62abc098-8ff2-4c69-87c4-08b483bb0918_dd977cd23f0e55c9bd3a3793ae108410c92ccb4c[.]cab

Sharing

Copy URL Twitter E-mail

General

Target

62abc098-8ff2-4c69-87c4-08b483bb0918_dd977cd23f0e55c9bd3a3793ae108410c92ccb4c.cab
Size

4.5MB
MD5

c163b564a22cddb2435b178d50414b28
SHA1

dd977cd23f0e55c9bd3a3793ae108410c92ccb4c
SHA256

7a3ddde0b52cc724afe82bc0bca9965c7454ae6b02a5396727c9f628e3e4a8e0
SHA512

53016f68a70556a35eab200f577ea7cba73833590b95aa6df89304c384ae1e5fd6580adffd9e387765a7d014284e012d48972f3e42d3b031b4c9b584a61884d1
SSDEEP

98304:WO/wuPIfYAJwTZ2ULtUXaclbuuhSP7eD0gWWGemrzaS6nekHAE0beP7/:WwtDUXacfSi0BemrzE/N0beP7/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ETDAniConf.exe

Files

62abc098-8ff2-4c69-87c4-08b483bb0918_dd977cd23f0e55c9bd3a3793ae108410c92ccb4c.cab
.cab
ETDApix.dll
.dll windows:6 windows x64 arch:x64

5d27e8b5f862b2d93f20c38f2571dd98

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19
Signer

Actual PE Digest

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19

Digest Algorithm

sha256

PE Digest Matches

true

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19
Signer

Actual PE Digest

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\CWin7data\Fujitsu\Feather\NID Source\PTP_Filter_SRC_14.11.4.3\ETD13\ETDApix_VS2010\x64\Release\ETDApix.pdb

Imports

kernel32

WriteFile
GetCurrentProcess
GetFileAttributesExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
LCMapStringW
GetTimeZoneInformation
GetDriveTypeW
GetStringTypeW
GetFileType
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
CreateFileW
DeleteFileW
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
GetCurrentThread
FormatMessageW
LocalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
Module32NextW
Module32FirstW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Sleep
CloseHandle
SetEvent
OpenEventW
GetUserDefaultUILanguage
GetModuleHandleW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource

user32

DestroyMenu
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
RealChildWindowFromPoint
ClientToScreen
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
SetWindowTextW
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropW
GetPropW
RegisterWindowMessageW
FindWindowW
PostMessageW
GetSystemMetrics
SetPropW
RedrawWindow
EndPaint
BeginPaint
UpdateWindow
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
KillTimer
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowTextW
GetClassNameW
GetWindowLongW
SendMessageW
CharUpperW
GetDesktopWindow
GetWindowRect
SetForegroundWindow
SetTimer
LockWorkStation
PostMessageA
GetForegroundWindow
GetWindow
GetParent
GetCursorPos
GetScrollInfo
SetScrollInfo
FindWindowExW
GetWindowThreadProcessId
CallNextHookEx
SendInput
EnumWindows
IsWindowVisible
GetShellWindow
EqualRect
UnregisterClassW
SetFocus
GetTopWindow
GetClientRect
SetRectEmpty
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetScrollPos
GetLastActivePopup
MessageBoxW
IsWindowEnabled
EnableWindow
SetCursor
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
OffsetRect
GetSubMenu
GetMenuItemID
PostQuitMessage
GetMenuItemCount

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
ExtTextOutW
TextOutW
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
DeleteObject

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHAppBarMessage
ShellExecuteW
ShellExecuteExW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoCreateGuid

oleaut32

SysAllocString
GetActiveObject
VariantClear
VariantChangeType
SysStringLen
VariantInit
SysFreeString
CreateErrorInfo
GetErrorInfo
SysAllocStringByteLen

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

CanFind
FindAcerRing
FindAcerRingWithEdge
GetHotKeyMapList
IsAt
IsAtMetroUI
ProcessMessage
SetGestureWindow
SetHookFlag
SetHwnd
SetKBHookEx
SetMouseHookEx
UnKBHookEx
UnMouseHookEx
UpdateApixData

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.my_shar
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDCmds.dll
.dll windows:6 windows x64 arch:x64

4aae734df0fc76e2270b37080951103a

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8
Signer

Actual PE Digest

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8

Digest Algorithm

sha256

PE Digest Matches

true

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8
Signer

Actual PE Digest

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\DriverProject\_Fujitsu\Feather\Source\ETD13_DCHU_28\ETDCmds\x64\Release\ETDCmds.pdb

