d70f13ab7cfe7daa9883447c1c80652c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d70f13ab7cfe7daa9883447c1c80652c_JaffaCakes118
Size

14.8MB
MD5

d70f13ab7cfe7daa9883447c1c80652c
SHA1

5f12f50d7a651a9ad3b15f4bdbdd9c1f358e040d
SHA256

e12957e3e656c2d030d6566b64591a94cf12292715dfbee47140304eaced8141
SHA512

f114491b66d5bbc74d9f106eece7aebcb30680d5736c6e30ab9984846e9c5140bf1ea1485772e3201c96ad93f39969dcaf5d3a3555843b2a2e5824e63eaec6bb
SSDEEP

393216:7FoeUNUGChKM5mNkS9QTUrTTqoIHe/xA7FWfHIEzpI:7Fo1NUGChK3qTITTCHe/y7FWP5z6

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/DotNetChecker.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsisdl.dll
unpack001/Ionic.Zip.dll
unpack001/ItpClientUninstall.exe
unpack001/ItpLibraryNet.dll
unpack001/ItpNativeSupportX32.dll
unpack001/ItpNativeSupportX64.dll
unpack001/Tor/libeay32.dll
unpack001/Tor/libevent-2-0-5.dll
unpack001/Tor/libevent_core-2-0-5.dll
unpack001/Tor/libevent_extra-2-0-5.dll
unpack001/Tor/libgcc_s_sjlj-1.dll
unpack001/Tor/libssp-0.dll
unpack001/Tor/ssleay32.dll
unpack001/Tor/zlib1.dll
unpack001/nfapi.dll
unpack001/nfapinet.dll
unpack001/nunit.framework.dll

Files

d70f13ab7cfe7daa9883447c1c80652c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ea4df5d94204fc550be1874e1b77ea7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

26/02/2016, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:ec:d4:79:1f:9a:73:18:4f:e7:70:21:82:22:86:12:87:82:20:8e:fd:40:12:28:20:01:11:cb:cf:60:f4:1e
Signer

Actual PE Digest

96:ec:d4:79:1f:9a:73:18:4f:e7:70:21:82:22:86:12:87:82:20:8e:fd:40:12:28:20:01:11:cb:cf:60:f4:1e

Digest Algorithm

sha256

PE Digest Matches

true

96:db:9c:c8:00:2d:2c:82:dd:85:22:26:ac:03:8f:44:41:fa:89:54
Signer

Actual PE Digest

96:db:9c:c8:00:2d:2c:82:dd:85:22:26:ac:03:8f:44:41:fa:89:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
Sleep
GetTickCount
CreateFileW
GetFileSize
MoveFileW
SetFileAttributesW
GetModuleFileNameW
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
WaitForSingleObject
GetCurrentProcess
CompareFileTime
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
lstrcpyW
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalAlloc
GetShortPathNameW
SearchPathW
lstrcmpiW
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
lstrcmpW
GetDiskFreeSpaceW
lstrlenW
lstrcpynW
GetExitCodeProcess
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
IsWindowEnabled
EnableMenuItem
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
wsprintfW
ScreenToClient
GetWindowRect
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
LoadImageW
SetTimer
SetWindowTextW
PostQuitMessage
ShowWindow
GetDlgItem
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegDeleteKeyW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/DotNetChecker.dll
.dll windows:6 windows x86 arch:x86

f657cdbb0ef64f27813cf66292211d81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\NSISDotNetChecker\plugin\Release\DotNetChecker.pdb

Imports

kernel32

GetSystemInfo
LoadLibraryW
CreateFileW
CloseHandle
LoadLibraryExW
FreeLibrary
GetProcAddress
SetErrorMode
lstrcpynW
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetModuleFileNameW
RtlUnwind
HeapAlloc
HeapReAlloc
LCMapStringW
OutputDebugStringW
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW

user32

GetSystemMetrics
wsprintfW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

GetDotNet10ServicePack
GetDotNet11ServicePack
GetDotNet20ServicePack
GetDotNet30ServicePack
GetDotNet35ServicePack
GetDotNet40ClientServicePack
GetDotNet40FullServicePack
GetDotNet45ServicePack
IsDotNet10Installed
IsDotNet11Installed
IsDotNet20Installed
IsDotNet30Installed
IsDotNet35Installed
IsDotNet40ClientInstalled
IsDotNet40FullInstalled
IsDotNet45Installed

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GlobalFree
lstrcpynW
lstrcmpW
GlobalAlloc
MulDiv
GetModuleHandleW
lstrcpyW

user32

DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
SetWindowTextW
LoadIconW
ShowWindow
SendMessageW
GetDC

