06-09-2024_x7mMrO4BfIajxAk[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

06-09-2024_x7mMrO4BfIajxAk.zip
Size

19.6MB
MD5

1ec278601392aef87f1e9b4ac24bbb49
SHA1

d19111f320c507f966da6b6049331ad20deea4f8
SHA256

9b17a787ad40e05351cbad41d2f3887239d40a014ec5380cb024939aa364a79f
SHA512

4541f006a5c21a9c4a03dad4e78f767f2f94307f5b24ce08f52da805d115b0817b65d8c071b8ef0b6e145521e6f515a0bb9748b87b79575bef90e40c4e4da759
SSDEEP

393216:YsUKkEVyrBsDtVuRSFuVEoNvDF7rtl6RnMMwtx01stABcvJfhHPzix0kAWkLGX:jUKfqqVuR12iv5NqzwjiWscvFZ7U0kw8

Score

3^/10

Malware Config

Signatures

Unsigned PE 68 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BepInEx/core/0Harmony.dll
unpack001/BepInEx/core/Accessibility.dll
unpack001/BepInEx/core/BCrypt.Net-Next.dll
unpack001/BepInEx/core/BepInEx.Core.dll
unpack001/BepInEx/core/BepInEx.IL2CPP.dll
unpack001/BepInEx/core/BepInEx.Preloader.Core.dll
unpack001/BepInEx/core/Cpp2IL.Core.dll
unpack001/BepInEx/core/Gee.External.Capstone.dll
unpack001/BepInEx/core/Iced.dll
unpack001/BepInEx/core/Il2Cpp.TlsAdapter.dll
unpack001/BepInEx/core/Il2CppDumper.dll
unpack001/BepInEx/core/IndexRange.dll
unpack001/BepInEx/core/LibAssemblyUnhollower.dll
unpack001/BepInEx/core/LibCpp2IL.dll
unpack001/BepInEx/core/MetroFramework.Fonts.dll
unpack001/BepInEx/core/MetroFramework.dll
unpack001/BepInEx/core/Mono.Cecil.Mdb.dll
unpack001/BepInEx/core/Mono.Cecil.Pdb.dll
unpack001/BepInEx/core/Mono.Cecil.Rocks.dll
unpack001/BepInEx/core/Mono.Cecil.dll
unpack001/BepInEx/core/MonoMod.RuntimeDetour.dll
unpack001/BepInEx/core/MonoMod.Utils.dll
unpack001/BepInEx/core/SemanticVersioning.dll
unpack001/BepInEx/core/System.Design.dll
unpack001/BepInEx/core/System.Drawing.Design.dll
unpack001/BepInEx/core/System.Drawing.dll
unpack001/BepInEx/core/System.Windows.Forms.DataVisualization.dll
unpack001/BepInEx/core/System.Windows.Forms.dll
unpack001/BepInEx/core/UnhollowerBaseLib.dll
unpack001/BepInEx/core/UnhollowerRuntimeLib.dll
unpack001/BepInEx/core/WasmDisassembler.dll
unpack001/BepInEx/plugins/BepInEx.MelonLoader.Loader/BepInEx.MelonLoader.Loader.dll
unpack001/BepInEx/plugins/BepInEx.MelonLoader.Loader/MelonLoader.dll
unpack001/BepInEx/plugins/BepInEx.MelonLoader.Loader/MetroFramework.Fonts.dll
unpack001/BepInEx/plugins/BepInEx.MelonLoader.Loader/MetroFramework.dll
unpack001/BepInEx/plugins/BepInEx.MelonLoader.Loader/Tomlet.dll
unpack001/BepInEx/plugins/Secret Neighbor FREE HACK.dll
unpack001/MelonLoader/Dependencies/CompatibilityLayers/Demeo.dll
unpack001/MelonLoader/Dependencies/CompatibilityLayers/IPA.dll
unpack001/MelonLoader/Dependencies/CompatibilityLayers/MDML.dll
unpack001/MelonLoader/Dependencies/Il2CppAssemblyGenerator/Il2CppAssemblyGenerator.dll
unpack001/MelonLoader/Dependencies/bHaptics.x64.dll
unpack001/mono/Managed/Microsoft.CSharp.dll
unpack001/mono/Managed/Mono.Posix.dll
unpack001/mono/Managed/Mono.Security.dll
unpack001/mono/Managed/System.Buffers.dll
unpack001/mono/Managed/System.Configuration.dll
unpack001/mono/Managed/System.Core.dll
unpack001/mono/Managed/System.Data.dll
unpack001/mono/Managed/System.IO.Compression.FileSystem.dll
unpack001/mono/Managed/System.IO.Compression.dll
unpack001/mono/Managed/System.Memory.dll
unpack001/mono/Managed/System.Net.Http.dll
unpack001/mono/Managed/System.Numerics.Vectors.dll
unpack001/mono/Managed/System.Numerics.dll
unpack001/mono/Managed/System.Reflection.Emit.ILGeneration.dll
unpack001/mono/Managed/System.Reflection.Emit.Lightweight.dll
unpack001/mono/Managed/System.Reflection.Emit.dll
unpack001/mono/Managed/System.Runtime.Serialization.dll
unpack001/mono/Managed/System.Threading.Tasks.Extensions.dll
unpack001/mono/Managed/System.Xml.dll
unpack001/mono/Managed/System.dll
unpack001/mono/Managed/mscorlib.dll
unpack001/mono/Managed/netstandard.dll
unpack001/mono/MonoBleedingEdge/EmbedRuntime/MonoPosixHelper.dll
unpack001/mono/MonoBleedingEdge/EmbedRuntime/libmono-btls-shared.dll
unpack001/mono/MonoBleedingEdge/EmbedRuntime/mono-2.0-sgen.dll
unpack001/winhttp.dll

Files

06-09-2024_x7mMrO4BfIajxAk.zip
.zip
BepInEx/core/0Harmony.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Accessibility.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/Users/builduser/build/output/Unity-Technologies/mono/mcs/class/lib/unityjit/Accessibility.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/BCrypt.Net-Next.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BCrypt.Net-Next.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/BepInEx.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/BepInEx.Core.xml
.xml
BepInEx/core/BepInEx.IL2CPP.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/BepInEx.IL2CPP.dll.config
BepInEx/core/BepInEx.Preloader.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/BepInEx.Preloader.Core.xml
.xml
BepInEx/core/Cpp2IL.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Sam\RiderProjects\Cpp2IL\Cpp2IL.Core\obj\Release\netstandard2.0\Cpp2IL.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Gee.External.Capstone.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/home/js6pak/Development/CSharp/Capstone.NET/Gee.External.Capstone/obj/Debug/netstandard2.0/Gee.External.Capstone.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Iced.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/src/csharp/Intel/Iced/obj/Release/netstandard2.1/Iced.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Il2Cpp.TlsAdapter.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Il2CppDumper.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\neigh\Documents\Projects\csharp\BepInEx\Il2CppDumper\Il2CppDumper\obj\Release\netstandard2.0\Il2CppDumper.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/IndexRange.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\Code\Projects\IndexRange\src\IndexRange\obj\Release\netstandard2.1\IndexRange.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/LibAssemblyUnhollower.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/home/runner/work/Il2CppAssemblyUnhollower/Il2CppAssemblyUnhollower/LibAssemblyUnhollower/obj/Release/netstandard2.1/LibAssemblyUnhollower.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/LibCpp2IL.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Sam\RiderProjects\Cpp2IL\LibCpp2IL\obj\Release\netstandard2.0\LibCpp2IL.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/MetroFramework.Fonts.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\home\dvlp\ManagedXLL-branches-4_0\MetroFramework\MetroFramework.Fonts\obj\Release\MetroFramework.Fonts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/MetroFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Mono.Cecil.Mdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\cecil\symbols\mdb\obj\Release\netstandard2.0\Mono.Cecil.Mdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Mono.Cecil.Pdb.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\cecil\symbols\pdb\obj\Release\netstandard2.0\Mono.Cecil.Pdb.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Mono.Cecil.Rocks.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\cecil\rocks\obj\Release\netstandard2.0\Mono.Cecil.Rocks.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/Mono.Cecil.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\cecil\obj\Release\netstandard2.0\Mono.Cecil.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/MonoMod.RuntimeDetour.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\MonoMod.RuntimeDetour\obj\Release\netstandard2.0\MonoMod.RuntimeDetour.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/MonoMod.Utils.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\MonoMod.Utils\obj\Release\netstandard2.0\MonoMod.Utils.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/SemanticVersioning.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\projects\semver-net\src\SemanticVersioning\obj\Release\netstandard2.0\SemanticVersioning.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Design.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Drawing.Design.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Drawing.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 467KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Linq.Expressions.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:02:8d:7e:47:c3:82:7e:05:1a:2a:00:00:00:00:02:8d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/10/2021, 18:45

