectionStringW
GetModuleFileNameW
OutputDebugStringA
GetModuleHandleExW
SetLastError
ActivateActCtx
CreateActCtxW
CompareStringW
GetThreadLocale
GlobalLock
GlobalUnlock
GetProcessHeap
GetTickCount
ReleaseActCtx
LoadLibraryExW
LoadLibraryExA
ExpandEnvironmentStringsA
WaitForSingleObjectEx
ResumeThread
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
MultiByteToWideChar

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid
ConvertStringSidToSidW
SetEntriesInAclW
SetNamedSecurityInfoW
RegSetValueExW
EnumDependentServicesW
RegQueryInfoKeyW
RegDeleteValueW
RegConnectRegistryW
CloseServiceHandle
QueryServiceStatus
StartServiceW
ControlService
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
FreeSid

gdi32

GetDeviceCaps
SelectObject
CreateFontIndirectW
GetCharWidthW
CreateSolidBrush
Rectangle
SetTextColor
SetBkColor
TextOutW
DeleteObject

ole32

CoCreateInstance
CoInitialize
CoUninitialize
ReleaseStgMedium
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID
StringFromGUID2

oleaut32

SysFreeString
SysStringLen
SysAllocString

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation

user32

SetWindowsHookExW
EndDeferWindowPos
SetTimer
UnhookWindowsHookEx
EnableWindow
InvalidateRect
GetDlgItem
SetCursor
LoadCursorW
TranslateMessage
SetFocus
PeekMessageW
DispatchMessageW
IsWindow
SetWindowTextW
SendMessageW
GetWindowRect
PostMessageW
OemToCharBuffA
LoadIconW
UpdateWindow
WinHelpW
GetParent
RegisterClipboardFormatW
GetFocus
LoadStringW
MessageBoxW
LoadBitmapW
GetDC
ReleaseDC
RegisterClassW
GetWindowLongPtrW
SetWindowLongPtrW
GetClientRect
CreateWindowExW
DestroyWindow
BeginPaint
GetSysColor
GetWindowLongW
FillRect
EndPaint
DefWindowProcW
MessageBeep
CallWindowProcW
GetKeyState
BeginDeferWindowPos
KillTimer
SetWindowLongW
GetDesktopWindow
IsWindowVisible
EnumThreadWindows
GetActiveWindow
SystemParametersInfoW
SetWindowPos
SendNotifyMessageW
SetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CreatePopupMenu
AppendMenuW
GetTopWindow
GetWindow
CallNextHookEx

winsrpc

WinsStatusNew
WinsTrigger
WinsGetDbRecs
WinsDeleteWins
WinsDoScavengingNew
WinsDoScavenging
WinsRestore
WinsResetCounters
WinsGetNameAndAdd
WinsBackup
WinsUBind
WinsStatus
WinsTombstoneDbRecs
WinsGetDbRecsByName
WinsDoStaticInit
WinsRecordAction
WinsFreeMem
WinsAllocMem
WinsUnbind

wsock32

inet_ntoa
gethostbyaddr
select
setsockopt
gethostbyname
htonl
WSACleanup
bind
closesocket
ntohl
WSAStartup
ioctlsocket
socket
inet_addr
recvfrom
htons
sendto
WSAGetLastError

ws2_32

GetNameInfoW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WMADMOD.DLL
.dll regsvr32 windows:10 windows x64 arch:x64

3843935862382fc6903ebaa7c00bd5cd

Code Sign

33:00:00:02:65:51:ae:1b:bd:00:5c:bf:bd:00:00:00:00:02:65
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:6b:65:78:3e:66:7b:df:2d:ef:c6:5b:38:69:64:03:a0:5d:95:11:53:36:bc:b7:9e:64:92:5d:a3:7a:9c:d1
Signer

Actual PE Digest

2a:6b:65:78:3e:66:7b:df:2d:ef:c6:5b:38:69:64:03:a0:5d:95:11:53:36:bc:b7:9e:64:92:5d:a3:7a:9c:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WMADMOD.pdb

Imports

msvcrt

?what@exception@@UEBAPEBDXZ
strnlen
wcsnlen
fclose
vfprintf
fopen
_control87
_clearfp
??0exception@@QEAA@AEBQEBDH@Z
srand
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
wcstombs
??1type_info@@UEAA@XZ
_swab
sqrt
_initterm
_amsg_exit
_XcptFilter
sinf
_onexit
__dllonexit
_unlock
_lock
free
_callnewh
malloc
_vsnwprintf
__C_specific_handler
time
sin
_purecall
rand
iswspace
swscanf
printf
_CxxThrowException
atan2f
cos
cosf
exp
floor
log
log10
memcmp
memcpy
memmove
memset
pow
powf
wcscmp

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayCreate
VariantInit
SafeArrayAccessData
SafeArrayDestroy
SysFreeString
SafeArrayGetDim
SafeArrayGetUBound
SysAllocString
SysStringLen

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetProcAddress
LoadLibraryExA
GetModuleFileNameW
GetModuleFileNameA
FreeLibrary
GetModuleHandleW

api-ms-win-core-registry-l1-1-0

RegDeleteTreeW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueExA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo
GetVersionExW
GlobalMemoryStatusEx
GetLocalTime
GetVersion
GetTickCount

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
RaiseException
SetLastError
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlAddFunctionTable
RtlVirtualUnwind
RtlDeleteFunctionTable
RtlLookupFunctionEntry

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l2-1-0

RegSetValueA
RegCreateKeyW

api-ms-win-core-synch-l1-2-0

Sleep

msdmo

DMORegister
DMOUnregister
MoCopyMediaType
MoInitMediaType
MoFreeMediaType

mfperfhelper

ord34
ord35
ord28
ord46
ord26
ord8
ord43
ord42
ord1
ord41
ord29
ord47
ord38

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
PropVariantClear

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

ws2_32

htonl

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-file-l1-1-0

GetDiskFreeSpaceW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA

ntdll

RtlGetPersistedStateLocation

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.no_bbt
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WMADMOE.DLL
.dll regsvr32 windows:10 windows x64 arch:x64

a87320ede89e3eba1b5aafaa24fb3c60

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:ed:fc:6a:38:f7:26:2a:a1:2f:0e:e0:d8:99:d4:06:4d:1d:bf:21:b7:65:a8:4a:cf:0b:b7:6b:4e:31:3c:f2
Signer

Actual PE Digest

c6:ed:fc:6a:38:f7:26:2a:a1:2f:0e:e0:d8:99:d4:06:4d:1d:bf:21:b7:65:a8:4a:cf:0b:b7:6b:4e:31:3c:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WMADMOE.pdb

Imports

msvcrt

_amsg_exit
_vsnwprintf
sinf
_initterm
free
_callnewh
malloc
_purecall
swscanf
_onexit
__C_specific_handler
__dllonexit
_lock
_XcptFilter
_unlock
_clearfp
_control87
fflush
rand
sscanf_s
realloc
__iob_func
atan2
atan2f
atanf
cos
cosf
exp
expf
log
log10
log10f
logf
memcmp
memcpy
memmove
memset
pow
powf
sin
wcscmp

mfperfhelper

ord28
ord46
ord26
ord34
ord38
ord47
ord41
ord8
ord35
ord43
ord42
ord29
ord1

oleaut32

SafeArrayUnaccessData
SafeArrayGetDim
VariantInit
SafeArrayGetUBound
SysFreeString
SafeArrayAccessData
SysAllocString

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetProcAddress
LoadLibraryExA

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentVariableW

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventRegister

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-registry-l2-1-0

RegCreateKeyW
RegSetValueA

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegOpenKeyExW
RegDeleteTreeW
RegSetValueExA
RegCloseKey

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-com-l1-1-0

PropVariantClear
CoTaskMemFree
CoTaskMemAlloc

api-ms-win-core-com-l2-1-1

StgCreateDocfile
StgCreateStorageEx

msdmo

DMORegister
MoFreeMediaType
MoInitMediaType
DMOUnregister
MoCopyMediaType

Exports

Exports

CreateInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 565KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WSDApi.dll
.dll windows:10 windows x64 arch:x64

41cb8788b6b067087aa4e1fb215e80e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WSDApi.pdb

Imports

msvcrt

_callnewh
memset
iswdigit
_XcptFilter
memcpy
strcmp
_stricmp
_onexit
vfwprintf_s
fwprintf_s
_wfsopen
strncmp
memcmp
_wcserror
_get_errno
fclose
__dllonexit
wcstok_s
_strnicmp
_wtol
_amsg_exit
_initterm
_lock
memmove_s
free
_vsnprintf
time
tolower
__C_specific_handler
wcsstr
wcsncmp
towlower
_wcsdup
_purecall
_localtime64
_time64
_vsnwprintf
memcpy_s
_wcsnicmp
wcschr
malloc
_wcsicmp
_unlock
wcscmp

ntdll

EtwGetTraceLoggerHandle
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwTraceMessage
RtlIpv6StringToAddressExW
RtlIpv4StringToAddressExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
EtwGetTraceEnableLevel

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
LoadLibraryExW
DisableThreadLibraryCalls

api-ms-win-core-threadpool-l1-2-0

StartThreadpoolIo
CloseThreadpoolWork
CreateThreadpoolIo
TrySubmitThreadpoolCallback
WaitForThreadpoolWorkCallbacks
CreateThreadpoolWork
SubmitThreadpoolWork
SetThreadpoolThreadMinimum
CloseThreadpoolWait
CreateThreadpoolTimer
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolIo
WaitForThreadpoolIoCallbacks
CancelThreadpoolIo
CloseThreadpool
CreateThreadpool
WaitForThreadpoolTimerCallbacks
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
SetThreadpoolThreadMaximum
CloseThreadpoolTimer
CreateThreadpoolCleanupGroup
SetThreadpoolTimer
WaitForThreadpoolWaitCallbacks

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseMutex
ReleaseSRWLockExclusive
ResetEvent
WaitForSingleObject
SetEvent
WaitForSingleObjectEx
OpenSemaphoreW
CreateEventW
CreateSemaphoreExW
CreateMutexExW
InitializeCriticalSection
InitializeSRWLock
CreateWaitableTimerExW
CancelWaitableTimer
SetWaitableTimer
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SleepEx
AcquireSRWLockExclusive
WaitForMultipleObjectsEx

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime
GetTickCount64

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

rpcrt4

UuidCreate
UuidFromStringA

ws2_32

ntohs
bind
closesocket
shutdown
WSAStringToAddressW
htons
WSAIoctl
socket
setsockopt
GetAddrInfoW
FreeAddrInfoW
WSAAddressToStringW
WSAGetLastError
WSASocketW
WSASendTo
WSADuplicateSocketW
WSARecvFrom
WSACleanup
WSAStartup
getsockname

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl
EventRegister
EventSetInformation
EventWriteTransfer
EventUnregister

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
WakeAllConditionVariable
InitOnceComplete
Sleep
SleepConditionVariableSRW

api-ms-win-core-io-l1-1-0

CancelIoEx

api-ms-win-core-heap-l2-1-0

GlobalFree

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-core-registry-l1-1-0

RegOpenKeyExA
RegCloseKey

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

iphlpapi

CancelMibChangeNotify2
GetBestRoute2
GetAdaptersAddresses
ConvertInterfaceGuidToLuid
NotifyUnicastIpAddressChange

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx
QueueUserWorkItem

nsi

NsiGetParameter

api-ms-win-core-threadpool-private-l1-1-0

RegisterWaitForSingleObjectEx

webservices

WsWriteChars
WsWriteEndAttribute
WsSetWriterPosition
WsGetWriterPosition
WsMoveWriter
WsWriteStartElement
WsWriteBytes
WsWriteEndElement
WsMoveReader
WsWriteXmlnsAttribute
WsWriteEndStartElement
WsWriteValue
WsWriteCharsUtf8
WsWriteText
WsReadStartElement
WsEndWriterCanonicalization
WsSetOutputToBuffer
WsGetWriterProperty
WsFreeReader
WsCopyNode
WsGetReaderNode
WsSetOutput
WsCreateWriter
WsSetInputToBuffer
WsCreateReader
WsFreeHeap
WsStartWriterCanonicalization
WsCreateXmlBuffer
WsCreateHeap
WsFreeWriter
WsWriteStartAttribute
WsReadBytes
WsReadChars
WsEndReaderCanonicalization
WsStartReaderCanonicalization
WsReadEndAttribute
WsReadStartAttribute
WsFindAttribute
WsSkipNode
WsReadNode
WsSetInput
WsReadEndElement
WsReadToStartElement

firewallapi

FWGetConfig
FWQueryFirewallRules
IcfChangeNotificationDestroy
IsFirewallInCoExistanceMode
IcfChangeNotificationCreate
FWOpenPolicyStore
IcfAddrChangeNotificationCreate
FWFreeFirewallRules
FWClosePolicyStore
FWGetGlobalConfig
FWResetIndicatedTupleInUse
FWIndicateTupleInUse

api-ms-win-core-com-l1-1-0

CoInitializeEx
CoUninitialize
CoCreateInstance
CoWaitForMultipleHandles

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

WSDAddFirewallCheck
WSDAllocateLinkedMemory
WSDAttachLinkedMemory
WSDCancelNetworkChangeNotify
WSDCompareEndpoints
WSDCopyEndpoint
WSDCopyNameList
WSDCreateDeviceHost
WSDCreateDeviceHost2
WSDCreateDeviceHostAdvanced
WSDCreateDeviceProxy
WSDCreateDeviceProxy2
WSDCreateDeviceProxyAdvanced
WSDCreateDiscoveryProvider
WSDCreateDiscoveryProvider2
WSDCreateDiscoveryPublisher
WSDCreateDiscoveryPublisher2
WSDCreateHttpAddress
WSDCreateHttpMessageParameters
WSDCreateHttpTransport
WSDCreateMetadataAgent
WSDCreateOutboundAttachment
WSDCreateUdpAddress
WSDCreateUdpMessageParameters
WSDCreateUdpTransport
WSDDetachLinkedMemory
WSDFreeLinkedMemory
WSDGenerateFault
WSDGenerateFaultEx
WSDGenerateRandomDelay
WSDGetConfigurationOption
WSDNotifyNetworkChange
WSDProcessFault
WSDRemoveFirewallCheck
WSDSetConfigurationOption
WSDUriDecode
WSDUriEncode
WSDXMLAddChild
WSDXMLAddSibling
WSDXMLBuildAnyForSingleElement
WSDXMLCleanupElement
WSDXMLCompareNames
WSDXMLCreateContext
WSDXMLGetNameFromBuiltinNamespace
WSDXMLGetValueFromAny

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
appraiser.dll
.dll windows:10 windows x64 arch:x64

8f6d243eac64aa44dba47e2009e0033a

Code Sign

33:00:00:02:ed:2c:45:e4:c1:45:cf:48:44:00:00:00:00:02:ed
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:29