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

80469f6834e579db68a646d49780b9d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
FindClose
FindNextFileW
lstrcmpW
GetModuleHandleW
lstrcmpiW
MulDiv
lstrcpynW
GlobalAlloc
lstrcpyW
FindFirstFileW
GlobalFree

user32

GetMessageW
TranslateMessage
PostMessageW
DispatchMessageW
GetDlgItem
GetWindowLongW
CheckDlgButton
ShowWindow
LoadIconW
GetClientRect
MoveWindow
DestroyWindow
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextW
SendMessageW
IsDlgButtonChecked
GetWindowTextW
CreateDialogParamW
SetWindowLongW
wsprintfW
ScreenToClient
IsDialogMessageW
CallWindowProcW

gdi32

GetTextMetricsW
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

e2ee55bddad4241d619d6a8a38e2d869

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
GetDlgItem
GetSysColor
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsisdl.dll
.dll windows:4 windows x86 arch:x86

d09878220c1fdc2c2325ac1b89d388da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
WaitForSingleObject
CloseHandle
lstrlenA
GlobalAlloc
GlobalFree
MulDiv
lstrcatA
GetTickCount
Sleep
WriteFile
CreateFileW
lstrcpyW
lstrcpynW
WideCharToMultiByte
MultiByteToWideChar
DeleteFileW
lstrcpyA
lstrcmpiA
CreateThread

user32

SetWindowLongW
RegisterWindowMessageW
CallWindowProcW
DestroyWindow
EnableWindow
CharPrevA
GetWindowRect
CreateWindowExW
SetDlgItemTextA
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExW
wsprintfA
SetWindowTextA
SendMessageW
GetWindowLongW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

wsock32

__WSAFDIsSet
ioctlsocket
inet_ntoa
htons
socket
closesocket
shutdown
connect
gethostbyname
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R1/Mask Surf Ultimate/torrc
$R1/Tor/geoip
$R1/Tor/geoip6
$SYSDIR/drivers/msu.sys
.sys windows:6 windows x64 arch:x64

8937114ad0c08810211a8d9288f82104

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:fe:e4:1d:f1:1a:51:c9:5a:c9:a2:d9:2b:54:78:06:5d:ef:ac:bd
Signer

Actual PE Digest

58:fe:e4:1d:f1:1a:51:c9:5a:c9:a2:d9:2b:54:78:06:5d:ef:ac:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

j:\projects\netfilter3\driver_tdi\std\objfre_wnet_amd64\amd64\netfilter2.pdb

Imports

ntoskrnl.exe

KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
IofCompleteRequest
IoCreateSymbolicLink
ObfDereferenceObject
IoCreateDevice
ObOpenObjectByPointer
IoDeleteSymbolicLink
PsLookupProcessByProcessId
RtlInitUnicodeString
IoDeleteDevice
MmGetSystemRoutineAddress
ZwClose
IoDetachDevice
IofCallDriver
KeWaitForSingleObject
PsGetCurrentProcessId
IoAllocateMdl
IoBuildDeviceIoControlRequest
ExFreePoolWithTag
MmBuildMdlForNonPagedPool
IoFreeMdl
KeInsertQueueDpc
ObReferenceObjectByHandle
IoFreeIrp
IoAllocateIrp
IoReleaseCancelSpinLock
MmMapLockedPagesSpecifyCache
RtlAppendUnicodeToString
KeInitializeDpc
KeInitializeTimer
IoAttachDeviceToDeviceStack
IoGetDeviceObjectPointer
MmAllocatePagesForMdl
KeSetTimer
ObfReferenceObject
MmFreePagesFromMdl
MmUnmapLockedPages
KeBugCheckEx
KeInitializeEvent
ExAllocatePoolWithTag
__C_specific_handler

tdi.sys

TdiMapUserRequest

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FalseIPScanner.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

26/02/2016, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

60:78:4a:cf:17:92:b7:7c:f4:ce:60:c2:2e:e6:bc:fc:4c:ac:0c:ba:2d:84:0c:0a:5e:81:23:d8:81:5d:74:a2
Signer

Actual PE Digest

60:78:4a:cf:17:92:b7:7c:f4:ce:60:c2:2e:e6:bc:fc:4c:ac:0c:ba:2d:84:0c:0a:5e:81:23:d8:81:5d:74:a2

Digest Algorithm

sha256

PE Digest Matches

true

89:7b:88:e3:51:20:78:fc:c1:9c:a3:0c:92:82:c0:38:43:27:51:40
Signer

Actual PE Digest

89:7b:88:e3:51:20:78:fc:c1:9c:a3:0c:92:82:c0:38:43:27:51:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\MSU\FalseIPScanner\FalseIPScanner\obj\x86\Release\FalseIPScanner.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ionic.Zip.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\DotNetZip\Zip\obj\Debug\Ionic.Zip.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ItpClientUninstall.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ItpLibraryNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ItpNativeSupportX32.dll
.dll windows:5 windows x86 arch:x86

8f8b799b7712fa7c62e22a1c202fabf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\ItpNativeLibraryWithDemo\ItpNativeSupport\x86-Release-Out\ItpNativeSupportX32.pdb