Not After

13/10/2022, 18:45

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:4f:4c:13:5d:c9:50:9d:ba:f5:88:63:4b:eb:5e:46:d9:80:b7:b9:06:d9:0e:bf:b8:de:dc:79:79:17:da:c0
Signer

Actual PE Digest

98:4f:4c:13:5d:c9:50:9d:ba:f5:88:63:4b:eb:5e:46:d9:80:b7:b9:06:d9:0e:bf:b8:de:dc:79:79:17:da:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Linq.Expressions.ni.pdb
D:\a\_work\1\s\artifacts\obj\System.Linq.Expressions\net6.0-Release\System.Linq.Expressions.pdb

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 385KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Linq.Parallel.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:02:8d:7e:47:c3:82:7e:05:1a:2a:00:00:00:00:02:8d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/10/2021, 18:45

Not After

13/10/2022, 18:45

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:68:6f:e7:8a:18:11:ee:31:04:62:d6:d6:ba:58:4c:a1:4b:10:af:b7:40:f1:da:a6:9d:07:8e:fc:78:03:84
Signer

Actual PE Digest

0f:68:6f:e7:8a:18:11:ee:31:04:62:d6:d6:ba:58:4c:a1:4b:10:af:b7:40:f1:da:a6:9d:07:8e:fc:78:03:84

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Linq.Parallel.ni.pdb
D:\a\_work\1\s\artifacts\obj\System.Linq.Parallel\net6.0-Release\System.Linq.Parallel.pdb

Sections

.text
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Linq.Queryable.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:02:8d:7e:47:c3:82:7e:05:1a:2a:00:00:00:00:02:8d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/10/2021, 18:45

Not After

13/10/2022, 18:45

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:b8:3f:85:1e:bf:89:c5:0f:b9:50:ad:3b:46:17:ca:95:d4:d3:d4:52:ba:0b:35:e5:03:91:64:50:69:b1:f1
Signer

Actual PE Digest

82:b8:3f:85:1e:bf:89:c5:0f:b9:50:ad:3b:46:17:ca:95:d4:d3:d4:52:ba:0b:35:e5:03:91:64:50:69:b1:f1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Linq.Queryable.ni.pdb
D:\a\_work\1\s\artifacts\obj\System.Linq.Queryable\net6.0-Release\System.Linq.Queryable.pdb

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Linq.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:02:8d:7e:47:c3:82:7e:05:1a:2a:00:00:00:00:02:8d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/10/2021, 18:45

Not After

13/10/2022, 18:45

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:3b:2c:dd:fa:4c:51:9b:33:d1:c6:fe:4c:09:ad:68:16:24:d6:d4:8d:f0:90:9f:53:58:0d:4f:9a:32:c3:d9
Signer

Actual PE Digest

07:3b:2c:dd:fa:4c:51:9b:33:d1:c6:fe:4c:09:ad:68:16:24:d6:d4:8d:f0:90:9f:53:58:0d:4f:9a:32:c3:d9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Linq.ni.pdb
D:\a\_work\1\s\artifacts\obj\System.Linq\net6.0-Release\System.Linq.pdb

Sections

.text
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Private.CoreLib.dll
.dll windows:4 windows x64 arch:x64

Code Sign

33:00:00:02:8d:7e:47:c3:82:7e:05:1a:2a:00:00:00:00:02:8d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/10/2021, 18:45

Not After

13/10/2022, 18:45

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:58:04:6f:7e:30:93:c2:15:60:6e:54:f8:c5:03:a4:a7:c2:a9:c4:11:15:23:20:ec:34:ec:3a:ac:81:ee:74
Signer

Actual PE Digest

30:58:04:6f:7e:30:93:c2:15:60:6e:54:f8:c5:03:a4:a7:c2:a9:c4:11:15:23:20:ec:34:ec:3a:ac:81:ee:74

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Private.CoreLib.ni.pdb
D:\a\_work\1\s\artifacts\obj\coreclr\System.Private.CoreLib\x64\Release\System.Private.CoreLib.pdb

Sections

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Windows.Forms.DataVisualization.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/System.Windows.Forms.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/UnhollowerBaseLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/home/runner/work/Il2CppAssemblyUnhollower/Il2CppAssemblyUnhollower/UnhollowerBaseLib/obj/Release/netstandard2.1/UnhollowerBaseLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/UnhollowerRuntimeLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/home/runner/work/Il2CppAssemblyUnhollower/Il2CppAssemblyUnhollower/UnhollowerRuntimeLib/obj/Release/netstandard2.1/UnhollowerRuntimeLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/core/WasmDisassembler.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Sam\RiderProjects\Cpp2IL\WasmDisassembler\obj\Release\netstandard2.0\WasmDisassembler.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/BepInEx.MelonLoader.Loader.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sourcecode\GitHub-Bepis\BepInEx.MelonLoader.Loader\BepInEx.MelonLoader.Loader\obj\Release\netstandard2.1\BepInEx.MelonLoader.Loader.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/MelonLoader.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/MetroFramework.Fonts.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\home\dvlp\ManagedXLL-branches-4_0\MetroFramework\MetroFramework.Fonts\obj\Release\MetroFramework.Fonts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/MetroFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/04/2018, 12:41

Not After

27/04/2028, 12:41

Subject

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

Issuer

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Not Before

25/10/2018, 00:00

Not After

29/10/2021, 12:00

Subject

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:00:b6:ed:de:fd:c3:b8:8b:5c:35:0f:b5:e2:70:78:46:4e:b7:8c:29:d4:e7:fe:a1:2a:bf:f3:d4:ff:3a:05
Signer

Actual PE Digest

42:00:b6:ed:de:fd:c3:b8:8b:5c:35:0f:b5:e2:70:78:46:4e:b7:8c:29:d4:e7:fe:a1:2a:bf:f3:d4:ff:3a:05

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Src/Newtonsoft.Json/obj/Release/net35/Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/System.Xml.Linq.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:0b:bf:86:a4:4e:62:8e:e7:04:00:00:00:00:01:0b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:A240-4B82-130E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:7d:ee:28:22:6f:d4:d4:d1:04:05:82:71:0e:d8:4e:de:04:1e:04:a5:5b:ed:99:cb:26:65:c2:ba:ab:6f:4e
Signer

Actual PE Digest

fd:7d:ee:28:22:6f:d4:d4:d1:04:05:82:71:0e:d8:4e:de:04:1e:04:a5:5b:ed:99:cb:26:65:c2:ba:ab:6f:4e

Digest Algorithm

sha256

PE Digest Matches

true

90:87:44:36:d6:e8:2d:68:68:41:2e:62:a3:44:39:c1:81:8d:31:f6
Signer

Actual PE Digest

90:87:44:36:d6:e8:2d:68:68:41:2e:62:a3:44:39:c1:81:8d:31:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/System.Xml.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:7e:83:0b:6e:8e:c7:8f:1b:0b:40:6f:aa:a0:69:e8:15:77:9f:d6:bb:73:6e:f6:c1:59:a3:7f:93:8e:9c:e5
Signer

Actual PE Digest

7c:7e:83:0b:6e:8e:c7:8f:1b:0b:40:6f:aa:a0:69:e8:15:77:9f:d6:bb:73:6e:f6:c1:59:a3:7f:93:8e:9c:e5

Digest Algorithm

sha256

PE Digest Matches

true

d9:67:9a:86:5f:cd:e2:9b:37:a3:f7:65:dd:54:3d:bb:b5:df:c3:92
Signer

Actual PE Digest

d9:67:9a:86:5f:cd:e2:9b:37:a3:f7:65:dd:54:3d:bb:b5:df:c3:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 885KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/BepInEx.MelonLoader.Loader/Tomlet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Projects\Tomlet\Tomlet\obj\Release\netstandard2.1\Tomlet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BepInEx/plugins/Secret Neighbor FREE HACK.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Secret Neighbor FREE HACK.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/Dependencies/CompatibilityLayers/Demeo.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/Dependencies/CompatibilityLayers/IPA.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/Dependencies/CompatibilityLayers/MDML.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/Dependencies/Il2CppAssemblyGenerator/Il2CppAssemblyGenerator.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/Dependencies/bHaptics.x64.dll
.dll windows:6 windows x64 arch:x64