Not After

02/12/2021, 21:29

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:5e:ba:63:7b:41:84:09:d6:ef:56:7b:89:26:aa:d3:64:99:86:6e:b3:ff:aa:cf:cf:1b:15:9e:b0:c4:ea:57
Signer

Actual PE Digest

29:5e:ba:63:7b:41:84:09:d6:ef:56:7b:89:26:aa:d3:64:99:86:6e:b3:ff:aa:cf:cf:1b:15:9e:b0:c4:ea:57

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Appraiser.pdb

Imports

msvcrt

wcschr
_wcsnicmp
strchr
strcpy_s
_vsnprintf
_wcsicmp
wcscat_s
_wcslwr
?terminate@@YAXXZ
wcsstr
_lock
_unlock
__dllonexit
_onexit
strcmp
??_V@YAXPEAX@Z
_wmkdir
rand_s
_get_osfhandle
_wopen
memset
wcscmp
memcmp
__C_specific_handler
_initterm
free
_amsg_exit
_XcptFilter
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_close
wcsrchr
_lseek
_purecall
_callnewh
malloc
sprintf_s
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
iswalpha
wcsspn
qsort
swprintf_s
_ultow_s
_vsnwprintf_s
wcsnlen
_wcsupr
_snwscanf_s
towlower
strstr
_wsplitpath_s
wcsncmp
toupper
strnlen
_wtof
strncmp
strncpy_s
_errno
_set_errno
strrchr
_write
wcscpy_s
_read
wcstok_s
_wtoi
_wtoi64
_vsnwprintf
_wtol
_wcstoui64
strtok_s
_stricmp
swscanf_s
_strnicmp
wcstoul
_wcslwr_s
??1type_info@@UEAA@XZ
__CxxFrameHandler3
strtol
??3@YAXPEAX@Z

ntdll

ZwReleaseMutant
NtQueryInformationProcess
RtlCompareMemory
NtSetInformationProcess
RtlGetVersion
RtlImageDirectoryEntryToData
RtlVerifyVersionInfo
LdrResSearchResource
RtlTimeToTimeFields
ZwUnmapViewOfSection
ZwQuerySystemInformation
RtlGetNativeSystemInformation
RtlNtPathNameToDosPathName
RtlpEnsureBufferSize
ZwQueryDirectoryFile
RtlUpcaseUnicodeChar
RtlUnicodeStringToAnsiString
RtlUpcaseUnicodeString
RtlAnsiStringToUnicodeString
RtlxAnsiStringToUnicodeSize
RtlInitString
RtlGUIDFromString
EtwEventRegister
EtwEventWrite
EtwEventUnregister
RtlSecondsSince1970ToTime
ZwSetInformationProcess
ZwQueryInformationProcess
ZwCreateSection
ZwQueryInformationFile
ZwCreateFile
ZwCreateKey
RtlFormatCurrentUserKeyPath
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
ZwQueryValueKey
ZwDeleteKey
RtlInitUnicodeStringEx
ZwEnumerateKey
ZwOpenKey
RtlFreeUnicodeString
ZwOpenFile
RtlInitUnicodeString
RtlStringFromGUID
RtlNtStatusToDosError
RtlAllocateAndInitializeSid
RtlFreeSid
NtQueryKey
RtlRunOnceExecuteOnce
NtWriteFile
NtClose
RtlDoesFileExists_U
NtOpenKey
RtlCopyUnicodeString
ZwQueryKey
ZwSetValueKey
ZwWaitForSingleObject
ZwMapViewOfSection
ZwOpenMutant
ZwQueryAttributesFile
RtlLengthSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlSetDaclSecurityDescriptor
ZwLoadKey
RtlAddAccessAllowedAceEx
RtlLengthSid
ZwDeleteValueKey
RtlCreateAcl
ZwSetSecurityObject
ZwUnloadKey
RtlCreateSecurityDescriptor
LdrGetProcedureAddress
LdrGetDllHandle
ZwOpenProcess
NtQuerySystemInformation
ZwQuerySymbolicLinkObject
ZwDeviceIoControlFile
ZwQueryDirectoryObject
ZwOpenSymbolicLinkObject
ZwOpenDirectoryObject
ZwAllocateUuids
NtAdjustPrivilegesToken
NtOpenProcessTokenEx
NtSetInformationThread
NtOpenThreadTokenEx
RtlImpersonateSelf
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
NtDeviceIoControlFile
NtOpenFile
NtQueryValueKey
NtQueryBootEntryOrder
NtQueryBootOptions
NtTranslateFilePath
NtOpenDirectoryObject
NtQueryDirectoryObject
NtEnumerateBootEntries
RtlTimeToSecondsSince1970
NtQuerySystemTime
RtlDosPathNameToNtPathName_U_WithStatus
ZwClose
RtlLeaveCriticalSection
RtlFreeHeap
RtlInitializeCriticalSection
RtlMultiByteToUnicodeN
RtlInitAnsiString
RtlEnterCriticalSection
RtlReAllocateHeap
RtlEqualString
RtlAllocateHeap
RtlDeleteCriticalSection
NtQueryLicenseValue
WinSqmIsOptedInEx
VerSetConditionMask
EtwTraceMessage
NtEnumerateValueKey
NtEnumerateKey
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate
UuidFromStringW

wdscore

ConstructPartialMsgVA
ConstructPartialMsgVW
WdsSetupLogMessageW
CurrentIP
WdsSetupLogMessageA

kernel32

ExpandEnvironmentStringsW
OutputDebugStringA
GetModuleFileNameW
CreateFileW
GetModuleHandleExA
FlushFileBuffers
LockFileEx
HeapReAlloc
UnlockFileEx
FileTimeToSystemTime
EnumUILanguagesW
VirtualFree
GetSystemTime
DeleteCriticalSection
InitializeCriticalSectionEx
FlushInstructionCache
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
VirtualProtect
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
VirtualAlloc
GetFileSize
ReadFile
GetFullPathNameW
SetThreadAffinityMask
FindResourceW
LoadResource
SizeofResource
LockResource
IsProcessorFeaturePresent
GetTickCount
GetSystemTimeAsFileTime
ExitProcess
GlobalFree
GetCurrentProcessId
QueryPerformanceCounter
IsWow64Process
PostQueuedCompletionStatus
TerminateProcess
CreateEventW
QueryFullProcessImageNameW
ResumeThread
GetFileAttributesW
GetCurrentProcess
SetUnhandledExceptionFilter
WTSGetActiveConsoleSessionId
AssignProcessToJobObject
SetInformationJobObject
SystemTimeToFileTime
GetPrivateProfileStringW
GetPrivateProfileSectionW
InitOnceExecuteOnce
RaiseException
CreateJobObjectW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreExW
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
CreateDirectoryW
WriteFile
WaitForMultipleObjects
SetEvent
ResetEvent
WaitForSingleObject
GetComputerNameW
Sleep
CloseHandle
TerminateThread
TryEnterCriticalSection
CreateThread
GetProductInfo
GetNativeSystemInfo
MoveFileExW
OpenProcess
SetPriorityClass
GetSystemPowerStatus
VerifyVersionInfoW
CreateIoCompletionPort
LoadLibraryW
WideCharToMultiByte
FreeLibrary
GetQueuedCompletionStatus
DebugBreak
GetModuleHandleW
GetProcessHeap
CreateEventExW
GetSystemDirectoryW
GetProcAddress
GetSystemFirmwareTable
DeviceIoControl
HeapAlloc
K32GetModuleFileNameExW
K32EnumProcessModules
K32EnumProcesses
CreateSemaphoreW
OpenWaitableTimerW
GetTempPathW
CreateWaitableTimerW
SetWaitableTimer
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileTime
LocalAlloc
DosDateTimeToFileTime
LocalFileTimeToFileTime
GetFileInformationByHandle
MultiByteToWideChar
SetFileAttributesW
SetFileTime
CreateMutexW
GetFileSizeEx
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FormatMessageW
DelayLoadFailureHook
LoadLibraryExA
GetModuleFileNameA
HeapFree
CreateProcessW
SetLastError
UnhandledExceptionFilter
GetExitCodeProcess
GetLongPathNameW
GetDriveTypeW
GetCurrentThreadId
GetModuleHandleExW
LocalFree
OutputDebugStringW
GetCurrentThread
IsDebuggerPresent
LoadLibraryExW
CopyFileW
GetLastError
CreateActCtxW
QueryActCtxW
ReleaseActCtx
GetVolumeInformationByHandleW

advapi32

RegQueryInfoKeyW
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptReleaseContext
CryptDestroyHash
ProcessTrace
CloseTrace
OpenTraceW
StartServiceW
ControlServiceExW
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
EnableTrace
EnableTraceEx2
StartTraceW
ControlTraceW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyW
RegDeleteValueW
ControlService
RegEnumKeyW
RegLoadAppKeyW
RegEnumKeyExW
RegOpenKeyExW
ConvertSidToStringSidW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
EventRegister
EventUnregister
RegDeleteTreeW
RegCreateKeyTransactedW
RegEnumValueW
RegGetValueW
IsWellKnownSid
CopySid
LookupAccountNameW
ConvertStringSidToSidW
CreateWellKnownSid
RegQueryValueExW
CredFree
CredReadW
RevertToSelf
ImpersonateLoggedOnUser
EventWriteTransfer

ole32

CoUninitialize
CoInitializeEx
CoWaitForMultipleHandles
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoCreateGuid
StringFromGUID2

shlwapi

PathAppendW
PathUnquoteSpacesW
PathRemoveBlanksW
StrStrW
PathFileExistsW
PathRemoveFileSpecW
SHCreateStreamOnFileEx
ord219
PathFindFileNameW
PathStripPathW
PathFindExtensionW
UrlGetPartW

oleaut32

SysStringLen
VariantInit
VariantClear
SysFreeString
SysAllocString

user32

TranslateMessage
CharUpperBuffW
DestroyIcon
CharLowerBuffW
GetSystemMetrics
MsgWaitForMultipleObjects
PeekMessageW
GetIconInfo
DispatchMessageW
LoadStringW

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSEnumerateSessionsW

msi

MsiGetProductInfoW
MsiViewFetch
MsiViewExecute
MsiDatabaseOpenViewW
MsiOpenDatabaseW
MsiSetInternalUI
MsiRecordGetStringW
MsiCloseHandle

shell32

SHGetFileInfoW
ExtractIconExW

crypt32

CertVerifyCertificateChainPolicy

gdi32

GetDIBits
CreateDIBSection
CreateCompatibleDC
GetObjectW
DeleteObject
DeleteDC

netapi32

NetUserEnum
NetUserGetInfo
NetApiBufferFree

ws2_32

WSACleanup
WSAGetLastError
gethostname
WSAStartup
getaddrinfo
freeaddrinfo

xmllite

CreateXmlWriter
CreateXmlReaderInputWithEncodingName
CreateXmlReader
CreateXmlWriterOutputWithEncodingName

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

tdh

TdhGetEventInformation

cabinet

ord22
ord23
ord20

bcrypt

BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptHashData
BCryptCreateHash

iphlpapi

GetIfTable2
FreeMibTable

setupapi

SetupCloseInfFile
SetupTermDefaultQueueCallback
SetupInstallServicesFromInfSectionW
SetupDefaultQueueCallbackW
SetupInstallFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupOpenInfFileW

Exports

Exports

ContainerSetupFunction
ContainerSetupWrapper
DoScheduledTelemetryRun
DoScheduledTelemetryRunTC
GetCtacProvider
GetProvider
RunTest
RunXml
Sgd
UpdateAvStatus
UpdateCacheCompatStatuses
UpdateExperienceIndicators

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wlanpref.dll
.dll regsvr32 windows:10 windows x64 arch:x64

080890b09d1fb2411ed096cb5140b1b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wlanpref.pdb

Imports

msvcrt

??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
_vsnwprintf
_onexit
calloc
_wtoi
iswdigit
wcsstr
_lock
memmove_s
_purecall
free
_unlock
_errno
iswctype
iswspace
realloc
memset
__CxxFrameHandler3
_CxxThrowException
memcmp
vswprintf_s
malloc
wcsncpy_s
wcscat_s
wcscpy_s
memcpy
__dllonexit
memcpy_s
__C_specific_handler
wcsrchr
wcscmp

oleaut32

SysFreeString
VarUI4FromStr
RegisterTypeLi
VariantInit
SysAllocString
VariantClear
OleLoadPicture
SysStringLen
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-string-l2-1-0

CharLowerW
CharNextW

api-ms-win-core-libraryloader-l1-2-0

SizeofResource
LoadLibraryExW
GetModuleFileNameW
LoadLibraryExA
FindResourceExW
LoadResource
GetProcAddress
GetModuleHandleW
LoadStringW
GetModuleHandleExW
FreeLibrary

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-com-l1-1-0

CoUninitialize
IIDFromString
StringFromIID
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoCreateGuid
CoTaskMemRealloc

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
OutputDebugStringA

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW

api-ms-win-core-processthreads-l1-1-0

CreateThread
GetCurrentProcess
GetCurrentThreadId
OpenProcessToken
GetCurrentThread
OpenThreadToken
TerminateProcess
GetCurrentProcessId

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventRegister

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-security-base-l1-1-0

GetTokenInformation
DuplicateToken
AllocateAndInitializeSid
FreeSid
EqualSid

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

iphlpapi

ConvertInterfaceGuidToLuid
ConvertInterfaceLuidToAlias

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualFree

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-processthreads-l1-1-1

FlushInstructionCache

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InterlockedPopEntrySList

api-ms-win-core-synch-l1-2-0

Sleep
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

ntdll

WinSqmSetDWORD
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwTraceMessage
WinSqmIncrementDWORD
EtwUnregisterTraceGuids

kernel32

GlobalUnlock
lstrlenA
lstrcmpiW
CreateActCtxW
FindActCtxSectionStringW
ActivateActCtx
GetProcessMitigationPolicy
LocalAlloc
DeactivateActCtx
ReleaseActCtx
lstrlenW
GlobalLock
QueryActCtxW

ole32

CoGetObject
ReleaseStgMedium

shell32

SHChangeNotify
SHCreateDataObject
ord18
ShellExecuteExW
ord155
ShellExecuteW
ord21

gdi32

SelectObject
CreateFontIndirectW
CreateDIBSection
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleDC

user32

EnableWindow
GetDC
RegisterClipboardFormatW
IsDlgButtonChecked
InsertMenuW
SetMenuDefaultItem
LoadImageW
CheckDlgButton
GetSystemMetrics
PostMessageW
ShowWindow
EndDialog
MessageBoxW
GetWindow
GetWindowLongW
SystemParametersInfoW
MoveWindow
DestroyWindow
GetWindowTextW
SetWindowTextW
GetDoubleClickTime
CreateWindowExW
GetWindowLongPtrW
InvalidateRect
SetTimer
GetWindowRect
SetCapture
SetFocus
GetClientRect
MapWindowPoints
ClientToScreen
SetWindowPos
DialogBoxParamW
ReleaseCapture
KillTimer
GetDlgItem
SetDlgItemTextW
GetParent
UnregisterClassA
SetWindowLongPtrW
SendMessageW
GetPropW
SetPropW
ReleaseDC

nci

NciGetConnectionName

wlanui

WlanUIEditProfile

api-ms-win-service-management-l1-1-0

OpenSCManagerW
OpenServiceW
CloseServiceHandle

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-service-private-l1-1-0

UnsubscribeServiceChangeNotifications
SubscribeServiceChangeNotifications

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 474KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wlidcli.dll
.dll regsvr32 windows:10 windows x64 arch:x64