Imports

kernel32

CloseHandle
GetComputerNameA
InterlockedDecrement
WideCharToMultiByte
GetCurrentThread
GetSystemInfo
SetThreadAffinityMask
GetProcessHeap
lstrlenA
GetVersionExA
DeviceIoControl
GetLastError
GetCurrentProcess
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
SetPriorityClass
CreateFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
HeapSize
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA

user32

MessageBoxA
EnumDisplayDevicesA

advapi32

RegQueryValueExA
RegOpenKeyExA
GetUserNameA

ole32

CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString

ws2_32

inet_ntoa
gethostname
WSAStartup
WSACleanup
gethostbyname

iphlpapi

GetAdaptersInfo

Exports

Exports

GetBindingBios
GetBindingHardDrive
GetBindingMacAddress
GetBindingMotherBoard
GetBindingProcessor
GetBindingUserName
GetBindingVideo
GetBindingWindows
GetDisplayComputerName
GetDisplayLocalIpV4
GetDisplayUserName
IsVirtualMachine

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ItpNativeSupportX64.dll
.dll windows:5 windows x64 arch:x64

9d7760dcfe956e8b14c98cd66af40c86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\ItpNativeLibraryWithDemo\ItpNativeSupport\x64-Release-Out\ItpNativeSupportX64.pdb

Imports

kernel32

CloseHandle
GetComputerNameA
WideCharToMultiByte
GetProcessHeap
lstrlenA
GetVersionExA
DeviceIoControl
GetLastError
GetCurrentProcess
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetPriorityClass
CreateFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapFree
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
HeapSize
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

EnumDisplayDevicesA
MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA
GetUserNameA

ole32

CoSetProxyBlanket
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysFreeString

ws2_32

WSAStartup
WSACleanup
gethostname
gethostbyname
inet_ntoa

iphlpapi

GetAdaptersInfo

Exports

Exports

GetBindingBios
GetBindingHardDrive
GetBindingMacAddress
GetBindingMotherBoard
GetBindingProcessor
GetBindingUserName
GetBindingVideo
GetBindingWindows
GetDisplayComputerName
GetDisplayLocalIpV4
GetDisplayUserName
IsVirtualMachine

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ItpPopups.dat
.zip
Tor/Tor Website.url
Tor/libeay32.dll
.dll windows:4 windows x86 arch:x86

777bc4f6c531b8267e43010c87f3e334

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

DeregisterEventSource
RegisterEventSourceA
ReportEventA

libgcc_s_sjlj-1

__udivdi3
__umoddi3

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
GetDeviceCaps
GetObjectA
SelectObject

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_chmod
_errno
_exit
_fdopen
_fileno
_ftime
_getch
_initterm
_iob
_lock
_onexit
_open
_read
_setmode
_snprintf
_stat
_stricmp
_strnicmp
time
localtime
gmtime
atoi
calloc
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
isalnum
isspace
isupper
isxdigit
malloc
memchr
memcmp
memmove
perror
printf
qsort
raise
realloc
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strtol
strtoul
_unlock
_vsnprintf
_wfopen
_write
abort
tolower
vfprintf
wcsstr

libssp-0

__stack_chk_fail
__stack_chk_guard

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
getservbyname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
send
sendto
setsockopt
shutdown
socket

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_consttime_swap
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/libevent-2-0-5.dll
.dll windows:4 windows x86 arch:x86

5c200c4213b338df480d6f01acbac426

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libssp-0

__stack_chk_fail
__stack_chk_guard

advapi32

CryptAcquireContextA
CryptGenRandom
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

libgcc_s_sjlj-1

__divdi3
__udivdi3
__umoddi3

kernel32

CloseHandle
CreateEventA
CreateIoCompletionPort
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetQueuedCompletionStatus
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetVersion
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
PostQueuedCompletionStatus
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
_amsg_exit
_beginthread
_close
_errno
_fstati64
_getpid
_initterm
_iob
_lock
_lseeki64
_onexit
_open
_read
_strdup
atoi
calloc
exit
fprintf
free
fwrite
getenv
gmtime
islower
isspace
isupper
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
rand
realloc
signal
sscanf
strcat
strchr
strcmp
strerror
strftime
strlen
strncmp
strpbrk
strspn
strstr
strtol
_unlock
_vsnprintf
abort
time
vfprintf
_read

shell32

SHGetSpecialFolderPathA

ws2_32

WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSARecv
WSASend
WSASetLastError
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getservbyname
getsockname
getsockopt
htonl
htons
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