7cbb6be3f60e7953a779efa2de8a9453

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
FormatMessageW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CloseHandle
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

msvcp140

?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
_Xtime_get_ticks
_Thrd_join
_Thrd_sleep
_Thrd_id
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Thrd_detach
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Cnd_do_broadcast_at_thread_exit
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??Bid@locale@std@@QEAA_KXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
_Mtx_unlock
_Mtx_trylock
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
_Mtx_lock
_Query_perf_frequency
_Query_perf_counter
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ

ws2_32

WSACleanup
closesocket
connect
WSAStartup
recv
select
send
setsockopt
socket
ioctlsocket
getaddrinfo
freeaddrinfo
WSAGetLastError

vcruntime140

__std_type_info_destroy_list
memset
memmove
memcpy
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
memcmp
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_invalid_parameter_noinfo_noreturn
_crt_atexit
_initterm
_cexit
_errno
_execute_onexit_table
_register_onexit_function
_seh_filter_dll
_initialize_onexit_table
_beginthreadex
_configure_narrow_argv
_initialize_narrow_environment

api-ms-win-crt-convert-l1-1-0

strtof
strtoull
strtoll
strtod

api-ms-win-crt-math-l1-1-0

_dsign
_dclass

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf_s
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
fputs
_get_stream_buffer_pointers
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
fgetc
fflush
fclose
__stdio_common_vfprintf

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-string-l1-1-0

toupper

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

ChangeUrl
Destroy
DisableFeedback
EnableFeedback
GetExePath
Initialise
InitialiseSync
IsDevicePlaying
IsFeedbackRegistered
IsPlaying
IsPlayingKey
LoadAndRegisterFeedback
RegisterFeedback
RegisterFeedbackFromTactFile
RegisterFeedbackFromTactFileReflected
Submit
SubmitByteArray
SubmitDot
SubmitPath
SubmitPathArray
SubmitRegistered
SubmitRegisteredAlt
SubmitRegisteredStartMillis
SubmitRegisteredWithOption
ToggleFeedback
TryGetExePath
TryGetResponseForPosition
TurnOff
TurnOffKey

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MelonLoader/UserData/MelonPreferences.cfg
doorstop_config.ini
mono/Managed/Microsoft.Bcl.AsyncInterfaces.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:39

Not After

03/03/2021, 18:39

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:06:04:b3:02:99:08:2e:67:26:09:74:32:11:35:f2:40:10:4d:af:23:af:7d:94:43:0b:fc:0e:68:36:9c:36
Signer

Actual PE Digest

44:06:04:b3:02:99:08:2e:67:26:09:74:32:11:35:f2:40:10:4d:af:23:af:7d:94:43:0b:fc:0e:68:36:9c:36

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/Microsoft.Bcl.AsyncInterfaces/netstandard2.1-Release/Microsoft.Bcl.AsyncInterfaces.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/Microsoft.CSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\Microsoft.CSharp.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/Mono.Posix.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\Mono.Posix.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/Mono.Security.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\Mono.Security.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Buffers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Configuration.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.Configuration.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.Core.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Data.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.Data.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.IO.Compression.FileSystem.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.IO.Compression.FileSystem.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.IO.Compression.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.IO.Compression.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Management.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e3:2e:ac:42:f8:69:ec:b6:04:bf:44:6e:c2:61:d9:04:23:5c:33:4b:00:37:98:2f:e7:dd:0f:d1:da:b8:f6:f4
Signer

Actual PE Digest

e3:2e:ac:42:f8:69:ec:b6:04:bf:44:6e:c2:61:d9:04:23:5c:33:4b:00:37:98:2f:e7:dd:0f:d1:da:b8:f6:f4

Digest Algorithm

sha256

PE Digest Matches

true

c2:5b:f4:f6:4d:a7:e7:7e:f3:b0:40:a5:e4:6a:23:c1:e7:e4:bc:8d
Signer

Actual PE Digest

c2:5b:f4:f6:4d:a7:e7:7e:f3:b0:40:a5:e4:6a:23:c1:e7:e4:bc:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Memory.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Net.Http.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.Net.Http.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Numerics.Vectors.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Numerics.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Projects\c\mono\mcs\class\lib\net_4_x-win32\System.Numerics.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Reflection.Emit.ILGeneration.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Reflection.Emit.Lightweight.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Reflection.Emit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Runtime.CompilerServices.Unsafe.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:39

Not After

03/03/2021, 18:39

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5d:b4:35:b3:1e:db:bb:31:15:93:ba:6b:aa:0a:44:0e:70:c9:60:2f:dc:5c:4f:e1:89:68:5b:08:66:d4:90:33
Signer

Actual PE Digest

5d:b4:35:b3:1e:db:bb:31:15:93:ba:6b:aa:0a:44:0e:70:c9:60:2f:dc:5c:4f:e1:89:68:5b:08:66:d4:90:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Runtime.Serialization.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Projects\c\mono\mcs\class\lib\net_4_x-win32\System.Runtime.Serialization.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 915KB - Virtual size: 914KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Text.Encodings.Web.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:87:72:17:72:15:59:40:c7:09:00:00:00:00:01:87
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:39

Not After

03/03/2021, 18:39

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:a8:d8:c0:6e:14:39:29:0d:44:86:c7:cf:ee:ee:b3:f7:d0:66:45:7f:6d:2b:97:1f:78:5d:97:77:a6:4f:ac
Signer

Actual PE Digest

c2:a8:d8:c0:6e:14:39:29:0d:44:86:c7:cf:ee:ee:b3:f7:d0:66:45:7f:6d:2b:97:1f:78:5d:97:77:a6:4f:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Text.Encodings.Web/netstandard2.0-Release/System.Text.Encodings.Web.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Text.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:4e:bb:60:c4:52:ed:ab:4c:24:1d:9b:83:40:9f:8f:d3:1e:2f:e3:4c:99:4b:87:d6:13:6a:c7:d1:80:97:ab
Signer

Actual PE Digest

7a:4e:bb:60:c4:52:ed:ab:4c:24:1d:9b:83:40:9f:8f:d3:1e:2f:e3:4c:99:4b:87:d6:13:6a:c7:d1:80:97:ab

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Text.Json/netstandard2.0-Release/System.Text.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Threading.Tasks.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.Xml.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.Xml.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/System.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\System.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/mscorlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\denis\OneDrive\Documents\Projects\C++\mono\mcs\class\lib\net_4_x-win32\mscorlib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/Managed/netstandard.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/MonoBleedingEdge/EmbedRuntime/MonoPosixHelper.dll
.dll windows:6 windows x64 arch:x64

ca3aff56e5e831a07623e4891b7a5872

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sourcecode\GitHub-Bepis\mono\msvc\build\sgen\x64\bin\Release\MonoPosixHelper.pdb

Imports

vcruntime140

__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_crt_at_quick_exit
terminate
_errno
_initialize_narrow_environment
perror
_cexit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

fsetpos
feof
ungetc
setvbuf
fputs
fgetpos
__stdio_common_vsprintf
_open
_creat
__acrt_iob_func
setbuf
tmpfile
clearerr
ftell
rewind
fgets
fputc
freopen
ferror
fopen
fclose
__stdio_common_vfprintf
fgetc
_fseeki64
fread
_ftelli64
fwrite
fseek
fflush