9fedd0e4c01324ab04eb22ff6f7cb491

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wlidcli.pdb

Imports

msvcrt

_set_errno
wcsrchr
_mbsstr
vsprintf_s
_vscprintf
_wtol
wcsstr
_gmtime64_s
wcsftime
_time64
_mktime64
calloc
iswspace
strrchr
__C_specific_handler
swprintf_s
_vsnwprintf
wcscspn
wcsspn
_wcsicmp
_wcsupr_s
_mbslwr_s
_mbscmp
towupper
_purecall
_localtime64_s
wcschr
_vsnprintf_s
_vscwprintf
vswprintf_s
malloc
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
free
memmove_s
memcpy_s
??0exception@@QEAA@AEBV0@@Z
wcsncpy_s
wcstoul
wcstol
_callnewh
??0exception@@QEAA@AEBQEBDH@Z
?what@exception@@UEBAPEBDXZ
_CxxThrowException
_resetstkoflw
wcscpy_s
_XcptFilter
_amsg_exit
_initterm
?terminate@@YAXXZ
_lock
_unlock
__dllonexit
_onexit
??1type_info@@UEAA@XZ
_errno
realloc
memset
__CxxFrameHandler3
_wcslwr_s
memcmp
wcscmp

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExA
FreeLibrary
SizeofResource
LockResource
FindResourceExW
LoadResource
GetModuleHandleExW
LoadLibraryExW

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
RpcBindingFree
CStdStubBuffer_CountRefs
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
NdrDllGetClassObject
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
NdrDllCanUnloadNow
CStdStubBuffer_Connect
NdrCStdStubBuffer_Release
NdrMesTypeEncode3
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcAsyncCancelCall
Ndr64AsyncClientCall
RpcAsyncCompleteCall
NdrMesTypeAlignSize3
RpcStringFreeA
CStdStubBuffer_QueryInterface
RpcSsDestroyClientContext
RpcAsyncInitializeHandle
I_RpcBindingInqLocalClientPID
MesDecodeBufferHandleCreate
MesHandleFree
MesBufferHandleReset
RpcStringFreeW
UuidToStringW
UuidCreate
MesEncodeFixedBufferHandleCreate
UuidToStringA

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient4
ObjectStublessClient6
ObjectStublessClient5
ObjectStublessClient3

api-ms-win-core-processthreads-l1-1-0

GetProcessIdOfThread
TlsAlloc
GetCurrentThread
OpenThreadToken
TerminateProcess
OpenThread
GetCurrentProcessId
TlsSetValue
TerminateThread
TlsFree
TlsGetValue
OpenProcessToken
GetCurrentProcess
GetCurrentThreadId
SetThreadToken
CreateThread

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetLastError
RaiseException
SetUnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
ReleaseSRWLockExclusive
CreateMutexExW
CreateSemaphoreExW
CreateEventW
WaitForSingleObjectEx
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
CreateEventExW
ResetEvent
TryEnterCriticalSection
LeaveCriticalSection
ReleaseMutex
ReleaseSemaphore
WaitForMultipleObjectsEx
OpenSemaphoreW
AcquireSRWLockExclusive
SetEvent

crypt32

CertCloseStore
CertOpenStore
CryptImportPublicKeyInfo
CertFindCertificateInStore
CertGetCertificateChain
CertCreateCertificateContext
CertDuplicateCertificateContext
CryptProtectData
CryptProtectMemory
CryptUnprotectMemory
CertFreeCertificateChain
CryptAcquireCertificatePrivateKey
CertFreeCertificateContext
CertEnumCertificatesInStore
CertSetCertificateContextProperty
CryptSignMessage
CertGetNameStringA
CertVerifyCertificateChainPolicy
CertGetCertificateContextProperty
CryptUnprotectData

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
GetTimeZoneInformation

api-ms-win-core-file-l1-1-0

FileTimeToLocalFileTime
CompareFileTime

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc
GlobalAlloc

api-ms-win-core-com-l1-1-0

CoGetCallerTID
StringFromGUID2
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoTaskMemRealloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CoTaskMemFree

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegDeleteKeyExW
RegQueryValueExW
RegDeleteTreeW
RegOpenCurrentUser
RegCloseKey
RegSetKeySecurity
RegGetValueW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-localization-l1-2-0

GetThreadLocale
GetThreadPreferredUILanguages
GetUserDefaultLocaleName
FormatMessageW

api-ms-win-core-heap-l1-1-0

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-security-base-l1-1-0

FreeSid
AccessCheck
CheckTokenMembership
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
IsValidSecurityDescriptor
InitializeAcl
ImpersonateLoggedOnUser
RevertToSelf
IsValidSid
CreateWellKnownSid
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
GetTokenInformation
GetSecurityDescriptorSacl
AddAccessAllowedAce

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
SleepConditionVariableSRW
Sleep

api-ms-win-core-sysinfo-l1-1-0

GetSystemDirectoryW
GetVersionExW
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-psapi-l1-1-0

K32EnumProcessModules
K32GetModuleFileNameExW

api-ms-win-core-memory-l1-1-0

VirtualFree
VirtualAlloc

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-processthreads-l1-1-1

FlushInstructionCache

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InterlockedPopEntrySList

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW

api-ms-win-security-lsalookup-l2-1-0

LookupAccountNameW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

sspicli

LsaLookupAuthenticationPackage
LsaCallAuthenticationPackage
LsaDeregisterLogonProcess
LsaRegisterLogonProcess
LsaConnectUntrusted
LogonUserExExW

api-ms-win-service-management-l1-1-0

OpenSCManagerW
CloseServiceHandle
OpenServiceW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

cryptsp

CryptDuplicateKey
CryptEncrypt
CryptGenKey
CryptDecrypt
CryptSetProvParam
CryptSignHashW
CryptGetHashParam
CryptSetHashParam
CryptCreateHash
CryptContextAddRef
CryptAcquireContextA
CryptHashData
CryptSetKeyParam
CryptGenRandom
CryptGetKeyParam
CryptVerifySignatureW
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextW
CryptReleaseContext
CryptImportKey
CryptGetUserKey

api-ms-win-core-kernel32-legacy-l1-1-0

GetComputerNameW
MulDiv

api-ms-win-core-threadpool-legacy-l1-1-0

CreateTimerQueue
DeleteTimerQueueEx
CreateTimerQueueTimer
DeleteTimerQueueTimer

api-ms-win-core-shlwapi-legacy-l1-1-0

PathCombineW
PathAppendW

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW
lstrcmpW

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

combase

ord140

gdi32

CreateCompatibleDC
CreateSolidBrush
GetDeviceCaps
GetStockObject
GetObjectW
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC

user32

GetClassInfoExW
RedrawWindow
SetWindowPos
GetSysColor
GetClassNameW
GetClientRect
FillRect
CreateWindowExW
IsWindow
DestroyWindow
SendMessageW
GetDlgItem
GetWindow
SetFocus
GetFocus
IsChild
EndPaint
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
UnregisterClassW
GetWindowThreadProcessId
FindWindowExW
IsWindowEnabled
EnumWindows
SendMessageTimeoutW
UnregisterClassA
LoadImageW
ReleaseCapture
SetCapture
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
UnhookWindowsHookEx
RegisterClassExW
LoadCursorW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
BeginPaint
CallWindowProcW
DefWindowProcW
SetWindowLongW
GetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
DestroyAcceleratorTable
GetDesktopWindow
ReleaseDC
InvalidateRect
GetDC
InvalidateRgn

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

bcrypt

BCryptCloseAlgorithmProvider

Exports

Exports

AddUserToSsoGroup
AssociateDeviceToUser
AuthIdentityToService
AuthIdentityToServiceEx
CancelPendingRequest
CloseEnumIdentitiesHandle
CloseIdentityHandle
CreateIdentityHandle
CreateIdentityHandleEx
CreateLinkedIdentityHandle
DeProvisionDeviceId
DecryptWithSessionKey
DecryptWithSessionKeyEx
DisassociateDeviceFromUser
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
EncryptWithSessionKey
EncryptWithSessionKeyEx
EnumIdentitiesWithCachedCredentials
EnumerateCertificates
EnumerateDeviceID
EnumerateUserAssociatedDevices
FlushIDCRLTraceBuffer
GenerateCertToken
GenerateDeviceToken
GetAssertion
GetAuthState
GetAuthStateEx
GetAuthenticationStatus
GetCertificate
GetConfigDWORDValue
GetDefaultNoUISSOUser
GetDefaultUserForTarget
GetDeviceId
GetDeviceIdEx
GetDeviceShortLivedToken
GetErrorMessage
GetExtendedError
GetExtendedProperty
GetHIPChallenge
GetIdentityProperty
GetIdentityPropertyByName
GetRealmInfo
GetResponseForHttpChallenge
GetServiceConfig
GetUserExtendedProperty
GetUsersFromSsoGroup
GetWebAuthUrl
GetWebAuthUrlEx
HasPersistedCredential
IDCRL_GetLatestProtectionKey
IDCRL_GetSpecifiedProtectionKey
Initialize
InitializeApp
InitializeEx
InitializeIDCRLTraceBuffer
IsDeviceIDAdmin
IsMappedError
LogonIdentity
LogonIdentityEx
LogonIdentityExSSO
LogonIdentityExWithUI
NextIdentity
OpenAuthenticatedBrowser
PassportFreeMemory
PersistCredential
ProvisionDeviceId
RemoveChangeNotificationCallback
RemovePersistedCredential
RemoveUserFromSsoGroup
RenewDeviceId
SendOneTimeCode
SendWatsonReport
SetChangeNotificationCallback
SetCredential
SetDefaultUserForTarget
SetDeviceConsent
SetExtendedProperty
SetHIPSolution
SetIdcrlOptions
SetIdentityCallback
SetIdentityProperty
SetUserExtendedProperty
StartTracing
StopTracing
UICollectCredential
UIEndWaitDialog
UIShowWaitDialog
UnPackErrorBlob
Uninitialize
UpdateUserAssociatedDeviceProperties
VerifyAssertion
VerifyCertificate

Sections

.text
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wxmsw32u_xrc_gcc_custom.dll
.dll windows:4 windows x64 arch:x64

61f52898006c9551a4c4108c1f7e8236

Code Sign

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01/01/2004, 00:00

Not After

31/12/2028, 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18/02/2022, 00:00

Not After

17/02/2025, 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c6:fa:e0:2b:b8:f2:7f:d5:49:02:55:df:fc:25:e9:19:f1:0f:06:3b:62:40:96:6c:8b:6a:bd:cf:74:84:e7:b0
Signer

Actual PE Digest

c6:fa:e0:2b:b8:f2:7f:d5:49:02:55:df:fc:25:e9:19:f1:0f:06:3b:62:40:96:6c:8b:6a:bd:cf:74:84:e7:b0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wxbase32u_gcc_custom

_Z15wxExpandEnvVarsRK8wxString
_Z18wxGetUTCTimeMillisv
_Z19wxGet_wxConvLibcPtrv
_Z7wxSplitRK8wxStringww
_ZN10wxDateTime3SetERK2tm
_ZN10wxDateTime8GetTmNowEP2tm
_ZN10wxFileName10FileExistsERK8wxString
_ZN10wxFileName6AssignERK8wxString12wxPathFormat
_ZN10wxFileName6AssignERKS_
_ZN10wxFileName9NormalizeEiRK8wxString12wxPathFormat
_ZN11wxClassInfo8RegisterEv
_ZN11wxClassInfo8sm_firstE
_ZN11wxClassInfo9FindClassERK8wxString
_ZN11wxClassInfoD1Ev
_ZN12wxEvtHandler10QueueEventEP7wxEvent
_ZN12wxEvtHandler12ProcessEventER7wxEvent
_ZN12wxEvtHandler15DoSetClientDataEPv
_ZN12wxEvtHandler16SearchEventTableER12wxEventTableR7wxEvent
_ZN12wxEvtHandler17DoSetClientObjectEP12wxClientData
_ZN12wxEvtHandler21WXReservedEvtHandler1EPv
_ZN12wxEvtHandler21WXReservedEvtHandler2EPv
_ZN12wxEvtHandler6DoBindEiiiP14wxEventFunctorP8wxObject
_ZN12wxEvtHandlerC2Ev
_ZN12wxEvtHandlerD2Ev
_ZN12wxFileSystem12ChangePathToERK8wxStringb
_ZN12wxFileSystem13FileNameToURLERK10wxFileName
_ZN12wxFileSystem8FindNextEv
_ZN12wxFileSystem8OpenFileERK8wxStringi
_ZN12wxFileSystem9FindFirstERK8wxStringi
_ZN12wxFileSystemD1Ev
_ZN13wxInputStream7ReadAllEPvy
_ZN14wxEventFunctorD2Ev
_ZN14wxFormatString7AsWCharEv
_ZN14wxTranslations21GetUntranslatedStringERK8wxString
_ZN14wxTranslations3GetEv
_ZN16wxEventHashTableC1ERK12wxEventTable
_ZN16wxEventHashTableD1Ev
_ZN17_wxHashTableBase211DeleteNodesEyPP21_wxHashTable_NodeBasePFvS1_E
_ZN17_wxHashTableBase212GetNextPrimeEm
_ZN17_wxHashTableBase213CopyHashTableEPP21_wxHashTable_NodeBaseyPS_S2_PFyS3_S1_EPFS1_S1_E
_ZN17_wxHashTableBase216DummyProcessNodeEP21_wxHashTable_NodeBase
_ZN17wxCriticalSection5EnterEv
_ZN17wxCriticalSection5LeaveEv
_ZN17wxStringTokenizer12GetNextTokenEv
_ZN17wxStringTokenizer9SetStringERK8wxStringS2_21wxStringTokenizerMode
_ZN17wxStringTokenizerC1ERK8wxStringS2_21wxStringTokenizerMode
_ZN21wxClientDataContainerC2Ev
_ZN5wxDir11GetAllFilesERK8wxStringP13wxArrayStringS2_i
_ZN5wxLog17GetComponentLevelERK8wxString
_ZN5wxLog22IsThreadLoggingEnabledEv
_ZN5wxLog5OnLogEmRK8wxStringRK15wxLogRecordInfo
_ZN5wxLog8ms_doLogE
_ZN7wxEventC2Eii
_ZN7wxTimer4InitEv
_ZN7wxTimer8SetOwnerEP12wxEvtHandleri
_ZN7wxTimerD1Ev
_ZN8wxModule12ms_classInfoE
_ZN8wxModule14RegisterModuleEPS_
_ZN8wxModule17InitializeModulesEv
_ZN8wxObject3RefERKS_
_ZN8wxObject5UnRefEv
_ZN8wxString10ConvertStrEPKcyRK8wxMBConv
_ZN8wxString13DoFormatWcharEPKwz
_ZN8wxString13DoPrintfWcharEPKwz
_ZN8wxString4nposE
_ZN8wxString7FormatVERKS_Pc
_ZN8wxString8TruncateEy
_ZN8wxString9FromAsciiEPKc
_ZN8wxString9MakeLowerEv
_ZN8wxThread11TestDestroyEv
_ZN8wxThread12GetCurrentIdEv
_ZN8wxThread15ms_idMainThreadE
_ZN8wxThreadD2Ev
_ZN9wxPrivate18GetUntypedNullDataEv
_ZNK10wxFileName11GetFullPathE12wxPathFormat
_ZNK12wxEvtHandler15DoGetClientDataEv
_ZNK12wxEvtHandler17DoGetClientObjectEv
_ZNK13wxArrayString5IndexERK8wxStringbb
_ZNK14wxTranslations19GetTranslatedStringERK8wxStringS2_S2_
_ZNK17wxStringTokenizer13HasMoreTokensEv
_ZNK20wxArgNormalizerWcharIRK8wxStringE3getEv
_ZNK8wxMBConv14DoConvertMB2WCEPKcy
_ZNK8wxObject12CloneRefDataEPK12wxRefCounter
_ZNK8wxObject12GetClassInfoEv
_ZNK8wxObject13CreateRefDataEv
_ZNK8wxString10StartsWithERKS_PS_
_ZNK8wxString11BeforeFirstE9wxUniCharPS_
_ZNK8wxString3MidEyy
_ZNK8wxString4FindE9wxUniCharb
_ZNK8wxString6AsCharERK8wxMBConv
_ZNK8wxString6ToLongEPli
_ZNK8wxString7MatchesERKS_
_ZNK8wxString7ToULongEPmi
_ZNK8wxString7compareEPKc
_ZNK8wxString7compareEPKw
_ZNK8wxString7compareERKS_
_ZNK8wxString8EndsWithERKS_PS_
_ZNK8wxString8IsSameAsE9wxUniCharb
_ZNK8wxString9AfterLastE9wxUniChar
_ZNK8wxString9CmpNoCaseERKS_
_ZNK8wxString9ToCDoubleEPd
_ZTV12wxFileSystem
_ZTV12wxMBConvUTF8
_ZTV17wxStringTokenizer
_ZTV7wxTimer
_ZTV8wxFSFile
_ZTV8wxModule
_ZTV8wxObject
_Zpl9wxUniCharRK8wxString
_ZplRK8wxString9wxUniChar
_ZplRK8wxStringPKc
_ZplRK8wxStringPKw
_ZplRK8wxStringS1_
wxConvLibcPtr
wxEVT_NULL
wxEmptyString
wxPendingDelete