EVUTIL_ISALNUM
EVUTIL_ISALPHA
EVUTIL_ISDIGIT
EVUTIL_ISLOWER
EVUTIL_ISPRINT
EVUTIL_ISSPACE
EVUTIL_ISUPPER
EVUTIL_ISXDIGIT
EVUTIL_TOLOWER
EVUTIL_TOUPPER
SIGFPE_REQ
_bufferevent_add_event
_bufferevent_decref_and_unlock
_bufferevent_decrement_read_buckets
_bufferevent_decrement_write_buckets
_bufferevent_del_generic_timeout_cbs
_bufferevent_generic_adj_timeouts
_bufferevent_get_read_max
_bufferevent_get_write_max
_bufferevent_incref_and_lock
_bufferevent_init_generic_timeout_cbs
_bufferevent_run_eventcb
_bufferevent_run_readcb
_bufferevent_run_writecb
_evbuffer_chain_pin
_evbuffer_chain_unpin
_evbuffer_decref_and_unlock
_evbuffer_expand_fast
_evbuffer_incref
_evbuffer_incref_and_lock
_evbuffer_overlapped_get_fd
_evbuffer_overlapped_set_fd
_evbuffer_read_setup_vecs
_evbuffer_testing_use_linear_file_access
_evbuffer_testing_use_mmap
_evbuffer_testing_use_sendfile
_event_debug_map_HT_REP_IS_BAD
_event_debug_mode_on
_event_debugx
_event_io_map_HT_REP_IS_BAD
_event_strlcpy
_evsig_restore_handler
_evsig_set_handler
_evthread_debug_get_real_lock
_evthread_is_debug_lock_held
_evthreadimpl_cond_alloc
_evthreadimpl_cond_free
_evthreadimpl_cond_signal
_evthreadimpl_cond_wait
_evthreadimpl_get_id
_evthreadimpl_is_lock_debugging_enabled
_evthreadimpl_lock_alloc
_evthreadimpl_lock_free
_evthreadimpl_lock_lock
_evthreadimpl_lock_unlock
_evthreadimpl_locking_enabled
_evutil_weakrand
_nm____stack_chk_guard
bufferevent_add_to_rate_limit_group
bufferevent_async_can_connect
bufferevent_async_connect
bufferevent_async_new
bufferevent_async_set_connected
bufferevent_base_set
bufferevent_decref
bufferevent_decrement_read_limit
bufferevent_decrement_write_limit
bufferevent_disable
bufferevent_disable_hard
bufferevent_enable
bufferevent_enable_locking
bufferevent_filter_new
bufferevent_flush
bufferevent_free
bufferevent_get_base
bufferevent_get_enabled
bufferevent_get_input
bufferevent_get_max_to_read
bufferevent_get_max_to_write
bufferevent_get_output
bufferevent_get_read_limit
bufferevent_get_underlying
bufferevent_get_write_limit
bufferevent_getfd
bufferevent_incref
bufferevent_init_common
bufferevent_lock
bufferevent_new
bufferevent_ops_async
bufferevent_ops_filter
bufferevent_ops_pair
bufferevent_ops_socket
bufferevent_pair_get_partner
bufferevent_pair_new
bufferevent_priority_set
bufferevent_rate_limit_group_decrement_read
bufferevent_rate_limit_group_decrement_write
bufferevent_rate_limit_group_free
bufferevent_rate_limit_group_get_read_limit
bufferevent_rate_limit_group_get_totals
bufferevent_rate_limit_group_get_write_limit
bufferevent_rate_limit_group_new
bufferevent_rate_limit_group_reset_totals
bufferevent_rate_limit_group_set_cfg
bufferevent_rate_limit_group_set_min_share
bufferevent_read
bufferevent_read_buffer
bufferevent_remove_from_rate_limit_group
bufferevent_remove_from_rate_limit_group_internal
bufferevent_set_rate_limit
bufferevent_set_timeouts
bufferevent_setcb
bufferevent_setfd
bufferevent_settimeout
bufferevent_setwatermark
bufferevent_socket_connect
bufferevent_socket_connect_hostname
bufferevent_socket_get_dns_error
bufferevent_socket_new
bufferevent_suspend_read
bufferevent_suspend_write
bufferevent_unlock
bufferevent_unsuspend_read
bufferevent_unsuspend_write
bufferevent_write
bufferevent_write_buffer
ev_token_bucket_cfg_free
ev_token_bucket_cfg_new
ev_token_bucket_get_tick
ev_token_bucket_init
ev_token_bucket_update
evbuffer_add
evbuffer_add_buffer
evbuffer_add_cb
evbuffer_add_file
evbuffer_add_printf
evbuffer_add_reference
evbuffer_add_vprintf
evbuffer_cb_clear_flags
evbuffer_cb_set_flags
evbuffer_clear_flags
evbuffer_commit_read
evbuffer_commit_space
evbuffer_commit_write
evbuffer_copyout
evbuffer_defer_callbacks
evbuffer_drain
evbuffer_enable_locking
evbuffer_expand
evbuffer_find
evbuffer_free