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
calloc

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
_fstat64i32

kernel32

GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess

Exports

Exports

CloseZStream
CreateZStream
Flush
Mono_Posix_FromAccessModes
Mono_Posix_FromConfstrName
Mono_Posix_FromDirectoryNotifyFlags
Mono_Posix_FromErrno
Mono_Posix_FromFcntlCommand
Mono_Posix_FromFilePermissions
Mono_Posix_FromLockType
Mono_Posix_FromLockfCommand
Mono_Posix_FromMlockallFlags
Mono_Posix_FromMmapFlags
Mono_Posix_FromMmapProts
Mono_Posix_FromMountFlags
Mono_Posix_FromMsyncFlags
Mono_Posix_FromOpenFlags
Mono_Posix_FromPathconfName
Mono_Posix_FromPollEvents
Mono_Posix_FromPosixFadviseAdvice
Mono_Posix_FromPosixMadviseAdvice
Mono_Posix_FromSeekFlags
Mono_Posix_FromSignum
Mono_Posix_FromSysconfName
Mono_Posix_FromSyslogFacility
Mono_Posix_FromSyslogLevel
Mono_Posix_FromSyslogOptions
Mono_Posix_FromWaitOptions
Mono_Posix_FromXattrFlags
Mono_Posix_Stdlib_BUFSIZ
Mono_Posix_Stdlib_CreateFilePosition
Mono_Posix_Stdlib_DumpFilePosition
Mono_Posix_Stdlib_EOF
Mono_Posix_Stdlib_EXIT_FAILURE
Mono_Posix_Stdlib_EXIT_SUCCESS
Mono_Posix_Stdlib_FILENAME_MAX
Mono_Posix_Stdlib_FOPEN_MAX
Mono_Posix_Stdlib_GetLastError
Mono_Posix_Stdlib_InvokeSignalHandler
Mono_Posix_Stdlib_L_tmpnam
Mono_Posix_Stdlib_MB_CUR_MAX
Mono_Posix_Stdlib_RAND_MAX
Mono_Posix_Stdlib_SIG_DFL
Mono_Posix_Stdlib_SIG_ERR
Mono_Posix_Stdlib_SIG_IGN
Mono_Posix_Stdlib_SetLastError
Mono_Posix_Stdlib_TMP_MAX
Mono_Posix_Stdlib__IOFBF
Mono_Posix_Stdlib__IOLBF
Mono_Posix_Stdlib__IONBF
Mono_Posix_Stdlib_calloc
Mono_Posix_Stdlib_clearerr
Mono_Posix_Stdlib_fclose
Mono_Posix_Stdlib_feof
Mono_Posix_Stdlib_ferror
Mono_Posix_Stdlib_fflush
Mono_Posix_Stdlib_fgetc
Mono_Posix_Stdlib_fgetpos
Mono_Posix_Stdlib_fgets
Mono_Posix_Stdlib_fopen
Mono_Posix_Stdlib_fprintf
Mono_Posix_Stdlib_fputc
Mono_Posix_Stdlib_fputs
Mono_Posix_Stdlib_fread
Mono_Posix_Stdlib_free
Mono_Posix_Stdlib_freopen
Mono_Posix_Stdlib_fseek
Mono_Posix_Stdlib_fsetpos
Mono_Posix_Stdlib_ftell
Mono_Posix_Stdlib_fwrite
Mono_Posix_Stdlib_malloc
Mono_Posix_Stdlib_perror
Mono_Posix_Stdlib_realloc
Mono_Posix_Stdlib_rewind
Mono_Posix_Stdlib_setbuf
Mono_Posix_Stdlib_setvbuf
Mono_Posix_Stdlib_stderr
Mono_Posix_Stdlib_stdin
Mono_Posix_Stdlib_stdout
Mono_Posix_Stdlib_strlen
Mono_Posix_Stdlib_tmpfile
Mono_Posix_Stdlib_ungetc
Mono_Posix_Syscall_L_ctermid
Mono_Posix_Syscall_L_cuserid
Mono_Posix_Syscall_get_at_fdcwd
Mono_Posix_Syscall_get_utime_now
Mono_Posix_Syscall_get_utime_omit
Mono_Posix_ToAccessModes
Mono_Posix_ToConfstrName
Mono_Posix_ToDirectoryNotifyFlags
Mono_Posix_ToErrno
Mono_Posix_ToFcntlCommand
Mono_Posix_ToFilePermissions
Mono_Posix_ToLockType
Mono_Posix_ToLockfCommand
Mono_Posix_ToMlockallFlags
Mono_Posix_ToMmapFlags
Mono_Posix_ToMmapProts
Mono_Posix_ToMountFlags
Mono_Posix_ToMsyncFlags
Mono_Posix_ToOpenFlags
Mono_Posix_ToPathconfName
Mono_Posix_ToPollEvents
Mono_Posix_ToPosixFadviseAdvice
Mono_Posix_ToPosixMadviseAdvice
Mono_Posix_ToSeekFlags
Mono_Posix_ToSignum
Mono_Posix_ToSysconfName
Mono_Posix_ToSyslogFacility
Mono_Posix_ToSyslogLevel
Mono_Posix_ToSyslogOptions
Mono_Posix_ToWaitOptions
Mono_Posix_ToXattrFlags
Mono_Unix_VersionString
ReadZStream
WriteZStream
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen2
unzOpenCurrentFile2
unzReadCurrentFile
unztell
zipClose
zipCloseFileInZip
zipOpen2
zipOpenNewFileInZip
zipWriteInFileInZip

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/MonoBleedingEdge/EmbedRuntime/libmono-btls-shared.dll
.dll windows:6 windows x64 arch:x64

75a9cd3bc76532752582547479124f64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
InitializeSRWLock
InitOnceExecuteOnce
TlsAlloc
TlsGetValue
TlsSetValue
GetLastError
FormatMessageA
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

advapi32

SystemFunction036

ws2_32

ioctlsocket
getaddrinfo
freeaddrinfo
closesocket
connect
socket
recv
getsockopt
send
setsockopt
shutdown

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcmp
memchr
memmove
memcpy
memset
strchr

api-ms-win-crt-heap-l1-1-0

calloc
realloc
free
malloc

api-ms-win-crt-runtime-l1-1-0

abort
_cexit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
strerror
_errno

api-ms-win-crt-stdio-l1-1-0

_close
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf
fwrite
ftell
fseek
fread
fopen
fgets
ferror
feof
fclose
_write
__stdio_common_vsscanf
_read
_lseek
fflush

api-ms-win-crt-string-l1-1-0

_stricmp
_strdup
isdigit
_strnicmp
isupper
tolower
strcmp
strncmp
isxdigit
strncpy
isspace