wxbase32u_xml_gcc_custom

_ZN13wxXmlDocument4LoadER13wxInputStreamRK8wxStringi
_ZN13wxXmlDocumentC1Ev
_ZN9wxXmlNode12AddAttributeERK8wxStringS2_
_ZN9wxXmlNodeC1ERKS_
_ZN9wxXmlNodeD1Ev
_ZNK13wxXmlDocument7GetRootEv
_ZNK9wxXmlNode12GetAttributeERK8wxStringPS0_
_ZNK9wxXmlNode12GetAttributeERK8wxStringS2_
_ZNK9wxXmlNode12HasAttributeERK8wxString
_ZNK9wxXmlNode14GetNodeContentEv
_ZTV13wxXmlDocument

wxmsw32u_core_gcc_custom

_Z17wxSetFocusToChildP8wxWindowPS0_
_Z19wxGetTopLevelParentP12wxWindowBase
_ZN10wxBoxSizer12ms_classInfoE
_ZN10wxCheckBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN10wxComboBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorS4_
_ZN10wxFontBase12SetPointSizeEi
_ZN10wxFontBase18SetDefaultEncodingE14wxFontEncoding
_ZN10wxListCtrl10InsertItemERK10wxListItem
_ZN10wxListCtrl12ms_classInfoE
_ZN10wxListCtrl4InitEv
_ZN10wxListCtrl6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN10wxListbook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxMenuBase4InitEl
_ZN10wxMenuBase6EnableEib
_ZN10wxMenuBaseD2Ev
_ZN10wxMenuItem11DoSetBitmapERK14wxBitmapBundleb
_ZN10wxMenuItemC1EP6wxMenuiRK8wxStringS4_10wxItemKindS1_
_ZN10wxNotebook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxNotebookC1Ev
_ZN10wxRadioBox4InitEv
_ZN10wxRadioBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeRK13wxArrayStringilRK11wxValidatorS4_
_ZN10wxSpinCtrl4InitEv
_ZN10wxSpinCtrl6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeliiiS4_
_ZN10wxTextCtrl6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN10wxTextCtrlC1Ev
_ZN10wxToolbook4InitEv
_ZN10wxToolbook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxTreeCtrl4InitEv
_ZN10wxTreeCtrl6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN10wxTreebook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN11wxAnimation4LoadER13wxInputStream15wxAnimationType
_ZN11wxAnimationC1EP15wxAnimationImpl
_ZN11wxAnimationC1Ev
_ZN11wxAnyButton11DoSetBitmapERK14wxBitmapBundleN15wxAnyButtonBase5StateE
_ZN11wxAnyButton13MSWWindowProcEjyx
_ZN11wxAnyButton16DoSetLabelMarkupERK8wxString
_ZN11wxAnyButton18DoSetBitmapMarginsEii
_ZN11wxAnyButton19DoSetBitmapPositionE11wxDirection
_ZN11wxAnyButton19SetBackgroundColourERK8wxColour
_ZN11wxAnyButton19SetForegroundColourERK8wxColour
_ZN11wxAnyButton8SetLabelERK8wxString
_ZN11wxAnyButton9MSWOnDrawEPPv
_ZN11wxAnyButtonD2Ev
_ZN11wxComboCtrl11AnimateShowERK6wxRecti
_ZN11wxComboCtrl4InitEv
_ZN11wxComboCtrl6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN11wxComboCtrl8OnResizeEv
_ZN11wxComboCtrlD2Ev
_ZN11wxFrameBaseC2Ev
_ZN11wxFrameBaseD2Ev
_ZN11wxGridSizerC1Eiiii
_ZN11wxIdManager9ReserveIdEi
_ZN11wxImageList3AddERK6wxIcon
_ZN11wxImageList3AddERK8wxBitmapS2_
_ZN11wxImageList6CreateEiibi
_ZN11wxPanelBase10InitDialogEv
_ZN11wxPanelBase6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN11wxScrollBar6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN11wxSizerItem10DoSetSizerEP7wxSizer
_ZN11wxSizerItem11DoSetSpacerERK6wxSize
_ZN11wxSizerItem11DoSetWindowEP8wxWindow
_ZN11wxSizerItem4FreeEv
_ZN11wxSizerItemC1Ev
_ZN11wxStaticBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN11wxStaticBox6CreateEP8wxWindowiS1_RK7wxPointRK6wxSizelRK8wxString
_ZN11wxStatusBar6CreateEP8wxWindowilRK8wxString
_ZN11wxStatusBarC1Ev
_ZN11wxTextEntry10ForceUpperEv
_ZN11wxTextEntry12SetMaxLengthEm
_ZN11wxTextEntry14DoSetSelectionElli
_ZN11wxTextEntry20DoAutoCompleteCustomEP15wxTextCompleter
_ZN11wxTextEntry20MSWProcessSpecialKeyER10wxKeyEvent
_ZN11wxTextEntry21DoAutoCompleteStringsERK13wxArrayString
_ZN11wxTextEntry23DoAutoCompleteFileNamesEi
_ZN11wxTextEntryC2Ev
_ZN11wxTextEntryD2Ev
_ZN11wxWrapSizerC1Eii
_ZN12wxColourBase10FromStringERK8wxString
_ZN12wxDialogBase11IsEscapeKeyERK10wxKeyEvent
_ZN12wxDialogBase15ShowWindowModalEv
_ZN12wxDialogBase18DoLayoutAdaptationEv
_ZN12wxDialogBase21CanDoLayoutAdaptationEv
_ZN12wxDialogBase26SendWindowModalDialogEventEi
_ZN12wxDialogBaseC2Ev
_ZN12wxFontMapper17CharsetToEncodingERK8wxStringb
_ZN12wxFontMapperC1Ev
_ZN12wxFontMapperD1Ev
_ZN12wxIconBundleC1ER13wxInputStream12wxBitmapType
_ZN12wxSpinButton6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN12wxSpinButtonD2Ev
_ZN12wxStaticLine6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN12wxStaticText6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN12wxWindowBase10GetCaptureEv
_ZN12wxWindowBase10InitDialogEv
_ZN12wxWindowBase10SetMaxSizeERK6wxSize
_ZN12wxWindowBase10SetMinSizeERK6wxSize
_ZN12wxWindowBase11CopyToolTipEP9wxToolTip
_ZN12wxWindowBase11RemoveChildEPS_
_ZN12wxWindowBase12DoNavigateInEi
_ZN12wxWindowBase12SetValidatorERK11wxValidator
_ZN12wxWindowBase13SendSizeEventEi
_ZN12wxWindowBase14DoSetSizeHintsEiiiiii
_ZN12wxWindowBase14SendIdleEventsER11wxIdleEvent
_ZN12wxWindowBase14SetNextHandlerEP12wxEvtHandler
_ZN12wxWindowBase14UpdateWindowUIEl
_ZN12wxWindowBase15ClearBackgroundEv
_ZN12wxWindowBase16DoMoveInTabOrderEP8wxWindowNS_11WindowOrderE
_ZN12wxWindowBase16DoSetToolTipTextERK8wxString
_ZN12wxWindowBase16DoSetVirtualSizeEii
_ZN12wxWindowBase16DoUpdateWindowUIER15wxUpdateUIEvent
_ZN12wxWindowBase16SetWindowVariantE15wxWindowVariant
_ZN12wxWindowBase17InheritAttributesEv
_ZN12wxWindowBase17ToggleWindowStyleEi
_ZN12wxWindowBase17WXReservedWindow1EPv
_ZN12wxWindowBase17WXReservedWindow2EPv
_ZN12wxWindowBase17WXReservedWindow3EPv
_ZN12wxWindowBase18DoSetWindowVariantE15wxWindowVariant
_ZN12wxWindowBase18InvalidateBestSizeEv
_ZN12wxWindowBase18SetBackgroundStyleE17wxBackgroundStyle
_ZN12wxWindowBase18SetPreviousHandlerEP12wxEvtHandler
_ZN12wxWindowBase19SetBackgroundColourERK8wxColour
_ZN12wxWindowBase19SetForegroundColourERK8wxColour
_ZN12wxWindowBase20InformFirstDirectionEiii
_ZN12wxWindowBase20TransferDataToWindowEv
_ZN12wxWindowBase22TransferDataFromWindowEv
_ZN12wxWindowBase25GetClassDefaultAttributesE15wxWindowVariant
_ZN12wxWindowBase29WXSetInitialFittingClientSizeEiP7wxSizer
_ZN12wxWindowBase3FitEv
_ZN12wxWindowBase6EnableEb
_ZN12wxWindowBase6LayoutEv
_ZN12wxWindowBase7DestroyEv
_ZN12wxWindowBase7FromDIPERK6wxSizePKS_
_ZN12wxWindowBase8AddChildEPS_
_ZN12wxWindowBase8DoCentreEi
_ZN12wxWindowBase8SetSizerEP7wxSizerb
_ZN12wxWindowBase8TryAfterER7wxEvent
_ZN12wxWindowBase8ValidateEv
_ZN12wxWindowBase9FindFocusEv
_ZN12wxWindowBase9FitInsideEv
_ZN12wxWindowBase9TryBeforeER7wxEvent
_ZN12wxWindowBaseC2Ev
_ZN12wxWindowBaseD2Ev
_ZN12wxWizardPage4InitEv
_ZN12wxWizardPage6CreateEP8wxWizardRK14wxBitmapBundle
_ZN13wxArtProvider13GetIconBundleERK8wxStringS2_
_ZN13wxArtProvider15GetBitmapBundleERK8wxStringS2_RK6wxSize
_ZN13wxArtProvider9GetBitmapERK8wxStringS2_RK6wxSize
_ZN13wxControlBase12GetLabelTextERK8wxString
_ZN13wxControlBase15EscapeMnemonicsERK8wxString
_ZN13wxControlBase16DoSetLabelMarkupERK8wxString
_ZN13wxControlBase16DoUpdateWindowUIER15wxUpdateUIEvent
_ZN13wxControlBase7SetFontERK6wxFont
_ZN13wxControlBaseD2Ev
_ZN13wxGBSizerItem6SetPosERK12wxGBPosition
_ZN13wxGBSizerItem7SetSpanERK8wxGBSpan
_ZN13wxGBSizerItemC1Ev
_ZN13wxListBoxBaseD2Ev
_ZN13wxRadioButton4InitEv
_ZN13wxRadioButton6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN13wxToolBarBaseC2Ev
_ZN13wxToolBarBaseD2Ev
_ZN13wxWindowIDRef6AssignEi
_ZN14wxBitmapBundle11FromBitmapsERKSt6vectorI8wxBitmapSaIS1_EE
_ZN14wxBitmapBundle7FromSVGEPcRK6wxSize
_ZN14wxBitmapBundleC1ERK8wxBitmap
_ZN14wxBitmapBundleC1ERKS_
_ZN14wxBitmapBundleC1Ev
_ZN14wxBitmapBundleD1Ev
_ZN14wxBitmapBundleaSERKS_
_ZN14wxBitmapButton17CreateCloseButtonEP8wxWindowiRK8wxString
_ZN14wxBitmapButton6CreateEP8wxWindowiRK14wxBitmapBundleRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN14wxBookCtrlBase10DeletePageEy
_ZN14wxBookCtrlBase10InsertPageEyP8wxWindowRK8wxStringbi
_ZN14wxBookCtrlBase11SetPageSizeERK6wxSize
_ZN14wxBookCtrlBase12DoRemovePageEy
_ZN14wxBookCtrlBase14DoSetSelectionEyi
_ZN14wxBookCtrlBase20DoInvalidateBestSizeEv
_ZN14wxBookCtrlBase26DoSetSelectionAfterRemovalEy
_ZN14wxBookCtrlBase28DoSetSelectionAfterInsertionEyb
_ZN14wxBookCtrlBase4InitEv
_ZN14wxBookCtrlBase6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN14wxBookCtrlBase6DoSizeEv
_ZN14wxCheckListBox6CreateEP8wxWindowiRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorRK8wxString
_ZN14wxCheckListBoxC1Ev
_ZN14wxGridBagSizer3AddEP13wxGBSizerItem
_ZN14wxGridBagSizerC1Eii
_ZN14wxListCtrlBase12InsertColumnElRK10wxListItem
_ZN14wxMenuItemBase3NewEP6wxMenuiRK8wxStringS4_10wxItemKindS1_
_ZN14wxRadioBoxBase14SetItemToolTipEjRK8wxString
_ZN14wxRadioBoxBaseD2Ev
_ZN14wxScrollHelper16AdjustScrollbarsEv
_ZN14wxScrollHelper16DoShowScrollbarsE21wxScrollbarVisibilityS0_
_ZN14wxScrollHelper8DoScrollEii
_ZN14wxScrollHelperC2EP8wxWindow
_ZN14wxStaticBitmap4InitEv
_ZN14wxStaticBitmap8DoCreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN14wxToggleButton12ms_classInfoE
_ZN14wxToggleButton4InitEv
_ZN14wxToggleButton6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN14wxTreeCtrlBaseC2Ev
_ZN14wxTreeCtrlBaseD2Ev
_ZN15wxAnyButtonBase17SetBitmapPositionE11wxDirection
_ZN15wxComboCtrlBase10DoSetValueERK8wxStringi
_ZN15wxComboCtrlBase10DrawButtonER4wxDCRK6wxRecti
_ZN15wxComboCtrlBase11DoShowPopupERK6wxRecti
_ZN15wxComboCtrlBase11SetEditableEb
_ZN15wxComboCtrlBase12DoSetMarginsERK7wxPoint
_ZN15wxComboCtrlBase12DoSetToolTipEP9wxToolTip
_ZN15wxComboCtrlBase12SetSelectionEll
_ZN15wxComboCtrlBase13OnButtonClickEv
_ZN15wxComboCtrlBase13OnThemeChangeEv
_ZN15wxComboCtrlBase16PositionTextCtrlEii
_ZN15wxComboCtrlBase17DoSetPopupControlEP12wxComboPopup
_ZN15wxComboCtrlBase17SetButtonPositionEiiii
_ZN15wxComboCtrlBase17SetInsertionPointEl
_ZN15wxComboCtrlBase19SetBackgroundColourERK8wxColour
_ZN15wxComboCtrlBase19SetForegroundColourERK8wxColour
_ZN15wxComboCtrlBase3CutEv
_ZN15wxComboCtrlBase4CopyEv
_ZN15wxComboCtrlBase4InitEv
_ZN15wxComboCtrlBase4RedoEv
_ZN15wxComboCtrlBase4ShowEb
_ZN15wxComboCtrlBase4UndoEv
_ZN15wxComboCtrlBase5PasteEv
_ZN15wxComboCtrlBase5PopupEv
_ZN15wxComboCtrlBase6EnableEb
_ZN15wxComboCtrlBase6RemoveEll
_ZN15wxComboCtrlBase7ReplaceEllRK8wxString
_ZN15wxComboCtrlBase7SetFontERK6wxFont
_ZN15wxComboCtrlBase7SetHintERK8wxString
_ZN15wxComboCtrlBase9HidePopupEb
_ZN15wxComboCtrlBase9ShowPopupEv
_ZN15wxComboCtrlBase9WriteTextERK8wxString
_ZN15wxComboCtrlBaseD2Ev
_ZN15wxDirPickerCtrl6CreateEP8wxWindowiRK8wxStringS4_RK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN15wxFlexGridSizer12ms_classInfoE
_ZN15wxFlexGridSizer14AddGrowableColEyi
_ZN15wxFlexGridSizer14AddGrowableRowEyi
_ZN15wxFlexGridSizerC1Eiiii
_ZN15wxHyperlinkCtrl6CreateEP8wxWindowiRK8wxStringS4_RK7wxPointRK6wxSizelS4_
_ZN15wxItemContainer15DoInsertOneItemERK8wxStringj
_ZN15wxItemContainer5ClearEv
_ZN15wxItemContainerD2Ev
_ZN15wxStaticBoxBaseC2Ev
_ZN15wxTextEntryBase10AppendTextERK8wxString