Imports

kernel32

GetCurrentProcess
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
GetConsoleMode
WriteFile
SetStdHandle
GetStringTypeW
SetFilePointerEx
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
FileTimeToSystemTime
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
CreateEventW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
GetCurrentThread
FormatMessageW
LocalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameW
Module32NextW
Module32FirstW
GetVersionExW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetLocalTime
DeviceIoControl
CreateFileW
CloseHandle
GetSystemDefaultLangID
FindResourceW
LoadResource
LockResource
GetConsoleOutputCP
SizeofResource

user32

ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
UnhookWindowsHookEx
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
ClientToScreen
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetScrollPos
GetWindowTextW
GetClassNameW
GetWindow
GetWindowLongW
GetLastActivePopup
MessageBoxW
IsWindowEnabled
EnableWindow
SetCursor
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
SetWindowTextW
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorW
GetDlgCtrlID
SystemParametersInfoW
GetDesktopWindow
GetWindowRect
GetCursorPos
GetSystemMetrics
FindWindowExW
GetWindowThreadProcessId
GetParent
GetForegroundWindow
UnregisterClassW
GetClientRect
SetRectEmpty
OffsetRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostMessageW
PostQuitMessage
SendMessageW
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
CharUpperW
DestroyMenu
GetMessageW
TranslateMessage
CallWindowProcW

gdi32

Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
DeleteDC

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

APOptimizeToKernel
AutoScrollStop
CheckAndUpdateKernelPortEnableStatus
CreateETDGestureEventToKernel
CreateETDMessageEventToKernel
CreateETDMultiGestureEventToKernel
CreateETDPSTGestureEventToKernel
CreateETDTrayIconEventToKernel
DisableWhenType
DisableWhenUSBMouse
DispatchCreate
DoingDiscardPacketWhenHotkeyEnable
ForceEnableStatus
GetAPGestureList
GetAPOptimize
GetAccumulateScrollData
GetDebugData
GetDriverOption
GetETDGestureEventData
GetETDMultiGestureEventData
GetETDPSTGestureEventData
GetEventParameters
GetFWInformation
GetFingerDeltaAndCount
GetGrabData
GetHIDMouseIgnore
GetPSTUIDisplay
GetTouchPadUIDisplay
GetTouchScrollStopFlag
GetXYMax
GroupOption
HIDDevicePlugInOut
KernelHookOption
MomentumStrikeScreenEdge
NoDeviceClearRegConnect
NotifyEnable
NotifyKernelCtrlIsSent
OneTimeScrollTriger
ReInitial
SelectionUpdateRegistry
SendScreenInfoToKernel
SetCheckTPStatus
SetStandardKernelButtonTapData
SetSuspendEnablePort
SetTouchFlag
SetTouchScrollStopFlag
SmartMotionSlowDown
SwapButton
SwitchToStandard
UpdateDeviceParameter
UpdateDriverOption
UpdateFiveButtonAreaValue
UpdatePSTDisplay
UpdateRegistry
UpdateSmartPadDisplay
UpdateStatus
WriteDefaultRegistry
WriteKBCCommand

Sections

.text
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDCtrl.exe
.exe windows:6 windows x64 arch:x64

98363ec33d39849998a2be139389d39b

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c
Signer

Actual PE Digest

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c

Digest Algorithm

sha256

PE Digest Matches

true

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c
Signer

Actual PE Digest

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\DriverProject\_Fujitsu\Feather\Source\ETD13_DCHU_28\ETDCtrl\x64\Release\ETDCtrl.pdb

Imports

kernel32

SetErrorMode
GetFileAttributesExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetDriveTypeW
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
ExitProcess
GetStdHandle
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
RtlPcToFileHeader
OutputDebugStringW
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
CompareStringW
GlobalFindAtomW
EncodePointer
FormatMessageW
MulDiv
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
ResumeThread
SuspendThread
SetThreadPriority
GlobalFree
GlobalUnlock
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetCurrentThreadId
GetCurrentThread
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
GetProcessHeap
DecodePointer
RtlUnwindEx
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
lstrlenW
ExpandEnvironmentStringsW
GetVersionExW
GetSystemDirectoryW
WaitForSingleObject
LocalFree
CreateEventW
SetCurrentDirectoryW
MultiByteToWideChar
GetLastError
ResetEvent
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
DeleteCriticalSection
SetEvent
OpenEventW
GetWindowsDirectoryW
GetProcAddress
WTSGetActiveConsoleSessionId
CloseHandle
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
Sleep
InitializeCriticalSection
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
SetPriorityClass
CreateMutexW
OpenMutexW
LoadLibraryW
WriteConsoleW
WriteFile