api-ms-win-crt-time-l1-1-0

_ftime64
_gmtime64_s
_time64

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

mono_btls_bio_flush
mono_btls_bio_free
mono_btls_bio_hexdump
mono_btls_bio_indent
mono_btls_bio_mem_get_data
mono_btls_bio_mem_new
mono_btls_bio_mono_initialize
mono_btls_bio_mono_new
mono_btls_bio_print_errors
mono_btls_bio_read
mono_btls_bio_write
mono_btls_error_clear_error
mono_btls_error_get_error
mono_btls_error_get_error_line
mono_btls_error_get_error_string_n
mono_btls_error_get_reason
mono_btls_error_peek_error
mono_btls_error_peek_error_line
mono_btls_free
mono_btls_key_assign_rsa_private_key
mono_btls_key_free
mono_btls_key_get_bits
mono_btls_key_get_bytes
mono_btls_key_is_rsa
mono_btls_key_new
mono_btls_key_up_ref
mono_btls_pkcs12_add_cert
mono_btls_pkcs12_free
mono_btls_pkcs12_get_cert
mono_btls_pkcs12_get_certs
mono_btls_pkcs12_get_count
mono_btls_pkcs12_get_private_key
mono_btls_pkcs12_has_private_key
mono_btls_pkcs12_import
mono_btls_pkcs12_new
mono_btls_pkcs12_up_ref
mono_btls_ssl_accept
mono_btls_ssl_add_chain_certificate
mono_btls_ssl_close
mono_btls_ssl_connect
mono_btls_ssl_ctx_debug_printf
mono_btls_ssl_ctx_free
mono_btls_ssl_ctx_get_ctx
mono_btls_ssl_ctx_initialize
mono_btls_ssl_ctx_is_cipher_supported
mono_btls_ssl_ctx_is_debug_enabled
mono_btls_ssl_ctx_new
mono_btls_ssl_ctx_peek_store
mono_btls_ssl_ctx_set_cert_select_callback
mono_btls_ssl_ctx_set_cert_verify_callback
mono_btls_ssl_ctx_set_ciphers
mono_btls_ssl_ctx_set_client_ca_list
mono_btls_ssl_ctx_set_debug_bio
mono_btls_ssl_ctx_set_max_version
mono_btls_ssl_ctx_set_min_version
mono_btls_ssl_ctx_set_server_name_callback
mono_btls_ssl_ctx_set_verify_param
mono_btls_ssl_ctx_up_ref
mono_btls_ssl_destroy
mono_btls_ssl_get_cipher
mono_btls_ssl_get_ciphers
mono_btls_ssl_get_error
mono_btls_ssl_get_peer_certificate
mono_btls_ssl_get_server_name
mono_btls_ssl_get_version
mono_btls_ssl_handshake
mono_btls_ssl_new
mono_btls_ssl_print_errors_cb
mono_btls_ssl_read
mono_btls_ssl_renegotiate_pending
mono_btls_ssl_set_bio
mono_btls_ssl_set_cipher_list
mono_btls_ssl_set_max_version
mono_btls_ssl_set_min_version
mono_btls_ssl_set_quiet_shutdown
mono_btls_ssl_set_renegotiate_mode
mono_btls_ssl_set_server_name
mono_btls_ssl_set_verify_param
mono_btls_ssl_shutdown
mono_btls_ssl_use_certificate
mono_btls_ssl_use_private_key
mono_btls_ssl_write
mono_btls_x509_add_explicit_trust
mono_btls_x509_add_reject_object
mono_btls_x509_add_trust_object
mono_btls_x509_chain_add_cert
mono_btls_x509_chain_free
mono_btls_x509_chain_from_certs
mono_btls_x509_chain_get_cert
mono_btls_x509_chain_get_certs
mono_btls_x509_chain_get_count
mono_btls_x509_chain_new
mono_btls_x509_chain_peek_certs
mono_btls_x509_chain_up_ref
mono_btls_x509_cmp
mono_btls_x509_crl_free
mono_btls_x509_crl_from_data
mono_btls_x509_crl_get_by_cert
mono_btls_x509_crl_get_by_serial
mono_btls_x509_crl_get_issuer
mono_btls_x509_crl_get_last_update
mono_btls_x509_crl_get_next_update
mono_btls_x509_crl_get_revoked
mono_btls_x509_crl_get_revoked_count
mono_btls_x509_crl_get_version
mono_btls_x509_crl_ref
mono_btls_x509_dup
mono_btls_x509_free
mono_btls_x509_from_data
mono_btls_x509_get_hash
mono_btls_x509_get_issuer_name
mono_btls_x509_get_issuer_name_string
mono_btls_x509_get_not_after
mono_btls_x509_get_not_before
mono_btls_x509_get_pubkey
mono_btls_x509_get_public_key
mono_btls_x509_get_public_key_algorithm
mono_btls_x509_get_public_key_asn1
mono_btls_x509_get_public_key_parameters
mono_btls_x509_get_raw_data
mono_btls_x509_get_serial_number
mono_btls_x509_get_signature_algorithm
mono_btls_x509_get_subject_key_identifier
mono_btls_x509_get_subject_name
mono_btls_x509_get_subject_name_string
mono_btls_x509_get_version
mono_btls_x509_lookup_add_dir
mono_btls_x509_lookup_add_mono
mono_btls_x509_lookup_by_fingerprint
mono_btls_x509_lookup_by_subject
mono_btls_x509_lookup_free
mono_btls_x509_lookup_get_type
mono_btls_x509_lookup_init
mono_btls_x509_lookup_load_file
mono_btls_x509_lookup_mono_free
mono_btls_x509_lookup_mono_init
mono_btls_x509_lookup_mono_method
mono_btls_x509_lookup_mono_new
mono_btls_x509_lookup_new
mono_btls_x509_lookup_peek_lookup
mono_btls_x509_lookup_shutdown
mono_btls_x509_lookup_up_ref
mono_btls_x509_name_copy
mono_btls_x509_name_free
mono_btls_x509_name_from_data
mono_btls_x509_name_from_name
mono_btls_x509_name_get_entry_count
mono_btls_x509_name_get_entry_oid
mono_btls_x509_name_get_entry_oid_data
mono_btls_x509_name_get_entry_type
mono_btls_x509_name_get_entry_value
mono_btls_x509_name_get_raw_data
mono_btls_x509_name_hash
mono_btls_x509_name_hash_old
mono_btls_x509_name_peek_name
mono_btls_x509_name_print_bio
mono_btls_x509_name_print_string
mono_btls_x509_print
mono_btls_x509_revoked_free
mono_btls_x509_revoked_get_reason
mono_btls_x509_revoked_get_revocation_date
mono_btls_x509_revoked_get_sequence
mono_btls_x509_revoked_get_serial_number
mono_btls_x509_revoked_new
mono_btls_x509_store_add_cert
mono_btls_x509_store_ctx_free
mono_btls_x509_store_ctx_from_ptr
mono_btls_x509_store_ctx_get_by_subject
mono_btls_x509_store_ctx_get_chain
mono_btls_x509_store_ctx_get_current_cert
mono_btls_x509_store_ctx_get_current_issuer
mono_btls_x509_store_ctx_get_error
mono_btls_x509_store_ctx_get_error_depth
mono_btls_x509_store_ctx_get_foo
mono_btls_x509_store_ctx_get_untrusted
mono_btls_x509_store_ctx_get_verify_param
mono_btls_x509_store_ctx_init
mono_btls_x509_store_ctx_new
mono_btls_x509_store_ctx_set_param
mono_btls_x509_store_ctx_up_ref
mono_btls_x509_store_ctx_verify_cert
mono_btls_x509_store_free
mono_btls_x509_store_from_ctx
mono_btls_x509_store_from_ssl_ctx
mono_btls_x509_store_from_store
mono_btls_x509_store_get_count
mono_btls_x509_store_load_locations
mono_btls_x509_store_new
mono_btls_x509_store_peek_store
mono_btls_x509_store_set_default_paths
mono_btls_x509_store_up_ref
mono_btls_x509_up_ref
mono_btls_x509_verify_param_add_host
mono_btls_x509_verify_param_can_modify
mono_btls_x509_verify_param_copy
mono_btls_x509_verify_param_free
mono_btls_x509_verify_param_from_store_ctx
mono_btls_x509_verify_param_get_depth
mono_btls_x509_verify_param_get_flags
mono_btls_x509_verify_param_get_mono_flags
mono_btls_x509_verify_param_get_peername
mono_btls_x509_verify_param_lookup
mono_btls_x509_verify_param_new
mono_btls_x509_verify_param_peek_param
mono_btls_x509_verify_param_set_depth
mono_btls_x509_verify_param_set_flags
mono_btls_x509_verify_param_set_host
mono_btls_x509_verify_param_set_mono_flags
mono_btls_x509_verify_param_set_name
mono_btls_x509_verify_param_set_purpose
mono_btls_x509_verify_param_set_time

Sections

.text
Size: 531KB - Virtual size: 530KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/MonoBleedingEdge/EmbedRuntime/mono-2.0-sgen.dll
.dll windows:6 windows x64 arch:x64

7312ab92c78cf8f7d281ff21c2f77357

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Sourcecode\GitHub-Bepis\mono\msvc\build\sgen\x64\bin\Release\mono-2.0-sgen.pdb

Imports

bcrypt

BCryptGenRandom

ws2_32

shutdown
listen
WSASocketW
inet_pton
getpeername
getsockname
ntohs
gethostname
getsockopt
htonl
setsockopt
WSAWaitForMultipleEvents
WSACleanup
WSAStartup
getaddrinfo
getprotobyname
ntohl
closesocket
WSAIoctl
ioctlsocket
recv
connect
socket
send
inet_addr
accept
sendto
WSARecv
recvfrom
WSASetLastError
WSASend
WSAGetLastError
freeaddrinfo
getnameinfo
htons
__WSAFDIsSet
select
bind

ole32

CoInitializeEx
CoUninitialize
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocStringLen
SafeArrayCreate
SysStringLen
SafeArrayPutElement
SysFreeString
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayPtrOfIndex
SafeArrayGetDim