_ZN15wxTextEntryBase11ChangeValueERK8wxString
_ZN15wxTextEntryBase20WXReservedTextEntry1EPv
_ZN15wxTextEntryBase20WXReservedTextEntry2EPv
_ZN15wxTextEntryBase20WXReservedTextEntry3EPv
_ZN16wxBitmapComboBox4InitEv
_ZN16wxBitmapComboBox6AppendERK8wxStringRK14wxBitmapBundle
_ZN16wxBitmapComboBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeiPS3_lRK11wxValidatorS4_
_ZN16wxFilePickerCtrl6CreateEP8wxWindowiRK8wxStringS4_S4_RK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN16wxFontEnumerator12GetFacenamesE14wxFontEncodingb
_ZN16wxGenericDirCtrl6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_iS4_
_ZN16wxGenericDirCtrlC1Ev
_ZN16wxInfoBarGeneric4InitEv
_ZN16wxInfoBarGeneric6CreateEP8wxWindowi
_ZN16wxNonOwnedWindow12DoClearShapeEv
_ZN16wxNonOwnedWindow14DoSetPathShapeERK14wxGraphicsPath
_ZN16wxNonOwnedWindow16DoSetRegionShapeERK8wxRegion
_ZN16wxNonOwnedWindow8ReparentEP12wxWindowBase
_ZN16wxScrolledWindow12ms_classInfoE
_ZN16wxSpinCtrlDouble11DoSetDigitsEj
_ZN16wxSpinCtrlDouble6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelddddS4_
_ZN16wxSpinCtrlDouble9SetDigitsEj
_ZN16wxSplitterWindow10InitializeEP8wxWindow
_ZN16wxSplitterWindow14SetSashGravityEd
_ZN16wxSplitterWindow18SetMinimumPaneSizeEi
_ZN16wxSplitterWindow4InitEv
_ZN16wxSplitterWindow6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN16wxSplitterWindow7DoSplitE11wxSplitModeP8wxWindowS2_i
_ZN16wxStaticBoxSizer12ms_classInfoE
_ZN16wxStaticBoxSizerC1EP11wxStaticBoxi
_ZN16wxStaticTextBase4WrapEi
_ZN17wxEditableListBox10SetStringsERK13wxArrayString
_ZN17wxEditableListBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN17wxGenericFileCtrl6CreateEP8wxWindowiRK8wxStringS4_S4_lRK7wxPointRK6wxSizeS4_
_ZN18wxAcceleratorEntry10FromStringERK8wxString
_ZN18wxControlContainer12SetLastFocusEP8wxWindow
_ZN18wxControlContainer13HandleOnFocusER12wxFocusEvent
_ZN18wxControlContainer21HandleOnNavigationKeyER20wxNavigationKeyEvent
_ZN18wxControlContainer21HandleOnWindowDestroyEP12wxWindowBase
_ZN18wxControlContainerC1Ev
_ZN18wxScrollHelperBase11DoPrepareDCER4wxDC
_ZN18wxScrollHelperBase12ScrollLayoutEv
_ZN18wxScrollHelperBase13SetScrollRateEii
_ZN18wxScrollHelperBase13SetScrollbarsEiiiiiib
_ZN18wxScrollHelperBase15EnableScrollingEbb
_ZN18wxScrollHelperBase22ScrollDoSetVirtualSizeEii
_ZN18wxScrollHelperBaseD2Ev
_ZN18wxScrolledT_Helper14FilterBestSizeEPK8wxWindowPK14wxScrollHelperRK6wxSize
_ZN18wxScrolledT_Helper19FilterMSWWindowProcEjx
_ZN18wxStaticBitmapBaseD2Ev
_ZN19wxActivityIndicator6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN19wxCommandLinkButton6CreateEP8wxWindowiRK8wxStringS4_RK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN19wxTopLevelWindowMSW14SetTransparentEh
_ZN19wxTopLevelWindowMSW14ShowFullScreenEbl
_ZN19wxTopLevelWindowMSW17CanSetTransparentEv
_ZN19wxTopLevelWindowMSW17EnableCloseButtonEb
_ZN19wxTopLevelWindowMSW18SetLayoutDirectionE17wxLayoutDirection
_ZN19wxTopLevelWindowMSW20EnableMaximizeButtonEb
_ZN19wxTopLevelWindowMSW20EnableMinimizeButtonEb
_ZN19wxTopLevelWindowMSW20RequestUserAttentionEi
_ZN19wxTopLevelWindowMSW20SetContentProtectionE19wxContentProtection
_ZN19wxTopLevelWindowMSW21ShowWithoutActivatingEv
_ZN19wxTopLevelWindowMSW24MSWUpdateFontOnDPIChangeERK6wxSize
_ZN19wxTopLevelWindowMSW5RaiseEv
_ZN19wxTopLevelWindowMSW6DoThawEv
_ZN19wxTopLevelWindowMSW7DestroyEv
_ZN19wxTopLevelWindowMSW7IconizeEb
_ZN19wxTopLevelWindowMSW7RestoreEv
_ZN19wxTopLevelWindowMSW8DoFreezeEv
_ZN19wxTopLevelWindowMSW8MaximizeEb
_ZN19wxTopLevelWindowMSW8SetIconsERK12wxIconBundle
_ZN19wxTopLevelWindowMSW8SetTitleERK8wxString
_ZN19wxTopLevelWindowMSWD2Ev
_ZN20wxBitmapComboBoxBase4InitEv
_ZN20wxBitmapToggleButton12ms_classInfoE
_ZN20wxBitmapToggleButton6CreateEP8wxWindowiRK14wxBitmapBundleRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN20wxOwnerDrawnComboBox4InitEv
_ZN20wxOwnerDrawnComboBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorS4_
_ZN20wxTopLevelWindowBase10SetMaxSizeERK6wxSize
_ZN20wxTopLevelWindowBase10SetMinSizeERK6wxSize
_ZN20wxTopLevelWindowBase14WXReservedTLW1EPv
_ZN20wxTopLevelWindowBase14WXReservedTLW2EPv
_ZN20wxTopLevelWindowBase14WXReservedTLW3EPv
_ZN20wxTopLevelWindowBase16DoUpdateWindowUIER15wxUpdateUIEvent
_ZN20wxTopLevelWindowBase26GetRectForTopLevelChildrenEPiS0_S0_S0_
_ZN20wxTopLevelWindowBase6LayoutEv
_ZN20wxTopLevelWindowBase8DoCentreEi
_ZN20wxXmlResourceHandler12ms_classInfoE
_ZN20wxXmlResourceHandler15AddWindowStylesEv
_ZN20wxXmlResourceHandler8AddStyleERK8wxStringi
_ZN21wxPropertySheetDialog4InitEv
_ZN21wxPropertySheetDialog6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN21wxSpinCtrlGenericBase4InitEv
_ZN21wxSpinCtrlGenericBaseD2Ev
_ZN22wxControlContainerBase10DoSetFocusEv
_ZN22wxControlContainerBase22UpdateCanFocusChildrenEv
_ZN22wxGenericAnimationCtrl4InitEv
_ZN22wxGenericAnimationCtrl6CreateEP8wxWindowiRK11wxAnimationRK7wxPointRK6wxSizelRK8wxString
_ZN22wxGenericHyperlinkCtrl4InitEv
_ZN22wxStdDialogButtonSizer7RealizeEv
_ZN22wxStdDialogButtonSizer9AddButtonEP8wxButton
_ZN22wxStdDialogButtonSizerC1Ev
_ZN22wxSystemSettingsNative7GetFontE12wxSystemFont
_ZN22wxSystemSettingsNative9GetColourE14wxSystemColour
_ZN24wxGenericCollapsiblePane4InitEv
_ZN24wxGenericCollapsiblePane6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN28_WX_LIST_HELPER_wxWindowList14DeleteFunctionEP8wxWindow
_ZN30_WX_LIST_HELPER_wxMenuItemList14DeleteFunctionEP10wxMenuItem
_ZN6wxFont11SetFaceNameERK8wxString
_ZN6wxFont13SetUnderlinedEb
_ZN6wxFont16SetNumericWeightEi
_ZN6wxFont16SetStrikethroughEb
_ZN6wxFont22SetFractionalPointSizeEd
_ZN6wxFont8SetStyleE11wxFontStyle
_ZN6wxFont9SetFamilyE12wxFontFamily
_ZN6wxFontC1ERK10wxFontInfo
_ZN6wxFontD1Ev
_ZN6wxIcon14CopyFromBitmapERK8wxBitmap
_ZN6wxIconD1Ev
_ZN6wxMenu12ms_classInfoE
_ZN6wxMenu4InitEv
_ZN7wxFrame12ms_classInfoE
_ZN7wxFrame4InitEv
_ZN7wxFrame6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN7wxGauge6CreateEP8wxWindowiiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN7wxImage8LoadFileER13wxInputStream12wxBitmapTypei
_ZN7wxSizer12SetSizeHintsEP8wxWindow
_ZN7wxSizer12ms_classInfoE
_ZN7wxSizer3FitEP8wxWindow
_ZN7wxSizer9FitInsideEP8wxWindow
_ZN8wxBitmap15CreateFromImageERK7wxImagei
_ZN8wxBitmapD1Ev
_ZN8wxButton12ms_classInfoE
_ZN8wxButton6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN8wxChoice12SetSelectionEi
_ZN8wxChoice6CreateEP8wxWindowiRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorRK8wxString
_ZN8wxChoiceD2Ev
_ZN8wxColour4InitEv
_ZN8wxCursorC1Ev
_ZN8wxCursorD1Ev
_ZN8wxDialog13MSWWindowProcEjyx
_ZN8wxDialog18SetWindowStyleFlagEl
_ZN8wxDialog4InitEv
_ZN8wxDialog4ShowEb
_ZN8wxDialog6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN8wxDialog8EndModalEi
_ZN8wxDialog9ShowModalEv
_ZN8wxDialogD2Ev
_ZN8wxSlider4InitEv
_ZN8wxSlider6CreateEP8wxWindowiiiiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN8wxWindow10MSWCommandEjt
_ZN8wxWindow11DoPopupMenuEP6wxMenuii
_ZN8wxWindow11MSWOnNotifyEixPx
_ZN8wxWindow11MSWOnScrollEittP6HWND__
_ZN8wxWindow11ScrollLinesEi
_ZN8wxWindow11ScrollPagesEi
_ZN8wxWindow11WarpPointerEii
_ZN8wxWindow12DoMoveWindowEiiii
_ZN8wxWindow12DoSetToolTipEP9wxToolTip
_ZN8wxWindow12ScrollWindowEiiPK6wxRect
_ZN8wxWindow12SetScrollPosEiib
_ZN8wxWindow12SetScrollbarEiiiib
_ZN8wxWindow12SetupColoursEv
_ZN8wxWindow12ms_classInfoE
_ZN8wxWindow13MSWOnDrawItemEiPPv
_ZN8wxWindow13MSWWindowProcEjyx
_ZN8wxWindow13SetDropTargetEP12wxDropTarget
_ZN8wxWindow13SetExtraStyleEl
_ZN8wxWindow13sm_eventTableE
_ZN8wxWindow14DoCaptureMouseEv
_ZN8wxWindow14DoReleaseMouseEv
_ZN8wxWindow14OnInternalIdleEv
_ZN8wxWindow14RegisterHotKeyEiii
_ZN8wxWindow15AssociateHandleEP6HWND__
_ZN8wxWindow15DoSetClientSizeEii
_ZN8wxWindow15DragAcceptFilesEb
_ZN8wxWindow15SetFocusFromKbdEv
_ZN8wxWindow16DissociateHandleEv
_ZN8wxWindow16HandleMenuSelectEttP7HMENU__
_ZN8wxWindow16LoadNativeDialogEPS_RK8wxString
_ZN8wxWindow16LoadNativeDialogEPS_i
_ZN8wxWindow16MSWDefWindowProcEjyx
_ZN8wxWindow16MSWDestroyWindowEv
_ZN8wxWindow16MSWHandleMessageEPxjyx
_ZN8wxWindow16MSWOnMeasureItemEiPPv
_ZN8wxWindow16UnregisterHotKeyEi
_ZN8wxWindow17EnableTouchEventsEi
_ZN8wxWindow17MSWProcessMessageEP6tagMSG
_ZN8wxWindow17MSWShowWithEffectEb12wxShowEffectj
_ZN8wxWindow17SetDoubleBufferedEb
_ZN8wxWindow18SetLayoutDirectionE17wxLayoutDirection
_ZN8wxWindow18SetWindowStyleFlagEl
_ZN8wxWindow19HandleSettingChangeEyx
_ZN8wxWindow19MSWTranslateMessageEP6tagMSG
_ZN8wxWindow20CreateWindowFromHWNDEPS_P6HWND__
_ZN8wxWindow20MSWFindMenuFromHMENUEP7HMENU__
_ZN8wxWindow21MSWGetBgBrushForChildEP5HDC__PS_
_ZN8wxWindow23AdoptAttributesFromHWNDEv
_ZN8wxWindow24DoSendMenuOpenCloseEventEiP6wxMenu
_ZN8wxWindow24EndRepositioningChildrenEv
_ZN8wxWindow24MSWUpdateFontOnDPIChangeERK6wxSize
_ZN8wxWindow26BeginRepositioningChildrenEv
_ZN8wxWindow26MSWShouldPreProcessMessageEP6tagMSG
_ZN8wxWindow4InitEv
_ZN8wxWindow4ShowEb
_ZN8wxWindow5LowerEv
_ZN8wxWindow5RaiseEv
_ZN8wxWindow5SetIdEi
_ZN8wxWindow6DoThawEv
_ZN8wxWindow6UpdateEv
_ZN8wxWindow7RefreshEbPK6wxRect
_ZN8wxWindow7SetFontERK6wxFont
_ZN8wxWindow8DoEnableEb
_ZN8wxWindow8DoFreezeEv
_ZN8wxWindow8ReparentEP12wxWindowBase
_ZN8wxWindow8SetFocusEv
_ZN8wxWindow8SetLabelERK8wxString
_ZN8wxWindow9DoSetSizeEiiiii
_ZN8wxWindow9SetCursorERK8wxCursor
_ZN8wxWindowD2Ev
_ZN8wxWizard4InitEv
_ZN8wxWizard6CreateEP8wxWindowiRK8wxStringRK14wxBitmapBundleRK7wxPointl
_ZN9wxControl11MSWOnNotifyEixPx
_ZN9wxControl12ms_classInfoE
_ZN9wxControl14ProcessCommandER14wxCommandEvent
_ZN9wxControl15MSWControlColorEP5HDC__P6HWND__
_ZN9wxControl17DoMSWControlColorEP5HDC__8wxColourP6HWND__
_ZN9wxControl25GetClassDefaultAttributesE15wxWindowVariant
_ZN9wxListBox4InitEv
_ZN9wxListBox6CreateEP8wxWindowiRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorRK8wxString
_ZN9wxMenuBar12ms_classInfoE
_ZN9wxMenuBarC1El
_ZN9wxToolBar4InitEv
_ZN9wxToolBar6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZNK10wxFontBase12GetPointSizeEv
_ZNK11wxAnimation4IsOkEv
_ZNK11wxAnyButton11DoGetBitmapEN15wxAnyButtonBase5StateE
_ZNK11wxAnyButton11MSWIsPushedEv
_ZNK11wxAnyButton13DoGetBestSizeEv
_ZNK11wxAnyButton18DoGetBitmapMarginsEv
_ZNK11wxComboCtrl12GetClassInfoEv
_ZNK11wxComboCtrl13GetEventTableEv
_ZNK11wxComboCtrl16IsKeyPopupToggleERK10wxKeyEvent
_ZNK11wxComboCtrl17GetEventHashTableEv
_ZNK11wxComboCtrl17PrepareBackgroundER4wxDCRK6wxRecti
_ZNK11wxComboCtrl19GetNativeTextIndentEv
_ZNK11wxGridSizer12CalcRowsColsERiS0_
_ZNK12wxDialogBase11GetModalityEv
_ZNK12wxDialogBase13GetEventTableEv
_ZNK12wxDialogBase17GetEventHashTableEv
_ZNK12wxWindowBase10FindWindowERK8wxString
_ZNK12wxWindowBase10IsTopLevelEv
_ZNK12wxWindowBase11DoIsExposedEii
_ZNK12wxWindowBase11DoIsExposedEiiii
_ZNK12wxWindowBase11GetBestSizeEv
_ZNK12wxWindowBase12IsDescendantEPS_

