Cr0sshair[.]X[.]by[.]kxndz1o[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Cr0sshair.X.by.kxndz1o.7z
Size

347.8MB
MD5

5e7a93248e11f82e9eb1105cfd419e31
SHA1

25e631c8dfab96a04c8b444cd6c912a60263c710
SHA256

b79ce82af7c9610654a96e73bd965b396a70e3066a4fded5eac4211ebfb523c8
SHA512

88433d180c80b951b14ec39f779996c926dec446c1faa7d19499dd15bd013978fc0d2b07d4f6f8dce62955b1f71bce745989b422c3c1679179cdb32b711e71b2
SSDEEP

6291456:9osUkMBLCmK2tdRDdWKjAnh9OcXERvmSy8XaJWie9gwXHEATTA8+e1snEWPyC1D0:9osi0mK2TFyh0ntNtiY53EOA8+eX4rL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/ControllerEvents/ds5js/build/Release/ds5js.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/ControllerEvents/xinputjs/build/Release/xinputjs.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@abberdeen/global-mkh/bin/win32-x64-109/global-mkh.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@abberdeen/global-mkh/build/Release/global_mkh.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-au/windows.applicationmodel/bin/win32-x64-109/windows.applicationmodel.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-au/windows.applicationmodel/build/Release/binding.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.applicationmodel.appservice/bin/win32-x64-109/windows.applicationmodel.appservice.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.applicationmodel.appservice/build/Release/binding.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation.collections/bin/win32-x64-109/windows.foundation.collections.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation.collections/build/Release/binding.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation/bin/win32-x64-109/windows.foundation.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation/build/Release/binding.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/ds5js/build/Release/ds5js.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/global-mouse-events/bin/win32-x64-109/global-mouse-events.node
unpack001/Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/global-mouse-events/build/Release/global_mouse_events.node

Files

Cr0sshair.X.by.kxndz1o.7z
.7z
Cr0sshair.X.by.kxndz1o/LICENSE
Cr0sshair.X.by.kxndz1o/LICENSES.chromium.html
Cr0sshair.X.by.kxndz1o/chrome_100_percent.pak
Cr0sshair.X.by.kxndz1o/chrome_200_percent.pak
Cr0sshair.X.by.kxndz1o/icudtl.dat
Cr0sshair.X.by.kxndz1o/locales/af.pak
Cr0sshair.X.by.kxndz1o/locales/am.pak
Cr0sshair.X.by.kxndz1o/locales/ar.pak
Cr0sshair.X.by.kxndz1o/locales/bg.pak
Cr0sshair.X.by.kxndz1o/locales/bn.pak
Cr0sshair.X.by.kxndz1o/locales/ca.pak
Cr0sshair.X.by.kxndz1o/locales/cs.pak
Cr0sshair.X.by.kxndz1o/locales/da.pak
Cr0sshair.X.by.kxndz1o/locales/de.pak
.ps1
Cr0sshair.X.by.kxndz1o/locales/el.pak
Cr0sshair.X.by.kxndz1o/locales/en-GB.pak
Cr0sshair.X.by.kxndz1o/locales/en-US.pak
Cr0sshair.X.by.kxndz1o/locales/es-419.pak
Cr0sshair.X.by.kxndz1o/locales/es.pak
Cr0sshair.X.by.kxndz1o/locales/et.pak
Cr0sshair.X.by.kxndz1o/locales/fa.pak
Cr0sshair.X.by.kxndz1o/locales/fi.pak
Cr0sshair.X.by.kxndz1o/locales/fil.pak
Cr0sshair.X.by.kxndz1o/locales/fr.pak
Cr0sshair.X.by.kxndz1o/locales/gu.pak
Cr0sshair.X.by.kxndz1o/locales/he.pak
Cr0sshair.X.by.kxndz1o/locales/hi.pak
Cr0sshair.X.by.kxndz1o/locales/hr.pak
Cr0sshair.X.by.kxndz1o/locales/hu.pak
Cr0sshair.X.by.kxndz1o/locales/id.pak
Cr0sshair.X.by.kxndz1o/locales/it.pak
Cr0sshair.X.by.kxndz1o/locales/ja.pak
Cr0sshair.X.by.kxndz1o/locales/kn.pak
Cr0sshair.X.by.kxndz1o/locales/ko.pak
Cr0sshair.X.by.kxndz1o/locales/lt.pak
Cr0sshair.X.by.kxndz1o/locales/lv.pak
Cr0sshair.X.by.kxndz1o/locales/ml.pak
Cr0sshair.X.by.kxndz1o/locales/mr.pak
Cr0sshair.X.by.kxndz1o/locales/ms.pak
Cr0sshair.X.by.kxndz1o/locales/nb.pak
Cr0sshair.X.by.kxndz1o/locales/nl.pak
Cr0sshair.X.by.kxndz1o/locales/pl.pak
Cr0sshair.X.by.kxndz1o/locales/pt-BR.pak
Cr0sshair.X.by.kxndz1o/locales/pt-PT.pak
Cr0sshair.X.by.kxndz1o/locales/ro.pak
Cr0sshair.X.by.kxndz1o/locales/ru.pak
Cr0sshair.X.by.kxndz1o/locales/sk.pak
Cr0sshair.X.by.kxndz1o/locales/sl.pak
Cr0sshair.X.by.kxndz1o/locales/sr.pak
Cr0sshair.X.by.kxndz1o/locales/sv.pak
Cr0sshair.X.by.kxndz1o/locales/sw.pak
Cr0sshair.X.by.kxndz1o/locales/ta.pak
Cr0sshair.X.by.kxndz1o/locales/te.pak
Cr0sshair.X.by.kxndz1o/locales/th.pak
Cr0sshair.X.by.kxndz1o/locales/tr.pak
Cr0sshair.X.by.kxndz1o/locales/uk.pak
Cr0sshair.X.by.kxndz1o/locales/ur.pak
Cr0sshair.X.by.kxndz1o/locales/vi.pak
Cr0sshair.X.by.kxndz1o/locales/zh-CN.pak
Cr0sshair.X.by.kxndz1o/locales/zh-TW.pak
Cr0sshair.X.by.kxndz1o/resources/app.asar
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/assets/logo_Jvr_icon.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/build/logo_Jvr_icon.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/logo_Jvr_icon.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/ControllerEvents/ds5js/build/Release/ds5js.node
.dll windows:6 windows x64 arch:x64