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

advapi32

CreateProcessWithLogonW
GetEffectiveRightsFromAclW
AllocateAndInitializeSid
SetEntriesInAclW
SetNamedSecurityInfoW
CopySid
GetNamedSecurityInfoW
OpenProcessToken
FreeSid
DuplicateToken
GetLengthSid
BuildTrusteeWithSidW
OpenThreadToken
LookupAccountSidW
GetTokenInformation
RevertToSelf
ImpersonateLoggedOnUser

winmm

timeGetDevCaps
timeEndPeriod
timeBeginPeriod
timeSetEvent
timeKillEvent

kernel32

GetProcessTimes
SetProcessWorkingSetSize
CreateProcessW
GetPriorityClass
K32EnumProcesses
OpenProcess
TerminateProcess
SetPriorityClass
GetProcessWorkingSetSize
OpenEventW
OpenSemaphoreW
OpenMutexW
ReleaseMutex
CreateMutexW
GlobalReAlloc
GlobalFree
GlobalAlloc
GetEnvironmentStringsW
OutputDebugStringW
FreeEnvironmentStringsW
FlushFileBuffers
GetDriveTypeW
GetExitCodeProcess
GetFileType
CopyFileW
ReplaceFileW
SetCurrentDirectoryW
UnlockFile
CancelIoEx
GetDiskFreeSpaceExW
FileTimeToSystemTime
GetLogicalDriveStringsW
SetFileAttributesW
SetEndOfFile
SetFilePointer
CreatePipe
LockFile
SetFileTime
RemoveDirectoryW
WriteFile
GetStdHandle
GetFileSizeEx
GetVolumeInformationW
ReadFile
CreateDirectoryW
FreeConsole
MultiByteToWideChar
SetThreadStackGuarantee
RemoveVectoredExceptionHandler
ReleaseSRWLockShared
AddVectoredExceptionHandler
AcquireSRWLockShared
SetUnhandledExceptionFilter
CreateFileA
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
MoveFileW
GetComputerNameW
GetConsoleMode
DeleteFileW
FlushViewOfFile
GetFileAttributesExW
OpenFileMappingW
SetHandleInformation
Sleep
GetTickCount
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
GetThreadLocale
SetEnvironmentVariableW
GetEnvironmentVariableW
GetLocaleInfoA
GetLastError
GetCurrentProcess
GetModuleHandleExW
GetModuleFileNameW
K32GetModuleFileNameExW
FormatMessageW
K32GetModuleBaseNameW
LoadLibraryW
GetCurrentDirectoryW
GetProcAddress
LocalFree
GetModuleHandleW
FreeLibrary
K32EnumProcessModules
QueryPerformanceFrequency
QueryPerformanceCounter
GetACP
HeapCreate
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TlsAlloc
HeapAlloc
HeapDestroy
InitializeSRWLock
SetLastError
SetErrorMode
LoadLibraryExW
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
CloseHandle
GetSystemInfo
CreateFileMappingW
MapViewOfFile
VirtualQuery
GetSystemTimes
GetCurrentProcessId
GetTickCount64
GetSystemTimeAsFileTime
IsDebuggerPresent
SleepConditionVariableCS
TryEnterCriticalSection
TryAcquireSRWLockExclusive
WakeConditionVariable
InitializeConditionVariable
DeleteCriticalSection
SleepConditionVariableSRW
ReleaseSemaphore
CreateSemaphoreW
TlsSetValue
WakeAllConditionVariable
DuplicateHandle
TlsFree
CancelIo
GetCurrentProcessorNumberEx
FlushProcessWriteBuffers
WaitForSingleObject
GetCurrentThreadId
SuspendThread
ResumeThread
ExitThread
CancelSynchronousIo
GetCurrentThread
CreateThread
QueueUserAPC
SwitchToThread
GetThreadContext
SetThreadContext
OpenThread
GlobalMemoryStatusEx
CreateEventW
SetEvent
ResetEvent
SignalObjectAndWait
WaitForMultipleObjectsEx
WaitForSingleObjectEx
SleepEx
RaiseException
GetCommandLineW
CreateFileW
GetSystemDirectoryW
DisableThreadLibraryCalls
GetFileSize
ExitProcess
GetVersionExW
DebugBreak
GetProcessId
VerLanguageNameW
K32GetModuleInformation
SetThreadPriority
GetFileInformationByHandleEx

user32

WaitForInputIdle
MessageBoxW
MsgWaitForMultipleObjectsEx
SendMessageTimeoutW

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetKnownFolderPath
ShellExecuteExW

vcruntime140

__std_type_info_destroy_list
memset
__current_exception_context
__current_exception
wcsrchr
memcmp
__C_specific_handler
strstr
strchr
strrchr
wcschr
memcpy
memmove

api-ms-win-crt-stdio-l1-1-0

_getcwd
__stdio_common_vsprintf_s
__stdio_common_vfprintf
_lseek
_read
__acrt_iob_func
feof
fflush
_close
_write
fseek
ftell
__stdio_common_vsprintf
ferror
fopen
fclose
fwrite
fputs
_wmktemp
_open
_mktemp
__stdio_common_vsscanf
_wopen
_get_osfhandle
_fileno
fread
fgets
_wfopen

api-ms-win-crt-runtime-l1-1-0

_exit
_resetstkoflw
abort
_wsystem
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
terminate
exit
system
_errno
strerror

api-ms-win-crt-heap-l1-1-0

calloc
realloc
free
malloc

api-ms-win-crt-string-l1-1-0

isspace
wcscat_s
iswctype
isdigit
isalnum
_stricmp
isalpha
strcmp
tolower
strtok_s
strncpy
_strdup
strncmp
isxdigit

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
remove
_fstat64i32
rename
_unlink
_access
_wmkdir

api-ms-win-crt-time-l1-1-0

_time64
_utime64
_ftime64
_localtime64
strftime

api-ms-win-crt-math-l1-1-0

ceilf
fma
ceil
atanf
atan2f
atan2
atan
asinf
asin
acosf
acos
_hypot
_dpcomp
_fdpcomp
_dsign
trunc
fmaf
_fdclass
_dclass
sin
fmod
log
floor
log10f
tanhf
tanf
tan
logf
sqrtf
sqrt
sinhf
sinh
cos
cosf
asinhf
modf
modff
atanh
atanhf
cbrtf
acoshf
acosh
copysign
cbrt
asinh
sinf
tanh
cosh
floorf
expf
fmodf
exp
log10
coshf
_fdopen
_fdsign
log2f
scalbnf
pow
round
powf
ilogbf
log2
scalbn
ilogb