evbuffer_freeze
evbuffer_get_contiguous_space
evbuffer_get_length
evbuffer_invoke_callbacks
evbuffer_launch_read
evbuffer_launch_write
evbuffer_lock
evbuffer_new
evbuffer_overlapped_new
evbuffer_peek
evbuffer_prepend
evbuffer_prepend_buffer
evbuffer_ptr_set
evbuffer_pullup
evbuffer_read
evbuffer_readline
evbuffer_readln
evbuffer_remove
evbuffer_remove_buffer
evbuffer_remove_cb
evbuffer_remove_cb_entry
evbuffer_reserve_space
evbuffer_search
evbuffer_search_eol
evbuffer_search_range
evbuffer_set_flags
evbuffer_set_parent
evbuffer_setcb
evbuffer_unfreeze
evbuffer_unlock
evbuffer_write
evbuffer_write_atmost
evconnlistener_disable
evconnlistener_enable
evconnlistener_free
evconnlistener_get_base
evconnlistener_get_fd
evconnlistener_new
evconnlistener_new_async
evconnlistener_new_bind
evconnlistener_set_cb
evconnlistener_set_error_cb
evdns_add_server_port
evdns_add_server_port_with_base
evdns_base_clear_nameservers_and_suspend
evdns_base_config_windows_nameservers
evdns_base_count_nameservers
evdns_base_free
evdns_base_load_hosts
evdns_base_nameserver_add
evdns_base_nameserver_ip_add
evdns_base_nameserver_sockaddr_add
evdns_base_new
evdns_base_resolv_conf_parse
evdns_base_resolve_ipv4
evdns_base_resolve_ipv6
evdns_base_resolve_reverse
evdns_base_resolve_reverse_ipv6
evdns_base_resume
evdns_base_search_add
evdns_base_search_clear
evdns_base_search_ndots_set
evdns_base_set_option
evdns_cancel_request
evdns_clear_nameservers_and_suspend
evdns_close_server_port
evdns_config_windows_nameservers
evdns_count_nameservers
evdns_err_to_string
evdns_get_global_base
evdns_getaddrinfo
evdns_getaddrinfo_cancel
evdns_init
evdns_nameserver_add
evdns_nameserver_ip_add
evdns_resolv_conf_parse
evdns_resolve_ipv4
evdns_resolve_ipv6
evdns_resolve_reverse
evdns_resolve_reverse_ipv6
evdns_resume
evdns_search_add
evdns_search_clear
evdns_search_ndots_set
evdns_server_request_add_a_reply
evdns_server_request_add_aaaa_reply
evdns_server_request_add_cname_reply
evdns_server_request_add_ptr_reply
evdns_server_request_add_reply
evdns_server_request_drop
evdns_server_request_get_requesting_addr
evdns_server_request_respond
evdns_server_request_set_flags
evdns_set_log_fn
evdns_set_option
evdns_set_random_bytes_fn
evdns_set_transaction_id_fn
evdns_shutdown
event_active
event_active_nolock
event_add
event_assign
event_base_add_virtual
event_base_assert_ok
event_base_del_virtual
event_base_dispatch
event_base_dump_events
event_base_free
event_base_get_deferred_cb_queue
event_base_get_features
event_base_get_iocp
event_base_get_method
event_base_gettimeofday_cached
event_base_got_break
event_base_got_exit
event_base_init_common_timeout
event_base_loop
event_base_loopbreak
event_base_loopexit
event_base_new
event_base_new_with_config
event_base_once
event_base_priority_init
event_base_set
event_base_start_iocp
event_base_stop_iocp
event_changelist_add
event_changelist_del
event_changelist_freemem
event_changelist_init
event_changelist_remove_all
event_config_avoid_method
event_config_free
event_config_new
event_config_require_features
event_config_set_flag
event_config_set_num_cpus_hint
event_debug_map_HT_CLEAR
event_debug_map_HT_GROW
event_debug_unassign
event_deferred_cb_cancel
event_deferred_cb_init
event_deferred_cb_queue_init
event_deferred_cb_schedule
event_del
event_dispatch
event_enable_debug_mode
event_err
event_errx
event_free
event_get_assignment
event_get_base
event_get_callback
event_get_callback_arg
event_get_events
event_get_fd
event_get_method
event_get_struct_event_size
event_get_supported_methods
event_get_version
event_get_version_number
event_get_win32_extension_fns
event_global_current_base_
event_global_setup_locks_
event_init
event_initialized
event_io_map_HT_CLEAR
event_io_map_HT_GROW
event_iocp_activate_overlapped