user32

CharUpperW
GetSysColorBrush
InvalidateRect
RealChildWindowFromPoint
IsDialogMessageW
SetWindowTextW
ShowWindow
DestroyMenu
ClientToScreen
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
WinHelpW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
EndPaint
BeginPaint
UpdateWindow
TrackPopupMenu
SetMenu
RegisterWindowMessageW
LoadIconW
LoadCursorW
SetTimer
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
UnhookWindowsHookEx
GetMenuItemCount
GetMenuItemID
GetSysColor
IsIconic
SendMessageW
GetSystemMetrics
GetClientRect
DrawIcon
LoadMenuW
GetSubMenu
GetCursorPos
SetForegroundWindow
ModifyMenuW
CheckMenuItem
RemoveMenu
DrawMenuBar
MessageBoxW
KillTimer
FindWindowW
GetWindowThreadProcessId
GetWindowTextW
PostMessageW
IsWindowVisible
OpenInputDesktop
CloseDesktop
GetClassNameW
GetWindowLongW
GetDlgItem
EnumDisplaySettingsW
GetDisplayConfigBufferSizes
WindowFromPoint
GetAncestor
GetForegroundWindow
GetTopWindow
GetDesktopWindow
GetWindow
GetLastActivePopup
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
GetFocus
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
PostQuitMessage
GetParent
OffsetRect
SetRectEmpty
SendDlgItemMessageA
UnregisterClassW
SetLayeredWindowAttributes
LoadBitmapW
SetCursor
MoveWindow
GetWindowDC
EnableWindow
QueryDisplayConfig
GetMonitorInfoW
MonitorFromWindow
DisplayConfigGetDeviceInfo
SystemParametersInfoW
UnregisterDeviceNotification
GetWindowRect
SetWindowPos
SwitchToThisWindow
FindWindowExW
RegisterDeviceNotificationW

gdi32

ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
GetDeviceCaps
SetBkColor
SetTextColor
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteObject
GetObjectW
GetPixel
CreateSolidBrush
CreateCompatibleDC
BitBlt
DeleteDC
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryInfoKeyW
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumValueW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
FreeSid
OpenProcessToken
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
RegNotifyChangeKeyValue
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW
Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrStrIW

ole32

CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
SysFreeString

wtsapi32

WTSRegisterSessionNotification

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDCtrlHelper.exe
.exe windows:6 windows x64 arch:x64

fa3153e8dfce813f9700b5a9bd4c9819

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:3c:d8:30:d8:1c:5f:da:f6:47:cd:26:7c:bd:e8:2c:46:2d:07:94:bf:f0:e9:9b:92:21:a6:d5:39:34:91:fc
Signer

Actual PE Digest

11:3c:d8:30:d8:1c:5f:da:f6:47:cd:26:7c:bd:e8:2c:46:2d:07:94:bf:f0:e9:9b:92:21:a6:d5:39:34:91:fc

Digest Algorithm

sha256

PE Digest Matches

true

11:3c:d8:30:d8:1c:5f:da:f6:47:cd:26:7c:bd:e8:2c:46:2d:07:94:bf:f0:e9:9b:92:21:a6:d5:39:34:91:fc
Signer

Actual PE Digest

11:3c:d8:30:d8:1c:5f:da:f6:47:cd:26:7c:bd:e8:2c:46:2d:07:94:bf:f0:e9:9b:92:21:a6:d5:39:34:91:fc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\CWin7data\Fujitsu\Feather\NID Source\PTP_Filter_SRC_14.11.4.3\ETD13_DCHU_28\ETDCtrlHelper\x64\Release\ETDCtrlHelper.pdb