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_strdup
_unlock
_wtoi
abort
calloc
fgetwc
free
fwrite
iswctype
localeconv
malloc
memcpy
memmove
memset
realloc
strcmp
strlen
strncmp
strtol
towlower
ungetwc
vfprintf
wcslen
wcstol
wcstoul

libgcc_s_seh-1

_Unwind_Resume

libstdc++-6

_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4findEPKwyy
_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4findEwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE10_M_replaceEyyPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE14_M_replace_auxEyyyw
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4swapERS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE8_M_eraseEyy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_appendEPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_mutateEyyPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEC1ERKS4_
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt28__throw_bad_array_new_lengthv
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdaPv
_ZdlPvy
_Znay
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__cxa_throw_bad_array_new_length
__gxx_personality_seh0

Exports

Exports

_Z23wxXmlInitResourceModulev
_ZN13wxXmlResource10AddHandlerEP20wxXmlResourceHandler
_ZN13wxXmlResource10DoGetXRCIDEPKci
_ZN13wxXmlResource10DoLoadFileERK8wxString
_ZN13wxXmlResource10LoadBitmapERK8wxString
_ZN13wxXmlResource10LoadDialogEP8wxDialogP8wxWindowRK8wxString
_ZN13wxXmlResource10LoadDialogEP8wxWindowRK8wxString
_ZN13wxXmlResource11LoadMenuBarEP8wxWindowRK8wxString
_ZN13wxXmlResource11LoadToolBarEP8wxWindowRK8wxString
_ZN13wxXmlResource11ReportErrorEPK9wxXmlNodeRK8wxString
_ZN13wxXmlResource11ms_instanceE
_ZN13wxXmlResource12DoLoadObjectEP8wxObjectP8wxWindowRK8wxStringS6_b
_ZN13wxXmlResource12DoLoadObjectEP8wxWindowRK8wxStringS4_b
_ZN13wxXmlResource12FindResourceERK8wxStringS2_b
_ZN13wxXmlResource12LoadAllFilesERK8wxString
_ZN13wxXmlResource12LoadDocumentEP13wxXmlDocumentRK8wxString
_ZN13wxXmlResource13ClearHandlersEv
_ZN13wxXmlResource13DoReportErrorERK8wxStringPK9wxXmlNodeS2_
_ZN13wxXmlResource13FindXRCIDByIdEi
_ZN13wxXmlResource13InsertHandlerEP20wxXmlResourceHandler
_ZN13wxXmlResource14DoLoadDocumentERK13wxXmlDocument
_ZN13wxXmlResource15InitAllHandlersEv
_ZN13wxXmlResource15UpdateResourcesEv
_ZN13wxXmlResource18AddSubclassFactoryEP20wxXmlSubclassFactory
_ZN13wxXmlResource19DoCreateResFromNodeER9wxXmlNodeP8wxObjectS3_P20wxXmlResourceHandler
_ZN13wxXmlResource20AttachUnknownControlERK8wxStringP8wxWindowS4_
_ZN13wxXmlResource20ConvertFileNameToURLERK8wxString
_ZN13wxXmlResource20ms_subclassFactoriesE
_ZN13wxXmlResource3GetEv
_ZN13wxXmlResource3SetEPS_
_ZN13wxXmlResource4LoadERK8wxString
_ZN13wxXmlResource6UnloadERK8wxString
_ZN13wxXmlResource8LoadFileERK10wxFileName
_ZN13wxXmlResource8LoadIconERK8wxString
_ZN13wxXmlResource8LoadMenuERK8wxString
_ZN13wxXmlResource9IsArchiveERK8wxString
_ZN13wxXmlResource9LoadFrameEP7wxFrameP8wxWindowRK8wxString
_ZN13wxXmlResource9LoadFrameEP8wxWindowRK8wxString
_ZN13wxXmlResource9LoadPanelEP7wxPanelP8wxWindowRK8wxString
_ZN13wxXmlResource9LoadPanelEP8wxWindowRK8wxString
_ZN13wxXmlResource9SetDomainERK8wxString
_ZN13wxXmlResourceC1ERK8wxStringiS2_
_ZN13wxXmlResourceC1EiRK8wxString
_ZN13wxXmlResourceC2ERK8wxStringiS2_
_ZN13wxXmlResourceC2EiRK8wxString
_ZN13wxXmlResourceD0Ev
_ZN13wxXmlResourceD1Ev
_ZN13wxXmlResourceD2Ev
_ZN16wxIconXmlHandler12ms_classInfoE
_ZN16wxIconXmlHandler14wxCreateObjectEv
_ZN16wxIconXmlHandler16DoCreateResourceEv
_ZN16wxIconXmlHandler9CanHandleEP9wxXmlNode
_ZN16wxIconXmlHandlerC1Ev
_ZN16wxIconXmlHandlerC2Ev
_ZN16wxMenuXmlHandler12ms_classInfoE
_ZN16wxMenuXmlHandler14wxCreateObjectEv
_ZN16wxMenuXmlHandler16DoCreateResourceEv
_ZN16wxMenuXmlHandler9CanHandleEP9wxXmlNode
_ZN16wxMenuXmlHandlerC1Ev
_ZN16wxMenuXmlHandlerC2Ev
_ZN17wxFrameXmlHandler12ms_classInfoE
_ZN17wxFrameXmlHandler14wxCreateObjectEv
_ZN17wxFrameXmlHandler16DoCreateResourceEv
_ZN17wxFrameXmlHandler9CanHandleEP9wxXmlNode
_ZN17wxFrameXmlHandlerC1Ev
_ZN17wxFrameXmlHandlerC2Ev
_ZN17wxGaugeXmlHandler12ms_classInfoE
_ZN17wxGaugeXmlHandler14wxCreateObjectEv
_ZN17wxGaugeXmlHandler16DoCreateResourceEv
_ZN17wxGaugeXmlHandler9CanHandleEP9wxXmlNode
_ZN17wxGaugeXmlHandlerC1Ev
_ZN17wxGaugeXmlHandlerC2Ev
_ZN17wxPanelXmlHandler12ms_classInfoE
_ZN17wxPanelXmlHandler14wxCreateObjectEv
_ZN17wxPanelXmlHandler16DoCreateResourceEv
_ZN17wxPanelXmlHandler9CanHandleEP9wxXmlNode
_ZN17wxPanelXmlHandlerC1Ev
_ZN17wxPanelXmlHandlerC2Ev
_ZN17wxSizerXmlHandler12AddSizerItemEP11wxSizerItem
_ZN17wxSizerXmlHandler12Handle_sizerEv
_ZN17wxSizerXmlHandler12SetGrowablesEP15wxFlexGridSizerPKwb
_ZN17wxSizerXmlHandler12ms_classInfoE
_ZN17wxSizerXmlHandler13DoCreateSizerERK8wxString
_ZN17wxSizerXmlHandler13GetSizerFlagsEv
_ZN17wxSizerXmlHandler13Handle_spacerEv
_ZN17wxSizerXmlHandler13MakeSizerItemEv
_ZN17wxSizerXmlHandler14wxCreateObjectEv
_ZN17wxSizerXmlHandler15SetFlexibleModeEP15wxFlexGridSizer
_ZN17wxSizerXmlHandler16DoCreateResourceEv
_ZN17wxSizerXmlHandler16Handle_sizeritemEv
_ZN17wxSizerXmlHandler17Handle_wxBoxSizerEv
_ZN17wxSizerXmlHandler18Handle_wxGridSizerEv
_ZN17wxSizerXmlHandler18Handle_wxWrapSizerEv
_ZN17wxSizerXmlHandler21Handle_wxGridBagSizerEv
_ZN17wxSizerXmlHandler22Handle_wxFlexGridSizerEv
_ZN17wxSizerXmlHandler22SetSizerItemAttributesEP11wxSizerItem
_ZN17wxSizerXmlHandler23Handle_wxStaticBoxSizerEv
_ZN17wxSizerXmlHandler25ValidateGridSizerChildrenEv
_ZN17wxSizerXmlHandler8GetGBPosEv
_ZN17wxSizerXmlHandler9CanHandleEP9wxXmlNode
_ZN17wxSizerXmlHandler9GetGBSpanEv
_ZN17wxSizerXmlHandlerC1Ev
_ZN17wxSizerXmlHandlerC2Ev
_ZN18wxBitmapXmlHandler12ms_classInfoE
_ZN18wxBitmapXmlHandler14wxCreateObjectEv
_ZN18wxBitmapXmlHandler16DoCreateResourceEv
_ZN18wxBitmapXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxBitmapXmlHandlerC1Ev
_ZN18wxBitmapXmlHandlerC2Ev
_ZN18wxButtonXmlHandler12ms_classInfoE
_ZN18wxButtonXmlHandler14wxCreateObjectEv
_ZN18wxButtonXmlHandler16DoCreateResourceEv
_ZN18wxButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxButtonXmlHandlerC1Ev
_ZN18wxButtonXmlHandlerC2Ev
_ZN18wxChoiceXmlHandler12ms_classInfoE
_ZN18wxChoiceXmlHandler14wxCreateObjectEv
_ZN18wxChoiceXmlHandler16DoCreateResourceEv
_ZN18wxChoiceXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxChoiceXmlHandlerC1Ev
_ZN18wxChoiceXmlHandlerC2Ev
_ZN18wxDialogXmlHandler12ms_classInfoE
_ZN18wxDialogXmlHandler14wxCreateObjectEv
_ZN18wxDialogXmlHandler16DoCreateResourceEv
_ZN18wxDialogXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxDialogXmlHandlerC1Ev
_ZN18wxDialogXmlHandlerC2Ev
_ZN18wxSliderXmlHandler12ms_classInfoE
_ZN18wxSliderXmlHandler14wxCreateObjectEv
_ZN18wxSliderXmlHandler16DoCreateResourceEv
_ZN18wxSliderXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxSliderXmlHandlerC1Ev
_ZN18wxSliderXmlHandlerC2Ev
_ZN18wxWizardXmlHandler12ms_classInfoE
_ZN18wxWizardXmlHandler14wxCreateObjectEv
_ZN18wxWizardXmlHandler16DoCreateResourceEv
_ZN18wxWizardXmlHandler9CanHandleEP9wxXmlNode
_ZN18wxWizardXmlHandlerC1Ev
_ZN18wxWizardXmlHandlerC2Ev
_ZN19wxInfoBarXmlHandler12ms_classInfoE
_ZN19wxInfoBarXmlHandler13GetShowEffectERK8wxString
_ZN19wxInfoBarXmlHandler14wxCreateObjectEv
_ZN19wxInfoBarXmlHandler16DoCreateResourceEv
_ZN19wxInfoBarXmlHandler9CanHandleEP9wxXmlNode
_ZN19wxInfoBarXmlHandlerC1Ev
_ZN19wxInfoBarXmlHandlerC2Ev
_ZN19wxListBoxXmlHandler12ms_classInfoE
_ZN19wxListBoxXmlHandler14wxCreateObjectEv
_ZN19wxListBoxXmlHandler16DoCreateResourceEv
_ZN19wxListBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN19wxListBoxXmlHandlerC1Ev
_ZN19wxListBoxXmlHandlerC2Ev
_ZN19wxMenuBarXmlHandler12ms_classInfoE
_ZN19wxMenuBarXmlHandler14wxCreateObjectEv
_ZN19wxMenuBarXmlHandler16DoCreateResourceEv
_ZN19wxMenuBarXmlHandler9CanHandleEP9wxXmlNode
_ZN19wxMenuBarXmlHandlerC1Ev
_ZN19wxMenuBarXmlHandlerC2Ev
_ZN19wxToolBarXmlHandler12ms_classInfoE
_ZN19wxToolBarXmlHandler14wxCreateObjectEv
_ZN19wxToolBarXmlHandler16DoCreateResourceEv
_ZN19wxToolBarXmlHandler9CanHandleEP9wxXmlNode
_ZN19wxToolBarXmlHandlerC1Ev
_ZN19wxToolBarXmlHandlerC2Ev
_ZN20wxCheckBoxXmlHandler12ms_classInfoE
_ZN20wxCheckBoxXmlHandler14wxCreateObjectEv
_ZN20wxCheckBoxXmlHandler16DoCreateResourceEv
_ZN20wxCheckBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxCheckBoxXmlHandlerC1Ev
_ZN20wxCheckBoxXmlHandlerC2Ev
_ZN20wxComboBoxXmlHandler12ms_classInfoE
_ZN20wxComboBoxXmlHandler14wxCreateObjectEv
_ZN20wxComboBoxXmlHandler16DoCreateResourceEv
_ZN20wxComboBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxComboBoxXmlHandlerC1Ev
_ZN20wxComboBoxXmlHandlerC2Ev
_ZN20wxFileCtrlXmlHandler12ms_classInfoE
_ZN20wxFileCtrlXmlHandler14wxCreateObjectEv
_ZN20wxFileCtrlXmlHandler16DoCreateResourceEv
_ZN20wxFileCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxFileCtrlXmlHandlerC1Ev
_ZN20wxFileCtrlXmlHandlerC2Ev
_ZN20wxListCtrlXmlHandler12ms_classInfoE
_ZN20wxListCtrlXmlHandler13GetImageIndexEP10wxListCtrli
_ZN20wxListCtrlXmlHandler13HandleListColEv
_ZN20wxListCtrlXmlHandler14HandleListCtrlEv
_ZN20wxListCtrlXmlHandler14HandleListItemEv
_ZN20wxListCtrlXmlHandler14wxCreateObjectEv
_ZN20wxListCtrlXmlHandler16DoCreateResourceEv
_ZN20wxListCtrlXmlHandler21HandleCommonItemAttrsER10wxListItem
_ZN20wxListCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxListCtrlXmlHandlerC1Ev
_ZN20wxListCtrlXmlHandlerC2Ev
_ZN20wxListbookXmlHandler12ms_classInfoE
_ZN20wxListbookXmlHandler14wxCreateObjectEv
_ZN20wxListbookXmlHandler16DoCreateResourceEv
_ZN20wxListbookXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxListbookXmlHandlerC1Ev
_ZN20wxListbookXmlHandlerC2Ev
_ZN20wxNotebookXmlHandler12ms_classInfoE
_ZN20wxNotebookXmlHandler14wxCreateObjectEv
_ZN20wxNotebookXmlHandler16DoCreateResourceEv
_ZN20wxNotebookXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxNotebookXmlHandlerC1Ev
_ZN20wxNotebookXmlHandlerC2Ev
_ZN20wxRadioBoxXmlHandler12ms_classInfoE
_ZN20wxRadioBoxXmlHandler14wxCreateObjectEv
_ZN20wxRadioBoxXmlHandler16DoCreateResourceEv
_ZN20wxRadioBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxRadioBoxXmlHandlerC1Ev
_ZN20wxRadioBoxXmlHandlerC2Ev
_ZN20wxSpinCtrlXmlHandler12ms_classInfoE
_ZN20wxSpinCtrlXmlHandler14wxCreateObjectEv
_ZN20wxSpinCtrlXmlHandler16DoCreateResourceEv
_ZN20wxSpinCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxSpinCtrlXmlHandlerC1Ev
_ZN20wxSpinCtrlXmlHandlerC2Ev
_ZN20wxTextCtrlXmlHandler12ms_classInfoE
_ZN20wxTextCtrlXmlHandler14wxCreateObjectEv
_ZN20wxTextCtrlXmlHandler16DoCreateResourceEv
_ZN20wxTextCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxTextCtrlXmlHandlerC1Ev
_ZN20wxTextCtrlXmlHandlerC2Ev
_ZN20wxToolbookXmlHandler12ms_classInfoE
_ZN20wxToolbookXmlHandler14wxCreateObjectEv
_ZN20wxToolbookXmlHandler16DoCreateResourceEv
_ZN20wxToolbookXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxToolbookXmlHandlerC1Ev
_ZN20wxToolbookXmlHandlerC2Ev
_ZN20wxTreeCtrlXmlHandler12ms_classInfoE
_ZN20wxTreeCtrlXmlHandler14wxCreateObjectEv
_ZN20wxTreeCtrlXmlHandler16DoCreateResourceEv
_ZN20wxTreeCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxTreeCtrlXmlHandlerC1Ev
_ZN20wxTreeCtrlXmlHandlerC2Ev
_ZN20wxTreebookXmlHandler12ms_classInfoE
_ZN20wxTreebookXmlHandler14wxCreateObjectEv
_ZN20wxTreebookXmlHandler16DoCreateResourceEv
_ZN20wxTreebookXmlHandler9CanHandleEP9wxXmlNode
_ZN20wxTreebookXmlHandler9DoAddPageEP14wxBookCtrlBaseyRKN24wxBookCtrlXmlHandlerBase13PageWithAttrsE
_ZN20wxTreebookXmlHandlerC1Ev
_ZN20wxTreebookXmlHandlerC2Ev
_ZN21wxComboCtrlXmlHandler12ms_classInfoE
_ZN21wxComboCtrlXmlHandler14wxCreateObjectEv
_ZN21wxComboCtrlXmlHandler16DoCreateResourceEv
_ZN21wxComboCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN21wxComboCtrlXmlHandlerC1Ev
_ZN21wxComboCtrlXmlHandlerC2Ev
_ZN21wxScrollBarXmlHandler12ms_classInfoE
_ZN21wxScrollBarXmlHandler14wxCreateObjectEv
_ZN21wxScrollBarXmlHandler16DoCreateResourceEv
_ZN21wxScrollBarXmlHandler9CanHandleEP9wxXmlNode
_ZN21wxScrollBarXmlHandlerC1Ev
_ZN21wxScrollBarXmlHandlerC2Ev
_ZN21wxStaticBoxXmlHandler12ms_classInfoE
_ZN21wxStaticBoxXmlHandler14wxCreateObjectEv