event_iocp_port_associate
event_iocp_port_launch
event_iocp_shutdown
event_loop
event_loopbreak
event_loopexit
event_mm_calloc_
event_mm_free_
event_mm_malloc_
event_mm_realloc_
event_mm_strdup_
event_msgx
event_new
event_once
event_overlapped_init
event_pending
event_priority_init
event_priority_set
event_reinit
event_set
event_set_fatal_callback
event_set_log_callback
event_set_mem_functions
event_sock_err
event_sock_warn
event_warn
event_warnx
evhttp_accept_socket
evhttp_accept_socket_with_handle
evhttp_add_header
evhttp_add_server_alias
evhttp_add_virtual_host
evhttp_bind_listener
evhttp_bind_socket
evhttp_bind_socket_with_handle
evhttp_bound_socket_get_fd
evhttp_bound_socket_get_listener
evhttp_cancel_request
evhttp_clear_headers
evhttp_connection_base_new
evhttp_connection_connect
evhttp_connection_fail
evhttp_connection_free
evhttp_connection_get_base
evhttp_connection_get_bufferevent
evhttp_connection_get_peer
evhttp_connection_new
evhttp_connection_reset
evhttp_connection_set_base
evhttp_connection_set_closecb
evhttp_connection_set_local_address
evhttp_connection_set_local_port
evhttp_connection_set_max_body_size
evhttp_connection_set_max_headers_size
evhttp_connection_set_retries
evhttp_connection_set_timeout
evhttp_decode_uri
evhttp_del_accept_socket
evhttp_del_cb
evhttp_encode_uri
evhttp_find_header
evhttp_free
evhttp_htmlescape
evhttp_make_request
evhttp_new
evhttp_parse_firstline
evhttp_parse_headers
evhttp_parse_query
evhttp_parse_query_str
evhttp_remove_header
evhttp_remove_server_alias
evhttp_remove_virtual_host
evhttp_request_free
evhttp_request_get_command
evhttp_request_get_connection
evhttp_request_get_evhttp_uri
evhttp_request_get_host
evhttp_request_get_input_buffer
evhttp_request_get_input_headers
evhttp_request_get_output_buffer
evhttp_request_get_output_headers
evhttp_request_get_response_code
evhttp_request_get_uri
evhttp_request_is_owned
evhttp_request_new
evhttp_request_own
evhttp_request_set_chunked_cb
evhttp_response_code
evhttp_send_error
evhttp_send_page
evhttp_send_reply
evhttp_send_reply_chunk
evhttp_send_reply_end
evhttp_send_reply_start
evhttp_set_allowed_methods
evhttp_set_cb
evhttp_set_gencb
evhttp_set_max_body_size
evhttp_set_max_headers_size
evhttp_set_timeout
evhttp_start
evhttp_start_read
evhttp_uri_free
evhttp_uri_get_fragment
evhttp_uri_get_host
evhttp_uri_get_path
evhttp_uri_get_port
evhttp_uri_get_query
evhttp_uri_get_scheme
evhttp_uri_get_userinfo
evhttp_uri_join
evhttp_uri_new
evhttp_uri_parse
evhttp_uri_parse_with_flags
evhttp_uri_set_flags
evhttp_uri_set_fragment
evhttp_uri_set_host
evhttp_uri_set_path
evhttp_uri_set_port
evhttp_uri_set_query
evhttp_uri_set_scheme
evhttp_uri_set_userinfo
evhttp_uridecode
evhttp_uriencode
evmap_check_integrity
evmap_io_active
evmap_io_add
evmap_io_clear
evmap_io_del
evmap_io_get_fdinfo
evmap_io_initmap
evmap_signal_active
evmap_signal_add
evmap_signal_clear
evmap_signal_del
evmap_signal_initmap
evrpc_add_hook
evrpc_free
evrpc_get_reply
evrpc_get_request
evrpc_hook_add_meta
evrpc_hook_find_meta
evrpc_hook_get_connection
evrpc_init
evrpc_make_request
evrpc_make_request_ctx
evrpc_pool_add_connection
evrpc_pool_free
evrpc_pool_new
evrpc_pool_remove_connection
evrpc_pool_set_timeout
evrpc_register_generic
evrpc_register_rpc
evrpc_remove_hook
evrpc_reqstate_free
evrpc_request_done
evrpc_request_get_pool
evrpc_request_set_cb
evrpc_request_set_pool
evrpc_resume_request
evrpc_send_request_generic
evrpc_unregister_rpc
evsig_dealloc
evsig_global_setup_locks_
evsig_init
evsig_set_base
evtag_consume
evtag_decode_int
evtag_decode_int64
evtag_decode_tag
evtag_encode_int
evtag_encode_int64
evtag_encode_tag
evtag_init
evtag_marshal
evtag_marshal_buffer
evtag_marshal_int
evtag_marshal_int64
evtag_marshal_string
evtag_marshal_timeval