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetFileType
ExitProcess
GetStdHandle
HeapQueryInformation
GetCommandLineW
GetCommandLineA
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
FileTimeToSystemTime
WriteFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
FormatMessageW
LocalFree
MulDiv
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
CreateEventW
SetEvent
CloseHandle
GlobalFree
GlobalUnlock
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
VerifyVersionInfoW
WriteConsoleW
VerSetConditionMask
GetCurrentProcess
SetPriorityClass
CreateMutexW
OpenMutexW

user32

GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
IsChild
IsMenu
GetWindow
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
GetMenuItemCount
GetMenuItemID
GetSubMenu
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
RegisterWindowMessageW
LoadIconW
IsIconic
SendMessageW
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
CallNextHookEx
SetWindowsHookExW
GetCursorPos
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
ValidateRect
GetKeyState
CreateWindowExW
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
PostMessageW
PostQuitMessage
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowTextW
IsDialogMessageW
RealChildWindowFromPoint
SetTimer
InvalidateRect
GetSysColorBrush
LoadCursorW
CharUpperW
GetSysColor
PeekMessageW
IsWindowVisible
DestroyMenu
ScreenToClient
KillTimer

gdi32

GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkColor
SetMapMode
SetTextColor
GetObjectW
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetDeviceCaps
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDFavorite.dll
.dll windows:6 windows x64 arch:x64

a9dc157a13d0e2bdcbe163011a21ac0e

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5b:e8:f9:57:20:cf:ef:47:5f:9a:75:25:ed:ab:f6:6f:f4:00:21:ad:3c:9b:13:fc:fa:01:44:72:2d:52:1c:7e
Signer

Actual PE Digest

5b:e8:f9:57:20:cf:ef:47:5f:9a:75:25:ed:ab:f6:6f:f4:00:21:ad:3c:9b:13:fc:fa:01:44:72:2d:52:1c:7e

Digest Algorithm

sha256

PE Digest Matches

true

5b:e8:f9:57:20:cf:ef:47:5f:9a:75:25:ed:ab:f6:6f:f4:00:21:ad:3c:9b:13:fc:fa:01:44:72:2d:52:1c:7e
Signer

Actual PE Digest

5b:e8:f9:57:20:cf:ef:47:5f:9a:75:25:ed:ab:f6:6f:f4:00:21:ad:3c:9b:13:fc:fa:01:44:72:2d:52:1c:7e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\CWin7data\Fujitsu\Feather\NID Source\PTP_Filter_SRC_14.11.4.3\ETD13_DCHU_28\ETDFavorite\x64\Release\ETDFavorite.pdb

Imports

kernel32

GetFileAttributesExW
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetStringTypeW
GetTimeZoneInformation
GetDriveTypeW
LCMapStringW
GetFileType
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
WriteFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
GlobalFindAtomW
GlobalAddAtomW
GetProcAddress
GetModuleHandleW
GetSystemDirectoryW
EncodePointer
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
SetEvent
OpenEventW
GetWindowsDirectoryW
GetCurrentProcess
SetPriorityClass
CreateMutexW
MultiByteToWideChar
WriteConsoleW
FindResourceW
LoadResource
LockResource
SizeofResource
SetCurrentDirectoryW
CloseHandle
OpenMutexW

user32

ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsIconic
GetMenuCheckMarkDimensions
EndDeferWindowPos
DeferWindowPos
GetCursorPos
GetWindow
InvalidateRect
SendMessageW
BeginDeferWindowPos
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
SetTimer
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
SetCursor
GetWindowThreadProcessId
RegisterWindowMessageW
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
SetWindowTextW
IsDialogMessageW
CheckMenuItem
EnableMenuItem
SetForegroundWindow
SetMenuItemBitmaps
KillTimer
EnableWindow
GetDesktopWindow
GetDC
GetSystemMetrics
GetSysColor
CopyRect
SetRect
OffsetRect
DrawFocusRect
DrawStateW
DestroyIcon
GetMessagePos
ScreenToClient
UnregisterClassW
SendDlgItemMessageA
GetClientRect
SetRectEmpty
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostMessageW
PostQuitMessage
IsWindow
DestroyWindow
CreateDialogIndirectParamW
ReleaseDC
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
ClientToScreen
GetSysColorBrush
LoadCursorW
RealChildWindowFromPoint
CharUpperW
DestroyMenu
IsWindowVisible
EndDialog
GetDlgItem
GetNextDlgTabItem

gdi32

GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetBkMode
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
Escape
DeleteObject
DeleteDC
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW

comctl32

ImageList_SetImageCount
ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetIcon

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CoInitializeEx

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

Exports

Exports

FavoriteRun
FavoriteSetting
FavoriteShow
SetFavoriteHWnd

Sections

.text
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDI2C.inf
ETDI2C.sys
.sys windows:10 windows x64 arch:x64

33b5cea57fb3f84b6c67c3dd3ad47641

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:9a:48:b6:b6:fb:bf:8e:fe:a1:eb:57:80:cf:3e:55:1f:1b:c3:1a:d7:84:55:07:ce:ba:ec:f7:16:0a:37:52
Signer