_ZN21wxStaticBoxXmlHandler16DoCreateResourceEv
_ZN21wxStaticBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN21wxStaticBoxXmlHandlerC1Ev
_ZN21wxStaticBoxXmlHandlerC2Ev
_ZN21wxStatusBarXmlHandler12ms_classInfoE
_ZN21wxStatusBarXmlHandler14wxCreateObjectEv
_ZN21wxStatusBarXmlHandler16DoCreateResourceEv
_ZN21wxStatusBarXmlHandler9CanHandleEP9wxXmlNode
_ZN21wxStatusBarXmlHandlerC1Ev
_ZN21wxStatusBarXmlHandlerC2Ev
_ZN22wxSimplebookXmlHandler12ms_classInfoE
_ZN22wxSimplebookXmlHandler14wxCreateObjectEv
_ZN22wxSimplebookXmlHandler16DoCreateResourceEv
_ZN22wxSimplebookXmlHandler9CanHandleEP9wxXmlNode
_ZN22wxSimplebookXmlHandlerC1Ev
_ZN22wxSimplebookXmlHandlerC2Ev
_ZN22wxSpinButtonXmlHandler12ms_classInfoE
_ZN22wxSpinButtonXmlHandler14wxCreateObjectEv
_ZN22wxSpinButtonXmlHandler16DoCreateResourceEv
_ZN22wxSpinButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN22wxSpinButtonXmlHandlerC1Ev
_ZN22wxSpinButtonXmlHandlerC2Ev
_ZN22wxStaticLineXmlHandler12ms_classInfoE
_ZN22wxStaticLineXmlHandler14wxCreateObjectEv
_ZN22wxStaticLineXmlHandler16DoCreateResourceEv
_ZN22wxStaticLineXmlHandler9CanHandleEP9wxXmlNode
_ZN22wxStaticLineXmlHandlerC1Ev
_ZN22wxStaticLineXmlHandlerC2Ev
_ZN22wxStaticTextXmlHandler12ms_classInfoE
_ZN22wxStaticTextXmlHandler14wxCreateObjectEv
_ZN22wxStaticTextXmlHandler16DoCreateResourceEv
_ZN22wxStaticTextXmlHandler9CanHandleEP9wxXmlNode
_ZN22wxStaticTextXmlHandlerC1Ev
_ZN22wxStaticTextXmlHandlerC2Ev
_ZN23wxRadioButtonXmlHandler12ms_classInfoE
_ZN23wxRadioButtonXmlHandler14wxCreateObjectEv
_ZN23wxRadioButtonXmlHandler16DoCreateResourceEv
_ZN23wxRadioButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN23wxRadioButtonXmlHandlerC1Ev
_ZN23wxRadioButtonXmlHandlerC2Ev
_ZN24wxBitmapButtonXmlHandler12ms_classInfoE
_ZN24wxBitmapButtonXmlHandler14wxCreateObjectEv
_ZN24wxBitmapButtonXmlHandler16DoCreateResourceEv
_ZN24wxBitmapButtonXmlHandler20SetBitmapIfSpecifiedEP14wxBitmapButtonMS0_FvRK14wxBitmapBundleEPKcS8_
_ZN24wxBitmapButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN24wxBitmapButtonXmlHandlerC1Ev
_ZN24wxBitmapButtonXmlHandlerC2Ev
_ZN24wxBookCtrlXmlHandlerBase12DoCreatePageEP14wxBookCtrlBase
_ZN24wxBookCtrlXmlHandlerBase13DoCreatePagesEP14wxBookCtrlBase
_ZN24wxBookCtrlXmlHandlerBase9DoAddPageEP14wxBookCtrlBaseyRKNS_13PageWithAttrsE
_ZN24wxBookCtrlXmlHandlerBaseC1Ev
_ZN24wxBookCtrlXmlHandlerBaseC2Ev
_ZN24wxBookCtrlXmlHandlerBaseD0Ev
_ZN24wxBookCtrlXmlHandlerBaseD1Ev
_ZN24wxBookCtrlXmlHandlerBaseD2Ev
_ZN24wxCheckListBoxXmlHandler12ms_classInfoE
_ZN24wxCheckListBoxXmlHandler14wxCreateObjectEv
_ZN24wxCheckListBoxXmlHandler16DoCreateResourceEv
_ZN24wxCheckListBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN24wxCheckListBoxXmlHandlerC1Ev
_ZN24wxCheckListBoxXmlHandlerC2Ev
_ZN24wxStaticBitmapXmlHandler12ms_classInfoE
_ZN24wxStaticBitmapXmlHandler14wxCreateObjectEv
_ZN24wxStaticBitmapXmlHandler16DoCreateResourceEv
_ZN24wxStaticBitmapXmlHandler9CanHandleEP9wxXmlNode
_ZN24wxStaticBitmapXmlHandlerC1Ev
_ZN24wxStaticBitmapXmlHandlerC2Ev
_ZN24wxToggleButtonXmlHandler12ms_classInfoE
_ZN24wxToggleButtonXmlHandler14wxCreateObjectEv
_ZN24wxToggleButtonXmlHandler16DoCreateResourceEv
_ZN24wxToggleButtonXmlHandler20DoCreateToggleButtonEP8wxObject
_ZN24wxToggleButtonXmlHandler26DoCreateBitmapToggleButtonEP8wxObject
_ZN24wxToggleButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN24wxToggleButtonXmlHandlerC1Ev
_ZN24wxToggleButtonXmlHandlerC2Ev
_ZN24wxXmlResourceHandlerImpl11GetBoolAttrERK8wxStringb
_ZN24wxXmlResourceHandlerImpl11GetFilePathEPK9wxXmlNode
_ZN24wxXmlResourceHandlerImpl11GetNodeTextEPK9wxXmlNodei
_ZN24wxXmlResourceHandlerImpl11GetPairIntsERK8wxString
_ZN24wxXmlResourceHandlerImpl11GetPositionERK8wxString
_ZN24wxXmlResourceHandlerImpl11ReportErrorEP9wxXmlNodeRK8wxString
_ZN24wxXmlResourceHandlerImpl11ReportErrorERK8wxString
_ZN24wxXmlResourceHandlerImpl11SetupWindowEP8wxWindow
_ZN24wxXmlResourceHandlerImpl12GetAnimationERK8wxStringP19wxAnimationCtrlBase
_ZN24wxXmlResourceHandlerImpl12GetDimensionERK8wxStringiP8wxWindow
_ZN24wxXmlResourceHandlerImpl12GetDirectionERK8wxString11wxDirection
_ZN24wxXmlResourceHandlerImpl12GetImageListERK8wxString
_ZN24wxXmlResourceHandlerImpl12GetParamNodeERK8wxString
_ZN24wxXmlResourceHandlerImpl13GetIconBundleERK8wxStringS2_
_ZN24wxXmlResourceHandlerImpl13GetParamValueEPK9wxXmlNode
_ZN24wxXmlResourceHandlerImpl13GetParamValueERK8wxString
_ZN24wxXmlResourceHandlerImpl14CreateChildrenEP8wxObjectb
_ZN24wxXmlResourceHandlerImpl14CreateResourceEP9wxXmlNodeP8wxObjectS3_
_ZN24wxXmlResourceHandlerImpl14GetNodeContentEPK9wxXmlNode
_ZN24wxXmlResourceHandlerImpl15GetBitmapBundleEPK9wxXmlNodeRK8wxString6wxSize
_ZN24wxXmlResourceHandlerImpl15GetBitmapBundleERK8wxStringS2_6wxSize
_ZN24wxXmlResourceHandlerImpl16GetCurFileSystemEv
_ZN24wxXmlResourceHandlerImpl16ReportParamErrorERK8wxStringS2_
_ZN24wxXmlResourceHandlerImpl17CreateResFromNodeEP9wxXmlNodeP8wxObjectS3_
_ZN24wxXmlResourceHandlerImpl23CreateChildrenPrivatelyEP8wxObjectP9wxXmlNode
_ZN24wxXmlResourceHandlerImpl5GetIDEv
_ZN24wxXmlResourceHandlerImpl7GetBoolERK8wxStringb
_ZN24wxXmlResourceHandlerImpl7GetFontERK8wxStringP8wxWindow
_ZN24wxXmlResourceHandlerImpl7GetIconEPK9wxXmlNodeRK8wxString6wxSize
_ZN24wxXmlResourceHandlerImpl7GetIconERK8wxStringS2_6wxSize
_ZN24wxXmlResourceHandlerImpl7GetLongERK8wxStringl
_ZN24wxXmlResourceHandlerImpl7GetNameEv
_ZN24wxXmlResourceHandlerImpl7GetSizeERK8wxStringP8wxWindow
_ZN24wxXmlResourceHandlerImpl8GetFloatERK8wxStringf
_ZN24wxXmlResourceHandlerImpl8GetStyleERK8wxStringi
_ZN24wxXmlResourceHandlerImpl8HasParamERK8wxString
_ZN24wxXmlResourceHandlerImpl9GetBitmapEPK9wxXmlNodeRK8wxString6wxSize
_ZN24wxXmlResourceHandlerImpl9GetBitmapERK8wxStringS2_6wxSize
_ZN24wxXmlResourceHandlerImpl9GetColourERK8wxStringRK8wxColour
_ZN24wxXmlResourceHandlerImplC1EP20wxXmlResourceHandler
_ZN24wxXmlResourceHandlerImplC2EP20wxXmlResourceHandler
_ZN25wxAnimationCtrlXmlHandler12ms_classInfoE
_ZN25wxAnimationCtrlXmlHandler14wxCreateObjectEv
_ZN25wxAnimationCtrlXmlHandler16DoCreateResourceEv
_ZN25wxAnimationCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN25wxAnimationCtrlXmlHandlerC1Ev
_ZN25wxAnimationCtrlXmlHandlerC2Ev
_ZN25wxDirPickerCtrlXmlHandler12ms_classInfoE
_ZN25wxDirPickerCtrlXmlHandler14wxCreateObjectEv
_ZN25wxDirPickerCtrlXmlHandler16DoCreateResourceEv
_ZN25wxDirPickerCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN25wxDirPickerCtrlXmlHandlerC1Ev
_ZN25wxDirPickerCtrlXmlHandlerC2Ev
_ZN25wxHyperlinkCtrlXmlHandler12ms_classInfoE
_ZN25wxHyperlinkCtrlXmlHandler14wxCreateObjectEv
_ZN25wxHyperlinkCtrlXmlHandler16DoCreateResourceEv
_ZN25wxHyperlinkCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN25wxHyperlinkCtrlXmlHandlerC1Ev
_ZN25wxHyperlinkCtrlXmlHandlerC2Ev
_ZN25wxUnknownWidgetXmlHandler12ms_classInfoE
_ZN25wxUnknownWidgetXmlHandler14wxCreateObjectEv
_ZN25wxUnknownWidgetXmlHandler16DoCreateResourceEv
_ZN25wxUnknownWidgetXmlHandler9CanHandleEP9wxXmlNode
_ZN25wxUnknownWidgetXmlHandlerC1Ev
_ZN25wxUnknownWidgetXmlHandlerC2Ev
_ZN26wxBitmapComboBoxXmlHandler12ms_classInfoE
_ZN26wxBitmapComboBoxXmlHandler14wxCreateObjectEv
_ZN26wxBitmapComboBoxXmlHandler16DoCreateResourceEv
_ZN26wxBitmapComboBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxBitmapComboBoxXmlHandlerC1Ev
_ZN26wxBitmapComboBoxXmlHandlerC2Ev
_ZN26wxFilePickerCtrlXmlHandler12ms_classInfoE
_ZN26wxFilePickerCtrlXmlHandler14wxCreateObjectEv
_ZN26wxFilePickerCtrlXmlHandler16DoCreateResourceEv
_ZN26wxFilePickerCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxFilePickerCtrlXmlHandlerC1Ev
_ZN26wxFilePickerCtrlXmlHandlerC2Ev
_ZN26wxGenericDirCtrlXmlHandler12ms_classInfoE
_ZN26wxGenericDirCtrlXmlHandler14wxCreateObjectEv
_ZN26wxGenericDirCtrlXmlHandler16DoCreateResourceEv
_ZN26wxGenericDirCtrlXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxGenericDirCtrlXmlHandlerC1Ev
_ZN26wxGenericDirCtrlXmlHandlerC2Ev
_ZN26wxScrolledWindowXmlHandler12ms_classInfoE
_ZN26wxScrolledWindowXmlHandler14wxCreateObjectEv
_ZN26wxScrolledWindowXmlHandler16DoCreateResourceEv
_ZN26wxScrolledWindowXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxScrolledWindowXmlHandlerC1Ev
_ZN26wxScrolledWindowXmlHandlerC2Ev
_ZN26wxSpinCtrlDoubleXmlHandler12ms_classInfoE
_ZN26wxSpinCtrlDoubleXmlHandler14wxCreateObjectEv
_ZN26wxSpinCtrlDoubleXmlHandler16DoCreateResourceEv
_ZN26wxSpinCtrlDoubleXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxSpinCtrlDoubleXmlHandlerC1Ev
_ZN26wxSpinCtrlDoubleXmlHandlerC2Ev
_ZN26wxSplitterWindowXmlHandler12ms_classInfoE
_ZN26wxSplitterWindowXmlHandler14wxCreateObjectEv
_ZN26wxSplitterWindowXmlHandler16DoCreateResourceEv
_ZN26wxSplitterWindowXmlHandler9CanHandleEP9wxXmlNode
_ZN26wxSplitterWindowXmlHandlerC1Ev
_ZN26wxSplitterWindowXmlHandlerC2Ev
_ZN27wxCollapsiblePaneXmlHandler12ms_classInfoE
_ZN27wxCollapsiblePaneXmlHandler14wxCreateObjectEv
_ZN27wxCollapsiblePaneXmlHandler16DoCreateResourceEv
_ZN27wxCollapsiblePaneXmlHandler9CanHandleEP9wxXmlNode
_ZN27wxCollapsiblePaneXmlHandlerC1Ev
_ZN27wxCollapsiblePaneXmlHandlerC2Ev
_ZN27wxEditableListBoxXmlHandler12ms_classInfoE
_ZN27wxEditableListBoxXmlHandler14wxCreateObjectEv
_ZN27wxEditableListBoxXmlHandler16DoCreateResourceEv
_ZN27wxEditableListBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN27wxEditableListBoxXmlHandlerC1Ev
_ZN27wxEditableListBoxXmlHandlerC2Ev
_ZN29wxActivityIndicatorXmlHandler12ms_classInfoE
_ZN29wxActivityIndicatorXmlHandler14wxCreateObjectEv
_ZN29wxActivityIndicatorXmlHandler16DoCreateResourceEv
_ZN29wxActivityIndicatorXmlHandler9CanHandleEP9wxXmlNode
_ZN29wxActivityIndicatorXmlHandlerC1Ev
_ZN29wxActivityIndicatorXmlHandlerC2Ev
_ZN29wxCommandLinkButtonXmlHandler12ms_classInfoE
_ZN29wxCommandLinkButtonXmlHandler14wxCreateObjectEv
_ZN29wxCommandLinkButtonXmlHandler16DoCreateResourceEv
_ZN29wxCommandLinkButtonXmlHandler9CanHandleEP9wxXmlNode
_ZN29wxCommandLinkButtonXmlHandlerC1Ev
_ZN29wxCommandLinkButtonXmlHandlerC2Ev
_ZN30wxOwnerDrawnComboBoxXmlHandler12ms_classInfoE
_ZN30wxOwnerDrawnComboBoxXmlHandler14wxCreateObjectEv
_ZN30wxOwnerDrawnComboBoxXmlHandler16DoCreateResourceEv
_ZN30wxOwnerDrawnComboBoxXmlHandler9CanHandleEP9wxXmlNode
_ZN30wxOwnerDrawnComboBoxXmlHandlerC1Ev
_ZN30wxOwnerDrawnComboBoxXmlHandlerC2Ev
_ZN31wxPropertySheetDialogXmlHandler12ms_classInfoE
_ZN31wxPropertySheetDialogXmlHandler14wxCreateObjectEv
_ZN31wxPropertySheetDialogXmlHandler16DoCreateResourceEv
_ZN31wxPropertySheetDialogXmlHandler9CanHandleEP9wxXmlNode
_ZN31wxPropertySheetDialogXmlHandlerC1Ev
_ZN31wxPropertySheetDialogXmlHandlerC2Ev
_ZN32wxStdDialogButtonSizerXmlHandler12ms_classInfoE
_ZN32wxStdDialogButtonSizerXmlHandler14wxCreateObjectEv
_ZN32wxStdDialogButtonSizerXmlHandler16DoCreateResourceEv
_ZN32wxStdDialogButtonSizerXmlHandler9CanHandleEP9wxXmlNode
_ZN32wxStdDialogButtonSizerXmlHandlerC1Ev
_ZN32wxStdDialogButtonSizerXmlHandlerC2Ev
_ZNK13wxXmlResource14DoFindResourceEP9wxXmlNodeRK8wxStringS4_b
_ZNK13wxXmlResource26GetResourceNodeAndLocationERK8wxStringS2_bPS0_
_ZNK16wxIconXmlHandler12GetClassInfoEv
_ZNK16wxMenuXmlHandler12GetClassInfoEv
_ZNK17wxFrameXmlHandler12GetClassInfoEv
_ZNK17wxGaugeXmlHandler12GetClassInfoEv
_ZNK17wxPanelXmlHandler12GetClassInfoEv
_ZNK17wxSizerXmlHandler11IsSizerNodeEP9wxXmlNode
_ZNK17wxSizerXmlHandler12GetClassInfoEv
_ZNK18wxBitmapXmlHandler12GetClassInfoEv
_ZNK18wxButtonXmlHandler12GetClassInfoEv
_ZNK18wxChoiceXmlHandler12GetClassInfoEv
_ZNK18wxDialogXmlHandler12GetClassInfoEv
_ZNK18wxSliderXmlHandler12GetClassInfoEv
_ZNK18wxWizardXmlHandler12GetClassInfoEv
_ZNK19wxInfoBarXmlHandler12GetClassInfoEv
_ZNK19wxListBoxXmlHandler12GetClassInfoEv
_ZNK19wxMenuBarXmlHandler12GetClassInfoEv
_ZNK19wxToolBarXmlHandler12GetClassInfoEv
_ZNK20wxCheckBoxXmlHandler12GetClassInfoEv
_ZNK20wxComboBoxXmlHandler12GetClassInfoEv
_ZNK20wxFileCtrlXmlHandler12GetClassInfoEv
_ZNK20wxListCtrlXmlHandler12GetClassInfoEv
_ZNK20wxListbookXmlHandler12GetClassInfoEv
_ZNK20wxNotebookXmlHandler12GetClassInfoEv
_ZNK20wxRadioBoxXmlHandler12GetClassInfoEv