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/libevent_core-2-0-5.dll
.dll windows:4 windows x86 arch:x86

5f79f8a288b8809ed92d71231df197d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libssp-0

__stack_chk_fail
__stack_chk_guard

advapi32

CryptAcquireContextA
CryptGenRandom

libgcc_s_sjlj-1

__divdi3
__udivdi3
__umoddi3

kernel32

CloseHandle
CreateEventA
CreateIoCompletionPort
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetQueuedCompletionStatus
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
PostQueuedCompletionStatus
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
_amsg_exit
_beginthread
_close
_errno
_fstati64
_getpid
_initterm
_iob
_lock
_lseeki64
_onexit
_open
_read
_strdup
atoi
calloc
exit
fprintf
free
fwrite
getenv
islower
isspace
isupper
malloc
memchr
memcmp
memcpy
memmove
memset
rand
realloc
signal
sscanf
strcat
strchr
strcmp
strerror
strlen
strncmp
strtol
_unlock
_vsnprintf
abort
vfprintf
_read

ws2_32

WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSARecv
WSASend
WSASetLastError
accept
bind
closesocket
connect
gethostbyname
getservbyname
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
select
send
setsockopt
socket

Exports

Exports

EVUTIL_ISALNUM
EVUTIL_ISALPHA
EVUTIL_ISDIGIT
EVUTIL_ISLOWER
EVUTIL_ISPRINT
EVUTIL_ISSPACE
EVUTIL_ISUPPER
EVUTIL_ISXDIGIT
EVUTIL_TOLOWER
EVUTIL_TOUPPER
SIGFPE_REQ
_bufferevent_add_event
_bufferevent_decref_and_unlock
_bufferevent_decrement_read_buckets
_bufferevent_decrement_write_buckets
_bufferevent_del_generic_timeout_cbs
_bufferevent_generic_adj_timeouts
_bufferevent_get_read_max
_bufferevent_get_write_max
_bufferevent_incref_and_lock
_bufferevent_init_generic_timeout_cbs
_bufferevent_run_eventcb
_bufferevent_run_readcb
_bufferevent_run_writecb
_evbuffer_chain_pin
_evbuffer_chain_unpin
_evbuffer_decref_and_unlock
_evbuffer_expand_fast
_evbuffer_incref
_evbuffer_incref_and_lock
_evbuffer_overlapped_get_fd
_evbuffer_overlapped_set_fd
_evbuffer_read_setup_vecs
_evbuffer_testing_use_linear_file_access
_evbuffer_testing_use_mmap
_evbuffer_testing_use_sendfile
_event_debug_map_HT_REP_IS_BAD
_event_debug_mode_on
_event_debugx
_event_io_map_HT_REP_IS_BAD
_event_strlcpy
_evsig_restore_handler
_evsig_set_handler
_evthread_debug_get_real_lock
_evthread_is_debug_lock_held
_evthreadimpl_cond_alloc
_evthreadimpl_cond_free
_evthreadimpl_cond_signal
_evthreadimpl_cond_wait
_evthreadimpl_get_id
_evthreadimpl_is_lock_debugging_enabled
_evthreadimpl_lock_alloc
_evthreadimpl_lock_free
_evthreadimpl_lock_lock
_evthreadimpl_lock_unlock
_evthreadimpl_locking_enabled
_evutil_weakrand
_nm____stack_chk_guard
bufferevent_add_to_rate_limit_group
bufferevent_async_can_connect
bufferevent_async_connect
bufferevent_async_new
bufferevent_async_set_connected
bufferevent_base_set
bufferevent_decref
bufferevent_decrement_read_limit
bufferevent_decrement_write_limit
bufferevent_disable
bufferevent_disable_hard
bufferevent_enable
bufferevent_enable_locking
bufferevent_filter_new
bufferevent_flush
bufferevent_free
bufferevent_get_base
bufferevent_get_enabled
bufferevent_get_input
bufferevent_get_max_to_read
bufferevent_get_max_to_write
bufferevent_get_output
bufferevent_get_read_limit
bufferevent_get_underlying
bufferevent_get_write_limit
bufferevent_getfd
bufferevent_incref
bufferevent_init_common
bufferevent_lock
bufferevent_new
bufferevent_ops_async
bufferevent_ops_filter
bufferevent_ops_pair
bufferevent_ops_socket
bufferevent_pair_get_partner
bufferevent_pair_new
bufferevent_priority_set
bufferevent_rate_limit_group_decrement_read
bufferevent_rate_limit_group_decrement_write
bufferevent_rate_limit_group_free
bufferevent_rate_limit_group_get_read_limit
bufferevent_rate_limit_group_get_totals
bufferevent_rate_limit_group_get_write_limit
bufferevent_rate_limit_group_new
bufferevent_rate_limit_group_reset_totals
bufferevent_rate_limit_group_set_cfg
bufferevent_rate_limit_group_set_min_share
bufferevent_read
bufferevent_read_buffer
bufferevent_remove_from_rate_limit_group
bufferevent_remove_from_rate_limit_group_internal
bufferevent_set_rate_limit
bufferevent_set_timeouts
bufferevent_setcb
bufferevent_setfd
bufferevent_settimeout
bufferevent_setwatermark
bufferevent_socket_connect
bufferevent_socket_connect_hostname
bufferevent_socket_get_dns_error
bufferevent_socket_new
bufferevent_suspend_read
bufferevent_suspend_write
bufferevent_unlock
bufferevent_unsuspend_read
bufferevent_unsuspend_write
bufferevent_write
bufferevent_write_buffer