Actual PE Digest

fd:9a:48:b6:b6:fb:bf:8e:fe:a1:eb:57:80:cf:3e:55:1f:1b:c3:1a:d7:84:55:07:ce:ba:ec:f7:16:0a:37:52

Digest Algorithm

sha256

PE Digest Matches

true

fd:9a:48:b6:b6:fb:bf:8e:fe:a1:eb:57:80:cf:3e:55:1f:1b:c3:1a:d7:84:55:07:ce:ba:ec:f7:16:0a:37:52
Signer

Actual PE Digest

fd:9a:48:b6:b6:fb:bf:8e:fe:a1:eb:57:80:cf:3e:55:1f:1b:c3:1a:d7:84:55:07:ce:ba:ec:f7:16:0a:37:52

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\DriverProject\_Fujitsu\Feather\Source\ETD13_DCHU_28\ETDI2CSys\x64\Release\ETDI2C.pdb

Imports

hidparse.sys

HidP_GetCaps

ntoskrnl.exe

IoAllocateWorkItem
KeGetCurrentIrql
PoUnregisterPowerSettingCallback
IoQueueWorkItem
KeSetTimer
RtlWriteRegistryValue
RtlInitUnicodeString
KeReleaseMutex
RtlQueryRegistryValues
KeCancelTimer
MmGetSystemRoutineAddress
KeWaitForSingleObject
KeAcquireSpinLockRaiseToDpc
KeInitializeDpc
IoDetachDevice
RtlEqualUnicodeString
KeInitializeMutex
PoRegisterPowerSettingCallback
ExRegisterCallback
ObfDereferenceObject
ExCreateCallback
KeInitializeSpinLock
IoDeleteDevice
KeInitializeTimer
IoAttachDeviceToDeviceStack
KeReleaseSpinLock
KeInsertQueueDpc
RtlGetVersion
IoGetDeviceProperty
ExNotifyCallback
IoCreateDevice
IofCallDriver
KeInitializeEvent
IofCompleteRequest
IoCreateSymbolicLink
RtlTimeToTimeFields
IoBuildDeviceIoControlRequest
ExSystemTimeToLocalTime
ExAllocatePoolWithTag
ExFreePoolWithTag
MmMapLockedPagesSpecifyCache
KeReadStateEvent
KeClearEvent
IoCreateNotificationEvent
IoDeleteSymbolicLink
ObfReferenceObject
ZwClose
ExUnregisterCallback
PoCallDriver
PoStartNextPowerIrp
IoGetDeviceObjectPointer
IoReleaseCancelSpinLock
IoFreeWorkItem
ZwSetValueKey
ZwOpenKey
KeDelayExecutionThread
KeSetEvent
__chkstk

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 885B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETDService.exe
.exe windows:6 windows x64 arch:x64

f6c287b2a3c5412ee375faaa00c508f2

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:74:9f:a0:bb:11:62:98:8c:8f:87:97:53:94:02:51:19:7f:06:5a:a8:27:4f:20:ab:7c:21:9e:b9:fb:2a:69
Signer

Actual PE Digest

a9:74:9f:a0:bb:11:62:98:8c:8f:87:97:53:94:02:51:19:7f:06:5a:a8:27:4f:20:ab:7c:21:9e:b9:fb:2a:69

Digest Algorithm

sha256

PE Digest Matches

true

a9:74:9f:a0:bb:11:62:98:8c:8f:87:97:53:94:02:51:19:7f:06:5a:a8:27:4f:20:ab:7c:21:9e:b9:fb:2a:69
Signer

Actual PE Digest

a9:74:9f:a0:bb:11:62:98:8c:8f:87:97:53:94:02:51:19:7f:06:5a:a8:27:4f:20:ab:7c:21:9e:b9:fb:2a:69

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\CWin7data\Fujitsu\Feather\NID Source\PTP_Filter_SRC_14.11.4.3\ETD13_DCHU_28\ETDService\x64\Release\ETDService.pdb