f4d0f1931cfc63dc383c86bb7b47a0f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_FlushQueue
HidD_GetFeature
HidP_GetCaps

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

WriteConsoleW
SetFilePointerEx
GetConsoleMode
CreateFileW
ReadFile
WriteFile
CloseHandle
GetModuleHandleA
GetProcAddress
GetConsoleCP
RaiseException
GetLastError
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers

Exports

Exports

??0ArrayBufferAllocator@node@@QEAA@$$QEAV01@@Z
??0ArrayBufferAllocator@node@@QEAA@AEBV01@@Z
??0ArrayBufferAllocator@node@@QEAA@XZ
??0IsolatePlatformDelegate@node@@QEAA@$$QEAV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@AEBV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@XZ
??0MultiIsolatePlatform@node@@QEAA@AEBV01@@Z
??0MultiIsolatePlatform@node@@QEAA@XZ
??1ArrayBufferAllocator@node@@UEAA@XZ
??1CallbackScope@AsyncResource@node@@QEAA@XZ
??1MultiIsolatePlatform@node@@UEAA@XZ
??4ArrayBufferAllocator@node@@QEAAAEAV01@$$QEAV01@@Z
??4ArrayBufferAllocator@node@@QEAAAEAV01@AEBV01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@$$QEAU01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@AEBU01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@$$QEAV01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@AEBV01@@Z
??4MultiIsolatePlatform@node@@QEAAAEAV01@AEBV01@@Z
??_7ArrayBufferAllocator@node@@6B@
??_7IsolatePlatformDelegate@node@@6B@
??_7MultiIsolatePlatform@node@@6B@
_register_ds5js_

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/ControllerEvents/xinputjs/build/Release/xinputjs.node
.dll windows:6 windows x64 arch:x64

f99f1617b96032441d7b5e36ea71ef48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

xinput1_4

ord2

kernel32

HeapFree
WriteConsoleW
GetModuleHandleA
GetProcAddress
CloseHandle
RaiseException
GetLastError
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW

Exports

Exports

??0ArrayBufferAllocator@node@@QEAA@$$QEAV01@@Z
??0ArrayBufferAllocator@node@@QEAA@AEBV01@@Z
??0ArrayBufferAllocator@node@@QEAA@XZ
??0IsolatePlatformDelegate@node@@QEAA@$$QEAV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@AEBV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@XZ
??0MultiIsolatePlatform@node@@QEAA@AEBV01@@Z
??0MultiIsolatePlatform@node@@QEAA@XZ
??1ArrayBufferAllocator@node@@UEAA@XZ
??1CallbackScope@AsyncResource@node@@QEAA@XZ
??1MultiIsolatePlatform@node@@UEAA@XZ
??4ArrayBufferAllocator@node@@QEAAAEAV01@$$QEAV01@@Z
??4ArrayBufferAllocator@node@@QEAAAEAV01@AEBV01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@$$QEAU01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@AEBU01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@$$QEAV01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@AEBV01@@Z
??4MultiIsolatePlatform@node@@QEAAAEAV01@AEBV01@@Z
??_7ArrayBufferAllocator@node@@6B@
??_7IsolatePlatformDelegate@node@@6B@
??_7MultiIsolatePlatform@node@@6B@
_register_ds5js_

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/Logo/logo.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/main-process/Logo/logo_Jvr_icon.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@abberdeen/global-mkh/bin/win32-x64-109/global-mkh.node
.dll windows:6 windows x64 arch:x64

e6b5b34fa703a8c990e6ba06be98a02a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@abberdeen\global-mkh\build\Release\global_mkh.pdb

Imports

kernel32

GetModuleHandleA
ResumeThread
GetLastError
CloseHandle
CreateThread
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
WriteConsoleW
CreateFileW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

GetKeyNameTextA
GetMessageA
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageW
GetAsyncKeyState
CallNextHookEx

Exports

Exports

_register_global_mkh_

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@abberdeen/global-mkh/build/Release/global_mkh.node
.dll windows:6 windows x64 arch:x64

e6b5b34fa703a8c990e6ba06be98a02a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@abberdeen\global-mkh\build\Release\global_mkh.pdb

Imports

kernel32

GetModuleHandleA
ResumeThread
GetLastError
CloseHandle
CreateThread
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
WriteConsoleW
CreateFileW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

GetKeyNameTextA
GetMessageA
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageW
GetAsyncKeyState
CallNextHookEx

Exports

Exports

_register_global_mkh_

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-au/windows.applicationmodel/bin/win32-x64-109/windows.applicationmodel.node
.dll windows:6 windows x64 arch:x64

8cbbd43fa34dd9fd0fddfdc8be5da6ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-au\windows.applicationmodel\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

ole32

CoTaskMemFree
CoInitializeEx
CoGetContextToken
CoCreateFreeThreadedMarshaler
StringFromCLSID

vccorlib140

?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
??0Object@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z

msvcp140

_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Cnd_wait
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
_purecall
__std_terminate
memset
__C_specific_handler
memmove

api-ms-win-crt-string-l1-1-0

wcslen
_wcsnicmp
_stricmp

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_wassert
_execute_onexit_table
_crt_atexit
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_invoke_watson
abort
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsDuplicateString
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-au/windows.applicationmodel/build/Release/binding.node
.dll windows:6 windows x64 arch:x64

8cbbd43fa34dd9fd0fddfdc8be5da6ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-au\windows.applicationmodel\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

ole32

CoTaskMemFree
CoInitializeEx
CoGetContextToken
CoCreateFreeThreadedMarshaler
StringFromCLSID

vccorlib140

?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
??0Object@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z

msvcp140

_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Cnd_wait
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
_purecall
__std_terminate
memset
__C_specific_handler
memmove

api-ms-win-crt-string-l1-1-0

wcslen
_wcsnicmp
_stricmp

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_wassert
_execute_onexit_table
_crt_atexit
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_invoke_watson
abort
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsDuplicateString
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.applicationmodel.appservice/bin/win32-x64-109/windows.applicationmodel.appservice.node
.dll windows:6 windows x64 arch:x64

72942ae37b9bb7399021eea89b9ec953

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.applicationmodel.appservice\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

ole32

CoInitializeEx
CoGetContextToken
CoCreateFreeThreadedMarshaler

vccorlib140

?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z

msvcp140

_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_wait

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
_purecall
__std_terminate
__C_specific_handler
memset
memmove

api-ms-win-crt-string-l1-1-0

_stricmp
wcslen
_wcsnicmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_wassert
_invoke_watson
abort
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsGetStringLen
WindowsDuplicateString
WindowsDeleteString
WindowsGetStringRawBuffer

Exports

Exports

_register_binding_

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.applicationmodel.appservice/build/Release/binding.node
.dll windows:6 windows x64 arch:x64

72942ae37b9bb7399021eea89b9ec953

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.applicationmodel.appservice\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

ole32

CoInitializeEx
CoGetContextToken
CoCreateFreeThreadedMarshaler

vccorlib140

?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z

msvcp140

_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xbad_function_call@std@@YAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_wait