Sections

.text
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

39d5c04458acdb2fecb1fc360743ee8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 7.0MB - Virtual size: 7.0MB

.rdata Size: 7.7MB - Virtual size: 7.7MB

.data Size: 419KB - Virtual size: 622KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 407KB - Virtual size: 406KB

.symtab Size: 512B - Virtual size: 4B

.rsrc Size: 15KB - Virtual size: 15KB

7ff2109eb5928c63ce5604b079145da9

Code Sign

33:00:00:01:bb:34:d5:ee:69:78:e6:94:db:00:00:00:00:01:bbCertificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

90:b8:d7:9c:bf:57:62:e0:64:47:90:ad:16:c3:0f:7e:37:40:eb:ef:7d:e4:7c:0b:57:2a:da:e2:88:4e:01:53Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-libraryloader-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-delayload-l1-1-0

api-ms-win-core-delayload-l1-1-1

Exports

Exports

Sections

.text Size: 457KB - Virtual size: 457KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 6KB - Virtual size: 6KB

.didat Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 19KB - Virtual size: 18KB

586bfc2187d979f718ae10cff575f58c

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4Certificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

61:a5:c5:24:d9:5b:a6:41:cc:44:87:10:17:bd:c3:28:fd:3a:60:f7:29:f0:da:56:99:ce:f8:0a:69:5d:04:99Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

.text
Size: 7.0MB - Virtual size: 7.0MB

.rdata
Size: 7.7MB - Virtual size: 7.7MB

.data
Size: 419KB - Virtual size: 622KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 407KB - Virtual size: 406KB

.symtab
Size: 512B - Virtual size: 4B

.rsrc
Size: 15KB - Virtual size: 15KB

33:00:00:01:bb:34:d5:ee:69:78:e6:94:db:00:00:00:00:01:bb
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

90:b8:d7:9c:bf:57:62:e0:64:47:90:ad:16:c3:0f:7e:37:40:eb:ef:7d:e4:7c:0b:57:2a:da:e2:88:4e:01:53
Signer

.text
Size: 457KB - Virtual size: 457KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 6KB - Virtual size: 6KB

.didat
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 19KB - Virtual size: 18KB

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

61:a5:c5:24:d9:5b:a6:41:cc:44:87:10:17:bd:c3:28:fd:3a:60:f7:29:f0:da:56:99:ce:f8:0a:69:5d:04:99
Signer

.text
Size: 327KB - Virtual size: 327KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 1KB - Virtual size: 1KB

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

92:da:be:ac:e6:05:9c:e0:1a:3f:2b:76:de:aa:8c:2e:d1:50:2b:87:97:6c:51:59:72:af:54:8b:0c:6b:29:8f
Signer