Imports

kernel32

SetEvent
DeleteFileW
Process32FirstW
ResetEvent
GetCurrentDirectoryW
LocalFree
WTSGetActiveConsoleSessionId
GetExitCodeProcess
OutputDebugStringA
GetModuleFileNameW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
OutputDebugStringW
Process32NextW
Sleep
ProcessIdToSessionId
MultiByteToWideChar
CreateEventW
CreateToolhelp32Snapshot
QueueUserWorkItem
OpenProcess
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
GetCurrentProcess
FindNextFileW
SetLastError
FindFirstFileW
FindResourceW
LoadResource
FindResourceExW
LockResource
lstrlenW
SizeofResource
GetTickCount
GetProcessHeap
DeleteCriticalSection
HeapDestroy
HeapAlloc
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
CreateThread
LCMapStringW
CompareStringW
GetACP
GetCommandLineW
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
CloseHandle
CreateFileW
DeviceIoControl
GetCommandLineA
WriteFile
ExitProcess
WriteConsoleW
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObjectEx
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwindEx
WideCharToMultiByte
GetStdHandle
GetFileType
GetModuleHandleExW

user32

UnregisterDeviceNotification
RegisterDeviceNotificationW
EnumDisplaySettingsW
FindWindowW

advapi32

DuplicateTokenEx
CreateProcessAsUserW
RegOpenKeyExW
FreeSid
OpenProcessToken
RegSetValueExW
RegDeleteTreeW
SetNamedSecurityInfoW
CreateServiceW
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
DeleteService
ControlService
OpenServiceW
RegisterServiceCtrlHandlerExW
SetServiceStatus
StartServiceCtrlDispatcherW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
SetTokenInformation
RegDeleteKeyW
AllocateAndInitializeSid
SetEntriesInAclW
RegQueryValueExW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity

oleaut32

VariantInit
VariantClear

wtsapi32

WTSQueryUserToken

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

hid

HidD_GetFeature
HidP_GetValueCaps
HidD_SetFeature
HidD_FreePreparsedData
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetAttributes
HidD_GetHidGuid

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock
GetUserProfileDirectoryW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ETD_component.inf
PTPFilter.inf
PTPFilter.sys
.sys windows:10 windows x64 arch:x64

25bb7b04279d481eb07db88381d32546

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/11/2020, 00:00

Not After

30/01/2024, 23:59

Subject

CN=ELAN MICROELECTRONICS CORPORATION,O=ELAN MICROELECTRONICS CORPORATION,L=Hsinchu County,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/01/2023, 19:14

Not After

15/12/2023, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:b8:a9:37:82:37:00:fc:d5:7f:d8:51:42:df:9d:01:a0:91:ac:8e:e4:3e:23:46:fe:14:7e:af:10:37:ac:42
Signer

Actual PE Digest

20:b8:a9:37:82:37:00:fc:d5:7f:d8:51:42:df:9d:01:a0:91:ac:8e:e4:3e:23:46:fe:14:7e:af:10:37:ac:42

Digest Algorithm

sha256

PE Digest Matches

true

20:b8:a9:37:82:37:00:fc:d5:7f:d8:51:42:df:9d:01:a0:91:ac:8e:e4:3e:23:46:fe:14:7e:af:10:37:ac:42
Signer

Actual PE Digest

20:b8:a9:37:82:37:00:fc:d5:7f:d8:51:42:df:9d:01:a0:91:ac:8e:e4:3e:23:46:fe:14:7e:af:10:37:ac:42

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\DriverProject\_Fujitsu\Feather\Source\PTPFilterSample_20141105\PTPFilterSample\PTPFilter\x64\Release\PTPFilter.pdb

Imports

hidparse.sys

HidP_GetSpecificValueCaps
HidP_GetLinkCollectionNodes
HidP_UnsetUsages
HidP_GetUsageValue
HidP_GetValueCaps
HidP_GetSpecificButtonCaps
HidP_GetCaps

ntoskrnl.exe

IoDeleteSymbolicLink
ObfDereferenceObject
MmGetSystemRoutineAddress
IoWMIRegistrationControl
ExNotifyCallback
ExAllocatePoolWithTag
ExUnregisterCallback
ExRegisterCallback
RtlCopyUnicodeString
ExCreateCallback
RtlInitUnicodeString
ExFreePoolWithTag
IoCreateSymbolicLink