api-ms-win-crt-convert-l1-1-0

strtoull
strtod
atoi
_ecvt_s
strtoul
atol
strtol

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-conio-l1-1-0

_getch

Exports

Exports

MonoFixupCorEE
mini_get_debug_options
mini_parse_debug_option
mono_add_internal_call
mono_add_internal_call_internal
mono_add_internal_call_with_flags
mono_aot_register_module
mono_array_addr_with_size
mono_array_class_get
mono_array_clone
mono_array_element_size
mono_array_length
mono_array_new
mono_array_new_full
mono_array_new_specific
mono_assemblies_cleanup
mono_assemblies_init
mono_assembly_addref
mono_assembly_close
mono_assembly_fill_assembly_name
mono_assembly_foreach
mono_assembly_get_assemblyref
mono_assembly_get_image
mono_assembly_get_image_internal
mono_assembly_get_main
mono_assembly_get_name
mono_assembly_get_name_internal
mono_assembly_get_object
mono_assembly_getrootdir
mono_assembly_invoke_load_hook
mono_assembly_invoke_search_hook
mono_assembly_load
mono_assembly_load_from
mono_assembly_load_from_full
mono_assembly_load_full
mono_assembly_load_full_alc
mono_assembly_load_module
mono_assembly_load_module_checked
mono_assembly_load_reference
mono_assembly_load_references
mono_assembly_load_with_partial_name
mono_assembly_loaded
mono_assembly_loaded_full
mono_assembly_name_free
mono_assembly_name_get_culture
mono_assembly_name_get_name
mono_assembly_name_get_pubkeytoken
mono_assembly_name_get_version
mono_assembly_name_new
mono_assembly_names_equal
mono_assembly_open
mono_assembly_open_full
mono_assembly_set_main
mono_assembly_setrootdir
mono_bitset_alloc_size
mono_bitset_clear
mono_bitset_clear_all
mono_bitset_clone
mono_bitset_copyto
mono_bitset_count
mono_bitset_equal
mono_bitset_find_first
mono_bitset_find_first_unset
mono_bitset_find_last
mono_bitset_find_start
mono_bitset_foreach
mono_bitset_free
mono_bitset_intersection
mono_bitset_intersection_2
mono_bitset_invert
mono_bitset_mem_new
mono_bitset_new
mono_bitset_set
mono_bitset_set_all
mono_bitset_size
mono_bitset_sub
mono_bitset_test
mono_bitset_test_bulk
mono_bitset_union
mono_bounded_array_class_get
mono_breakpoint_clean_code
mono_build_date
mono_callspec_cleanup
mono_callspec_eval
mono_callspec_eval_exception
mono_callspec_parse
mono_check_corlib_version
mono_class_array_element_size
mono_class_data_size
mono_class_describe_statics
mono_class_enum_basetype
mono_class_from_generic_parameter
mono_class_from_mono_type
mono_class_from_mono_type_internal
mono_class_from_name
mono_class_from_name_case
mono_class_from_typeref
mono_class_from_typeref_checked
mono_class_get
mono_class_get_byref_type
mono_class_get_checked
mono_class_get_context
mono_class_get_element_class
mono_class_get_event_token
mono_class_get_events
mono_class_get_field
mono_class_get_field_from_name
mono_class_get_field_token
mono_class_get_fields
mono_class_get_flags
mono_class_get_full
mono_class_get_image
mono_class_get_interfaces
mono_class_get_method_from_name
mono_class_get_method_from_name_flags
mono_class_get_methods
mono_class_get_name
mono_class_get_namespace
mono_class_get_nested_types
mono_class_get_nesting_type
mono_class_get_nullable_param
mono_class_get_parent
mono_class_get_properties
mono_class_get_property_from_name
mono_class_get_property_token
mono_class_get_rank
mono_class_get_type
mono_class_get_type_token
mono_class_implements_interface
mono_class_inflate_generic_method
mono_class_inflate_generic_type
mono_class_init
mono_class_instance_size
mono_class_interface_offset
mono_class_is_assignable_from
mono_class_is_delegate
mono_class_is_enum
mono_class_is_nullable
mono_class_is_subclass_of
mono_class_is_valid_enum
mono_class_is_valuetype
mono_class_min_align
mono_class_name_from_token
mono_class_num_events
mono_class_num_fields
mono_class_num_methods
mono_class_num_properties
mono_class_value_size
mono_class_vtable
mono_cli_rva_image_map
mono_compile_method
mono_conc_hashtable_destroy
mono_conc_hashtable_foreach
mono_conc_hashtable_foreach_steal
mono_conc_hashtable_insert
mono_conc_hashtable_lookup
mono_conc_hashtable_new
mono_conc_hashtable_new_full
mono_conc_hashtable_remove
mono_config_cleanup
mono_config_for_assembly
mono_config_get_cpu
mono_config_get_os
mono_config_get_wordsize
mono_config_is_server_mode
mono_config_parse
mono_config_parse_memory
mono_config_set_server_mode
mono_config_string_for_assembly_file
mono_context_get
mono_context_get_desc
mono_context_get_domain_id
mono_context_get_id
mono_context_init
mono_context_set
mono_counter_get_name
mono_counter_get_section
mono_counter_get_size
mono_counter_get_type
mono_counter_get_unit
mono_counter_get_variance
mono_counters_cleanup
mono_counters_dump
mono_counters_enable
mono_counters_foreach
mono_counters_init
mono_counters_on_register
mono_counters_register
mono_counters_register_with_size
mono_counters_sample
mono_cpu_count
mono_cpu_features_disabled
mono_cpu_features_enabled
mono_custom_attrs_construct
mono_custom_attrs_free
mono_custom_attrs_from_assembly
mono_custom_attrs_from_class
mono_custom_attrs_from_event
mono_custom_attrs_from_field
mono_custom_attrs_from_index
mono_custom_attrs_from_method
mono_custom_attrs_from_param
mono_custom_attrs_from_property
mono_custom_attrs_get_attr
mono_custom_attrs_has_attr
mono_dangerous_add_raw_internal_call
mono_debug_add_delegate_trampoline
mono_debug_add_method
mono_debug_cleanup
mono_debug_close_image
mono_debug_close_mono_symbol_file
mono_debug_domain_create
mono_debug_domain_unload
mono_debug_enabled
mono_debug_find_method
mono_debug_free_locals
mono_debug_free_method_jit_info
mono_debug_free_source_location
mono_debug_get_handle
mono_debug_il_offset_from_address
mono_debug_init
mono_debug_lookup_locals
mono_debug_lookup_method
mono_debug_lookup_method_addresses
mono_debug_lookup_source_location
mono_debug_method_lookup_location
mono_debug_open_image_from_memory
mono_debug_open_mono_symbols
mono_debug_print_stack_frame
mono_debug_print_vars
mono_debug_remove_method
mono_debug_symfile_free_location
mono_debug_symfile_is_loaded
mono_debug_symfile_lookup_locals
mono_debug_symfile_lookup_location
mono_debug_symfile_lookup_method
mono_debugger_agent_init
mono_debugger_agent_parse_options
mono_debugger_agent_register_transport
mono_debugger_agent_transport_handshake
mono_debugger_insert_breakpoint
mono_debugger_method_has_breakpoint
mono_debugger_run_finally
mono_declsec_flags_from_assembly
mono_declsec_flags_from_class
mono_declsec_flags_from_method
mono_declsec_get_assembly_action
mono_declsec_get_class_action
mono_declsec_get_demands
mono_declsec_get_inheritdemands_class
mono_declsec_get_inheritdemands_method
mono_declsec_get_linkdemands
mono_declsec_get_method_action
mono_digest_get_public_token
mono_disasm_code
mono_disasm_code_one
mono_dl_fallback_register
mono_dl_fallback_unregister
mono_dllmap_insert
mono_domain_assembly_open
mono_domain_create
mono_domain_create_appdomain
mono_domain_ensure_entry_assembly
mono_domain_finalize
mono_domain_foreach
mono_domain_free
mono_domain_from_appdomain
mono_domain_get
mono_domain_get_by_id
mono_domain_get_friendly_name
mono_domain_get_id
mono_domain_has_type_resolve
mono_domain_is_unloading
mono_domain_owns_vtable_slot
mono_domain_set
mono_domain_set_config
mono_domain_set_internal
mono_domain_try_type_resolve
mono_domain_try_unload
mono_domain_unload
mono_ee_api_version
mono_ee_interp_init
mono_environment_exitcode_get
mono_environment_exitcode_set
mono_error_cleanup
mono_error_get_error_code
mono_error_get_message
mono_error_init
mono_error_init_flags
mono_error_ok
mono_escape_uri_string
mono_event_get_add_method
mono_event_get_flags
mono_event_get_name
mono_event_get_object
mono_event_get_parent
mono_event_get_raise_method
mono_event_get_remove_method
mono_exception_from_name
mono_exception_from_name_domain
mono_exception_from_name_msg
mono_exception_from_name_two_strings
mono_exception_from_token
mono_exception_from_token_two_strings
mono_exception_walk_trace
mono_field_from_token
mono_field_full_name
mono_field_get_data
mono_field_get_flags
mono_field_get_name
mono_field_get_object
mono_field_get_offset
mono_field_get_parent
mono_field_get_type
mono_field_get_value
mono_field_get_value_object
mono_field_set_value
mono_field_static_get_value
mono_field_static_set_value
mono_file_map
mono_file_map_close
mono_file_map_error
mono_file_map_fd
mono_file_map_open
mono_file_map_size
mono_file_unmap
mono_free
mono_free_bstr
mono_free_method
mono_free_verify_list
mono_g_hash_table_destroy
mono_g_hash_table_find
mono_g_hash_table_foreach
mono_g_hash_table_foreach_remove
mono_g_hash_table_insert
mono_g_hash_table_lookup
mono_g_hash_table_lookup_extended
mono_g_hash_table_new_type
mono_g_hash_table_print_stats
mono_g_hash_table_remove
mono_g_hash_table_replace
mono_g_hash_table_size
mono_gc_collect
mono_gc_collection_count
mono_gc_finalize_notify
mono_gc_get_generation
mono_gc_get_heap_size
mono_gc_get_used_size
mono_gc_init_finalizer_thread
mono_gc_invoke_finalizers
mono_gc_max_generation
mono_gc_pending_finalizers
mono_gc_reference_queue_add
mono_gc_reference_queue_free
mono_gc_reference_queue_new
mono_gc_register_bridge_callbacks
mono_gc_register_finalizer_callbacks
mono_gc_register_root
mono_gc_toggleref_add
mono_gc_toggleref_register_callback
mono_gc_wait_for_bridge_processing
mono_gc_walk_heap
mono_gc_wbarrier_arrayref_copy
mono_gc_wbarrier_generic_nostore
mono_gc_wbarrier_generic_store
mono_gc_wbarrier_generic_store_atomic
mono_gc_wbarrier_object_copy
mono_gc_wbarrier_set_arrayref
mono_gc_wbarrier_set_field
mono_gc_wbarrier_value_copy
mono_gchandle_free
mono_gchandle_free_v2
mono_gchandle_get_target
mono_gchandle_get_target_v2
mono_gchandle_new
mono_gchandle_new_v2
mono_gchandle_new_weakref
mono_gchandle_new_weakref_v2
mono_get_array_class
mono_get_boolean_class
mono_get_byte_class
mono_get_char_class
mono_get_config_dir
mono_get_corlib
mono_get_dbnull_object
mono_get_delegate_begin_invoke
mono_get_delegate_end_invoke
mono_get_delegate_invoke
mono_get_double_class
mono_get_enum_class
mono_get_exception_appdomain_unloaded
mono_get_exception_argument
mono_get_exception_argument_null
mono_get_exception_argument_out_of_range
mono_get_exception_arithmetic
mono_get_exception_array_type_mismatch
mono_get_exception_bad_image_format
mono_get_exception_bad_image_format2
mono_get_exception_cannot_unload_appdomain
mono_get_exception_class
mono_get_exception_divide_by_zero
mono_get_exception_execution_engine
mono_get_exception_field_access
mono_get_exception_file_not_found
mono_get_exception_file_not_found2
mono_get_exception_index_out_of_range
mono_get_exception_invalid_cast
mono_get_exception_invalid_operation
mono_get_exception_io
mono_get_exception_method_access
mono_get_exception_missing_field
mono_get_exception_missing_method
mono_get_exception_not_implemented
mono_get_exception_not_supported
mono_get_exception_null_reference
mono_get_exception_out_of_memory
mono_get_exception_overflow
mono_get_exception_reflection_type_load
mono_get_exception_runtime_wrapped
mono_get_exception_security
mono_get_exception_serialization
mono_get_exception_stack_overflow
mono_get_exception_synchronization_lock
mono_get_exception_thread_abort
mono_get_exception_thread_interrupted
mono_get_exception_thread_state
mono_get_exception_type_initialization
mono_get_exception_type_load
mono_get_inflated_method
mono_get_int16_class
mono_get_int32_class
mono_get_int64_class
mono_get_intptr_class
mono_get_machine_config
mono_get_method
mono_get_method_constrained
mono_get_method_full
mono_get_object_class
mono_get_root_domain
mono_get_runtime_build_info
mono_get_sbyte_class
mono_get_single_class
mono_get_string_class
mono_get_thread_class
mono_get_uint16_class
mono_get_uint32_class
mono_get_uint64_class
mono_get_uintptr_class
mono_get_void_class
mono_guid_to_string
mono_guid_to_string_minimal
mono_hazard_pointer_get
mono_icall_table_init
mono_image_add_to_name_cache
mono_image_addref
mono_image_close
mono_image_ensure_section
mono_image_ensure_section_idx
mono_image_fixup_vtable
mono_image_get_assembly
mono_image_get_entry_point
mono_image_get_filename
mono_image_get_guid
mono_image_get_name
mono_image_get_public_key
mono_image_get_resource
mono_image_get_strong_name
mono_image_get_table_info
mono_image_get_table_rows
mono_image_has_authenticode_entry
mono_image_init
mono_image_init_name_cache
mono_image_is_dynamic
mono_image_load_file_for_image
mono_image_load_module
mono_image_loaded
mono_image_loaded_by_guid
mono_image_loaded_by_guid_full
mono_image_loaded_full
mono_image_lookup_resource
mono_image_open
mono_image_open_from_data
mono_image_open_from_data_alc
mono_image_open_from_data_full
mono_image_open_from_data_with_name
mono_image_open_full
mono_image_rva_map
mono_image_strerror
mono_image_strong_name_position
mono_images_cleanup
mono_images_init
mono_init
mono_init_from_assembly
mono_init_version
mono_install_assembly_load_hook
mono_install_assembly_postload_refonly_search_hook
mono_install_assembly_postload_search_hook
mono_install_assembly_preload_hook
mono_install_assembly_preload_hook_v3
mono_install_assembly_refonly_preload_hook