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
_purecall
__std_terminate
__C_specific_handler
memset
memmove

api-ms-win-crt-string-l1-1-0

_stricmp
wcslen
_wcsnicmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_configure_narrow_argv
_cexit
_initterm
_initterm_e
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_wassert
_invoke_watson
abort
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsGetStringLen
WindowsDuplicateString
WindowsDeleteString
WindowsGetStringRawBuffer

Exports

Exports

_register_binding_

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation.collections/bin/win32-x64-109/windows.foundation.collections.node
.dll windows:6 windows x64 arch:x64

d1bf195022f056a9bd29eb83e92683e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.foundation.collections\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DecodePointer
LoadLibraryExA

ole32

CoCreateFreeThreadedMarshaler
CoInitializeEx

vccorlib140

?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
??0Delegate@Platform@@QE$AAA@XZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?UninitializeData@Details@Platform@@YAXH@Z
?InitializeData@Details@Platform@@YAJH@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
?__abi_WinRTraiseCOMException@@YAXJ@Z

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__C_specific_handler
__std_terminate
__std_type_info_destroy_list
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_compare

api-ms-win-crt-string-l1-1-0

_stricmp
_wcsnicmp
wcslen

api-ms-win-crt-runtime-l1-1-0

_wassert
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsDuplicateString
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation.collections/build/Release/binding.node
.dll windows:6 windows x64 arch:x64

d1bf195022f056a9bd29eb83e92683e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.foundation.collections\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DecodePointer
LoadLibraryExA

ole32

CoCreateFreeThreadedMarshaler
CoInitializeEx

vccorlib140

?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
??0Delegate@Platform@@QE$AAA@XZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?UninitializeData@Details@Platform@@YAXH@Z
?InitializeData@Details@Platform@@YAJH@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
?__abi_WinRTraiseCOMException@@YAXJ@Z

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__C_specific_handler
__std_terminate
__std_type_info_destroy_list
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_compare

api-ms-win-crt-string-l1-1-0

_stricmp
_wcsnicmp
wcslen

api-ms-win-crt-runtime-l1-1-0

_wassert
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsDuplicateString
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation/bin/win32-x64-109/windows.foundation.node
.dll windows:6 windows x64 arch:x64

19362bae2a784c9edf1be39894e394a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.foundation\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
ReleaseSRWLockExclusive
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive

ole32

CoInitializeEx
CLSIDFromString
StringFromCLSID
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree

vccorlib140

?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?get@Right@Rect@Foundation@Windows@@QEAAMXZ
?get@Empty@Rect@Foundation@Windows@@SA?AV234@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
??0Object@Platform@@QE$AAA@XZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?get@Bottom@Rect@Foundation@Windows@@QEAAMXZ
??0Delegate@Platform@@QE$AAA@XZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z

msvcp140

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__std_type_info_destroy_list
memmove
__std_exception_copy
__std_exception_destroy
memcpy
__C_specific_handler
__std_type_info_compare
__std_terminate
memset

api-ms-win-crt-string-l1-1-0

_stricmp
_wcsnicmp
wcslen

api-ms-win-crt-runtime-l1-1-0

_wassert
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_invoke_watson
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/@nodert-win10-rs4/windows.foundation/build/Release/binding.node
.dll windows:6 windows x64 arch:x64

19362bae2a784c9edf1be39894e394a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\@nodert-win10-rs4\windows.foundation\build\Release\binding.pdb

Imports

kernel32

GetModuleHandleA
DecodePointer
ReleaseSRWLockExclusive
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive

ole32

CoInitializeEx
CLSIDFromString
StringFromCLSID
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree

vccorlib140

?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?get@Right@Rect@Foundation@Windows@@QEAAMXZ
?get@Empty@Rect@Foundation@Windows@@SA?AV234@XZ
??0NullReferenceException@Platform@@QE$AAA@XZ
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
??0Object@Platform@@QE$AAA@XZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?get@Bottom@Rect@Foundation@Windows@@QEAAMXZ
??0Delegate@Platform@@QE$AAA@XZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z

msvcp140

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__std_type_info_destroy_list
memmove
__std_exception_copy
__std_exception_destroy
memcpy
__C_specific_handler
__std_type_info_compare
__std_terminate
memset

api-ms-win-crt-string-l1-1-0

_stricmp
_wcsnicmp
wcslen

api-ms-win-crt-runtime-l1-1-0

_wassert
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_invoke_watson
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsDeleteString

Exports

Exports

_register_binding_

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/ds5js/build/Release/ds5js.node
.dll windows:6 windows x64 arch:x64

f4d0f1931cfc63dc383c86bb7b47a0f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_FlushQueue
HidD_GetFeature
HidP_GetCaps

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

WriteConsoleW
SetFilePointerEx
GetConsoleMode
CreateFileW
ReadFile
WriteFile
CloseHandle
GetModuleHandleA
GetProcAddress
GetConsoleCP
RaiseException
GetLastError
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers

Exports

Exports

??0ArrayBufferAllocator@node@@QEAA@$$QEAV01@@Z
??0ArrayBufferAllocator@node@@QEAA@AEBV01@@Z
??0ArrayBufferAllocator@node@@QEAA@XZ
??0IsolatePlatformDelegate@node@@QEAA@$$QEAV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@AEBV01@@Z
??0IsolatePlatformDelegate@node@@QEAA@XZ
??0MultiIsolatePlatform@node@@QEAA@AEBV01@@Z
??0MultiIsolatePlatform@node@@QEAA@XZ
??1ArrayBufferAllocator@node@@UEAA@XZ
??1CallbackScope@AsyncResource@node@@QEAA@XZ
??1MultiIsolatePlatform@node@@UEAA@XZ
??4ArrayBufferAllocator@node@@QEAAAEAV01@$$QEAV01@@Z
??4ArrayBufferAllocator@node@@QEAAAEAV01@AEBV01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@$$QEAU01@@Z
??4DeleteACHHandle@node@@QEAAAEAU01@AEBU01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@$$QEAV01@@Z
??4IsolatePlatformDelegate@node@@QEAAAEAV01@AEBV01@@Z
??4MultiIsolatePlatform@node@@QEAAAEAV01@AEBV01@@Z
??_7ArrayBufferAllocator@node@@6B@
??_7IsolatePlatformDelegate@node@@6B@
??_7MultiIsolatePlatform@node@@6B@
_register_ds5js_

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/electron-windows-store/ElectronInstaller/ElectronInstaller/atom.ico
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/global-mouse-events/bin/win32-x64-109/global-mouse-events.node
.dll windows:6 windows x64 arch:x64

0716ae0cdd60b94d61804e7fe0125a59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\global-mouse-events\build\Release\global_mouse_events.pdb

Imports

kernel32

GetModuleHandleA
ResumeThread
GetLastError
CloseHandle
CreateThread
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
WriteConsoleW
CreateFileW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageW
CallNextHookEx
GetMessageA

Exports

Exports

_register_global_mouse_events_

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/global-mouse-events/build/Release/global_mouse_events.node
.dll windows:6 windows x64 arch:x64

0716ae0cdd60b94d61804e7fe0125a59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\CrosshairX\CrosshairX\node_modules\global-mouse-events\build\Release\global_mouse_events.pdb

Imports

kernel32

GetModuleHandleA
ResumeThread
GetLastError
CloseHandle
CreateThread
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
WriteConsoleW
CreateFileW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageW
CallNextHookEx
GetMessageA

Exports

Exports

_register_global_mouse_events_

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/darwin_arm64/koffi.node
.dylib macos arch:arm64
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/darwin_x64/koffi.node
.dylib macos arch:x64
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/freebsd_arm64/koffi.node
.elf linux aarch64
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/freebsd_ia32/koffi.node
.elf linux x86
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/freebsd_x64/koffi.node
.elf linux x64
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/linux_arm32hf/koffi.node
.elf linux arm
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/linux_arm64/koffi.node
.elf linux aarch64
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/linux_ia32/koffi.node
.elf linux x86
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/linux_riscv64hf64/koffi.node
.elf linux riscv
Cr0sshair.X.by.kxndz1o/resources/app.asar.unpacked/node_modules/koffi/build/koffi/linux_x64/koffi.node
.elf linux x64

Sharing

General

Malware Config

Signatures

Files

f4d0f1931cfc63dc383c86bb7b47a0f2

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

kernel32

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 4KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

f99f1617b96032441d7b5e36ea71ef48

Headers

DLL Characteristics

File Characteristics

Imports

xinput1_4

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 4KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

e6b5b34fa703a8c990e6ba06be98a02a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

e6b5b34fa703a8c990e6ba06be98a02a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

8cbbd43fa34dd9fd0fddfdc8be5da6ae

Headers

DLL Characteristics

File Characteristics

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 14KB - Virtual size: 15KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 269KB - Virtual size: 268KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 14KB - Virtual size: 15KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 9KB - Virtual size: 11KB

.pdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B