wdfldr.sys

WdfVersionBind
WdfVersionUnbind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UWP/AUMIDs.txt
UWP/MPAP_b61832718e804b118d559bcb2827b620_001.provxml
.xml
UWP/b61832718e804b118d559bcb2827b620.appx
.appx
AppxBlockMap.xml
.xml
AppxManifest.xml
AppxMetadata/CodeIntegrity.cat
AppxSignature.p7x
Assets/Square150x150Logo.scale-100.png
.png
Assets/Square150x150Logo.scale-125.png
.png
Assets/Square150x150Logo.scale-150.png
.png
Assets/Square150x150Logo.scale-200.png
.png
Assets/Square150x150Logo.scale-400.png
.png
Assets/Square310x310Logo.scale-100.png
.png
Assets/Square310x310Logo.scale-125.png
.png
Assets/Square310x310Logo.scale-150.png
.png
Assets/Square310x310Logo.scale-200.png
.png
Assets/Square310x310Logo.scale-400.png
.png
Assets/Square44x44Logo.scale-100.png
.png
Assets/Square44x44Logo.scale-125.png
.png
Assets/Square44x44Logo.scale-150.png
.png
Assets/Square44x44Logo.scale-200.png
.png
Assets/Square44x44Logo.scale-400.png
.png
Assets/Square44x44Logo.targetsize-16.png
.png
Assets/Square44x44Logo.targetsize-16_altform-unplated.png
.png
Assets/Square44x44Logo.targetsize-24.png
.png
Assets/Square44x44Logo.targetsize-24_altform-unplated.png
.png
Assets/Square44x44Logo.targetsize-256.png
.png
Assets/Square44x44Logo.targetsize-256_altform-unplated.png
.png
Assets/Square44x44Logo.targetsize-32.png
.png
Assets/Square44x44Logo.targetsize-32_altform-unplated.png
.png
Assets/Square44x44Logo.targetsize-48.png
.png
Assets/Square44x44Logo.targetsize-48_altform-unplated.png
.png
Assets/Square71x71Logo.scale-100.png
.png
Assets/Square71x71Logo.scale-125.png
.png
Assets/Square71x71Logo.scale-150.png
.png
Assets/Square71x71Logo.scale-200.png
.png
Assets/Square71x71Logo.scale-400.png
.png
Assets/StoreLogo.scale-100.png
.png
Assets/StoreLogo.scale-125.png
.png
Assets/StoreLogo.scale-150.png
.png
Assets/StoreLogo.scale-200.png
.png
Assets/StoreLogo.scale-400.png
.png
Assets/Wide310x150Logo.scale-100.png
.png
Assets/Wide310x150Logo.scale-125.png
.png
Assets/Wide310x150Logo.scale-150.png
.png
Assets/Wide310x150Logo.scale-200.png
.png
Assets/Wide310x150Logo.scale-400.png
.png
ETDAniConf.exe
.exe windows:6 windows x64 arch:x64

4709ebadac0d13d6b15f55b2866a1e2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\CWin7data\Fujitsu\Feather\NID Source\PTP_Filter_SRC_14.11.4.3\ETD13_DCHU_28\ETDAniConf\x64\Release\ETDAniConf.pdb

Imports

winmm

mciSendStringW
PlaySoundW

kernel32

GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
GetDriveTypeW
LCMapStringW
GetACP
ExitProcess
GetStdHandle
GetFileType
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
SetFilePointerEx
SetStdHandle
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetProfileIntW
GetTickCount
GetTempPathW
GetTempFileNameW
SearchPathW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
SetErrorMode
FindResourceExW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
lstrcmpiW
GetFileSize
GetFileAttributesW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
DeleteFileW
GetCurrentDirectoryW
VirtualProtect
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
InitializeCriticalSectionAndSpinCount
CompareStringA
lstrcmpA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
WideCharToMultiByte
CopyFileW
FormatMessageW
GlobalFree
GlobalSize
GlobalAlloc
MulDiv
GlobalUnlock
GlobalLock
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
WinExec
WaitForSingleObject
SetCurrentDirectoryW
lstrlenW
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
MultiByteToWideChar
GetModuleHandleW
GlobalAddAtomW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
DeleteCriticalSection
Sleep
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcessId
OpenMutexW
TerminateThread
SetEvent
GetLastError
LocalFree
GetCurrentProcess
DeviceIoControl
CreateFileW
OpenEventW
CreateEventW
CloseHandle
ResetEvent
WaitForMultipleObjects
GetWindowsDirectoryW
FindResourceW
LoadResource
WriteConsoleW
LockResource
SizeofResource
GetUserDefaultUILanguage
QueryPerformanceFrequency