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mono/MonoBleedingEdge/etc/mono/2.0/Browsers/Compat.browser
mono/MonoBleedingEdge/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
.js
mono/MonoBleedingEdge/etc/mono/2.0/machine.config
.xml
mono/MonoBleedingEdge/etc/mono/2.0/settings.map
.xml
mono/MonoBleedingEdge/etc/mono/2.0/web.config
.xml
mono/MonoBleedingEdge/etc/mono/4.0/Browsers/Compat.browser
mono/MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx
.js
mono/MonoBleedingEdge/etc/mono/4.0/machine.config
.xml
mono/MonoBleedingEdge/etc/mono/4.0/settings.map
.xml
mono/MonoBleedingEdge/etc/mono/4.0/web.config
.xml
mono/MonoBleedingEdge/etc/mono/4.5/Browsers/Compat.browser
mono/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx
.js
mono/MonoBleedingEdge/etc/mono/4.5/machine.config
.xml
mono/MonoBleedingEdge/etc/mono/4.5/settings.map
.xml
mono/MonoBleedingEdge/etc/mono/4.5/web.config
.xml
mono/MonoBleedingEdge/etc/mono/browscap.ini
mono/MonoBleedingEdge/etc/mono/config
mono/MonoBleedingEdge/etc/mono/mconfig/config.xml
.xml
winhttp.dll
.dll windows:6 windows x64 arch:x64

26aaf6d092b2094f4d3bc0710b708de0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
GetFileAttributesW
GetFullPathNameW
HeapFree
LocalFree
lstrcmpiW
GetPrivateProfileStringW
HeapAlloc
GetStdHandle
GetCommandLineA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetLastError
GetProcessHeap
ExitProcess
GetSystemDirectoryW
VirtualProtect
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryW
lstrcmpA
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte

user32

MessageBoxW
wsprintfW

shell32

CommandLineToArgvW

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
Private1
SvchostPushServiceGlobals
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
WinHttpAddRequestHeaders
WinHttpAutoProxySvcMain
WinHttpCheckPlatform
WinHttpCloseHandle
WinHttpConnect
WinHttpConnectionDeletePolicyEntries
WinHttpConnectionDeleteProxyInfo
WinHttpConnectionFreeNameList
WinHttpConnectionFreeProxyInfo
WinHttpConnectionFreeProxyList
WinHttpConnectionGetNameList
WinHttpConnectionGetProxyInfo
WinHttpConnectionGetProxyList
WinHttpConnectionSetPolicyEntries
WinHttpConnectionSetProxyInfo
WinHttpConnectionUpdateIfIndexTable
WinHttpCrackUrl
WinHttpCreateProxyResolver
WinHttpCreateUrl
WinHttpDetectAutoProxyConfigUrl
WinHttpFreeProxyResult
WinHttpFreeProxyResultEx
WinHttpFreeProxySettings
WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpGetProxyForUrlEx
WinHttpGetProxyForUrlEx2
WinHttpGetProxyForUrlHvsi
WinHttpGetProxyResult
WinHttpGetProxyResultEx
WinHttpGetProxySettingsVersion
WinHttpGetTunnelSocket
WinHttpOpen
WinHttpOpenRequest
WinHttpPacJsWorkerMain
WinHttpProbeConnectivity
WinHttpQueryAuthSchemes
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpQueryOption
WinHttpReadData
WinHttpReadProxySettings
WinHttpReadProxySettingsHvsi
WinHttpReceiveResponse
WinHttpResetAutoProxy
WinHttpSaveProxyCredentials
WinHttpSendRequest
WinHttpSetCredentials
WinHttpSetDefaultProxyConfiguration
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
WinHttpWebSocketClose
WinHttpWebSocketCompleteUpgrade
WinHttpWebSocketQueryCloseStatus
WinHttpWebSocketReceive
WinHttpWebSocketSend
WinHttpWebSocketShutdown
WinHttpWriteData
WinHttpWriteProxySettings

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 255KB - Virtual size: 255KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 23KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 105KB - Virtual size: 104KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 74KB - Virtual size: 73KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 371KB - Virtual size: 370KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

.text
Size: 255KB - Virtual size: 255KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 371KB - Virtual size: 370KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 284KB - Virtual size: 283KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 126KB - Virtual size: 125KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 12B