user32

DestroyIcon
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
BringWindowToTop
DeleteMenu
IntersectRect
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
GetSysColorBrush
CopyImage
InflateRect
GetMenuItemInfoW
DestroyMenu
WindowFromPoint
SetRectEmpty
SendDlgItemMessageA
MapVirtualKeyW
GetKeyNameTextW
DrawStateW
ShowOwnedPopups
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SystemParametersInfoW
OffsetRect
MessageBeep
IsZoomed
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
LoadMenuW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
IsWindowEnabled
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
LoadImageW
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
UnpackDDElParam
ReuseDDElParam
EnableWindow
CopyRect
SendMessageW
LoadBitmapW
InvalidateRect
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
SetParent
MonitorFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IsRectEmpty
TrackMouseEvent
CharUpperW
SetCapture
GetSystemMenu
SetWindowRgn
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
NotifyWinEvent
ModifyMenuW
PostThreadMessageW
DrawEdge
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetParent
FindWindowW
GetSystemMetrics
GetDC
KillTimer
SetTimer
GetClientRect
SetForegroundWindow
LoadIconW
RegisterWindowMessageW
PostQuitMessage
LoadCursorW
GetWindowRect
IsIconic
DrawIcon
UpdateWindow
PostMessageW
ReleaseDC
UnregisterHotKey
RegisterHotKey
SwitchToThisWindow
UnregisterClassW
DrawFrameControl
DrawTextW
IsWindowVisible
ShowScrollBar
SetCursor
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongPtrW
IsClipboardFormatAvailable
SetRect
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
DrawIconEx
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CopyIcon
CharUpperBuffW
SetCursorPos
DrawFocusRect
EqualRect

gdi32

Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateRectRgn
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
CombineRgn
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
RealizePalette
SetPixel
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
GetTextColor
EnumFontFamiliesExW
GetBkColor
CreateEllipticRgn
CreatePolygonRgn
Polyline
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
CreatePatternBrush
SetBkColor
GetObjectW
CreateBitmap
GetTextExtentPoint32W
GetTextMetricsW
SetBkMode
SetTextColor
GetDeviceCaps
StretchBlt
GetStockObject
DeleteObject
DeleteDC
BitBlt
Polygon
Ellipse
CreatePen
Rectangle
CreateHatchBrush
CreateSolidBrush
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
RoundRect
CreateFontW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
FreeSid
OpenProcessToken
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid

shell32

ShellExecuteExW
DragQueryFileW
DragFinish
ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon

shlwapi

PathFindFileNameW
PathIsUNCW
StrFormatKBSizeW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
CloseThemeData
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
IsThemeBackgroundPartiallyTransparent
GetThemePartSize

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[Content_Types].xml
.xml
resources.pri
UWP/b61832718e804b118d559bcb2827b620_License1.xml
UWP/install_appx.bat
.bat .vbs
etd_component.cat
etdi2c.cat
ptpfilter.cat

Sharing

General

Malware Config

Signatures

Files

5d27e8b5f862b2d93f20c38f2571dd98

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19Signer

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

version

oleacc

Exports

Exports

Sections

.text Size: 331KB - Virtual size: 331KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 7KB - Virtual size: 370KB

.pdata Size: 17KB - Virtual size: 16KB

.gfids Size: 3KB - Virtual size: 2KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

.my_shar Size: 512B - Virtual size: 128B

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 4KB

4aae734df0fc76e2270b37080951103a

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19
Signer

76:7e:63:bd:e0:b7:a3:ca:03:73:44:9c:0b:25:b9:96:76:72:b1:2b:8a:16:9a:f4:6a:31:d1:4a:ba:60:78:19
Signer

.text
Size: 331KB - Virtual size: 331KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 7KB - Virtual size: 370KB

.pdata
Size: 17KB - Virtual size: 16KB

.gfids
Size: 3KB - Virtual size: 2KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.my_shar
Size: 512B - Virtual size: 128B

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8
Signer

d2:84:76:c8:97:0b:27:2c:70:98:54:82:cc:13:3a:51:31:92:9d:b9:3e:0d:ab:ac:c7:4a:eb:4e:ed:da:61:f8
Signer

.text
Size: 483KB - Virtual size: 483KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 8KB - Virtual size: 1.3MB

.pdata
Size: 16KB - Virtual size: 15KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0b:5e:96:40:15:99:37:2e:99:c5:3b:59:13:7e:2a:78
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

33:00:00:00:f3:15:8e:a5:7d:1c:55:9f:29:00:00:00:00:00:f3
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c
Signer

7d:14:14:1b:8f:0a:da:db:cb:2a:e3:3c:47:26:d1:ae:5b:56:f1:db:70:cf:57:2d:05:f1:77:08:0b:f3:93:2c
Signer