ev_token_bucket_cfg_free
ev_token_bucket_cfg_new
ev_token_bucket_get_tick
ev_token_bucket_init
ev_token_bucket_update
evbuffer_add
evbuffer_add_buffer
evbuffer_add_cb
evbuffer_add_file
evbuffer_add_printf
evbuffer_add_reference
evbuffer_add_vprintf
evbuffer_cb_clear_flags
evbuffer_cb_set_flags
evbuffer_clear_flags
evbuffer_commit_read
evbuffer_commit_space
evbuffer_commit_write
evbuffer_copyout
evbuffer_defer_callbacks
evbuffer_drain
evbuffer_enable_locking
evbuffer_expand
evbuffer_find
evbuffer_free
evbuffer_freeze
evbuffer_get_contiguous_space
evbuffer_get_length
evbuffer_invoke_callbacks
evbuffer_launch_read
evbuffer_launch_write
evbuffer_lock
evbuffer_new
evbuffer_overlapped_new
evbuffer_peek
evbuffer_prepend
evbuffer_prepend_buffer
evbuffer_ptr_set
evbuffer_pullup
evbuffer_read
evbuffer_readline
evbuffer_readln
evbuffer_remove
evbuffer_remove_buffer
evbuffer_remove_cb
evbuffer_remove_cb_entry
evbuffer_reserve_space
evbuffer_search
evbuffer_search_eol
evbuffer_search_range
evbuffer_set_flags
evbuffer_set_parent
evbuffer_setcb
evbuffer_unfreeze
evbuffer_unlock
evbuffer_write
evbuffer_write_atmost
evconnlistener_disable
evconnlistener_enable
evconnlistener_free
evconnlistener_get_base
evconnlistener_get_fd
evconnlistener_new
evconnlistener_new_async
evconnlistener_new_bind
evconnlistener_set_cb
evconnlistener_set_error_cb
event_active
event_active_nolock
event_add
event_assign
event_base_add_virtual
event_base_assert_ok
event_base_del_virtual
event_base_dispatch
event_base_dump_events
event_base_free
event_base_get_deferred_cb_queue
event_base_get_features
event_base_get_iocp
event_base_get_method
event_base_gettimeofday_cached
event_base_got_break
event_base_got_exit
event_base_init_common_timeout
event_base_loop
event_base_loopbreak
event_base_loopexit
event_base_new
event_base_new_with_config
event_base_once
event_base_priority_init
event_base_set
event_base_start_iocp
event_base_stop_iocp
event_changelist_add
event_changelist_del
event_changelist_freemem
event_changelist_init
event_changelist_remove_all
event_config_avoid_method
event_config_free
event_config_new
event_config_require_features
event_config_set_flag
event_config_set_num_cpus_hint
event_debug_map_HT_CLEAR
event_debug_map_HT_GROW
event_debug_unassign
event_deferred_cb_cancel
event_deferred_cb_init
event_deferred_cb_queue_init
event_deferred_cb_schedule
event_del
event_dispatch
event_enable_debug_mode
event_err
event_errx
event_free
event_get_assignment
event_get_base
event_get_callback
event_get_callback_arg
event_get_events
event_get_fd
event_get_method
event_get_struct_event_size
event_get_supported_methods
event_get_version
event_get_version_number
event_get_win32_extension_fns
event_global_current_base_
event_global_setup_locks_
event_init
event_initialized
event_io_map_HT_CLEAR
event_io_map_HT_GROW
event_iocp_activate_overlapped
event_iocp_port_associate
event_iocp_port_launch
event_iocp_shutdown
event_loop
event_loopbreak
event_loopexit
event_mm_calloc_
event_mm_free_
event_mm_malloc_
event_mm_realloc_
event_mm_strdup_
event_msgx
event_new
event_once
event_overlapped_init
event_pending
event_priority_init
event_priority_set
event_reinit
event_set
event_set_fatal_callback
event_set_log_callback
event_set_mem_functions
event_sock_err
event_sock_warn
event_warn
event_warnx
evmap_check_integrity
evmap_io_active
evmap_io_add
evmap_io_clear
evmap_io_del
evmap_io_get_fdinfo
evmap_io_initmap
evmap_signal_active
evmap_signal_add
evmap_signal_clear
evmap_signal_del
evmap_signal_initmap
evsig_dealloc
evsig_global_setup_locks_
evsig_init
evsig_set_base
evthread_enable_lock_debuging
evthread_make_base_notifiable
evthread_set_condition_callbacks
evthread_set_id_callback
evthread_set_lock_callbacks
evthread_setup_global_lock_
evthread_use_windows_threads
evutil_addrinfo_append
evutil_adjust_hints_for_addrconfig
evutil_ascii_strcasecmp
evutil_ascii_strncasecmp
evutil_closesocket
evutil_ersatz_socketpair
evutil_format_sockaddr_port
evutil_freeaddrinfo
evutil_gai_strerror
evutil_getaddrinfo
evutil_getaddrinfo_async
evutil_getaddrinfo_common
evutil_getenv
evutil_hex_char_to_int
evutil_inet_ntop
evutil_inet_pton
evutil_load_windows_system_library
evutil_make_listen_socket_reuseable
evutil_make_socket_closeonexec
evutil_make_socket_nonblocking
evutil_new_addrinfo
evutil_open_closeonexec
evutil_parse_sockaddr_port
evutil_read_file
evutil_secure_rng_add_bytes
evutil_secure_rng_get_bytes
evutil_secure_rng_global_setup_locks_
evutil_secure_rng_init
evutil_set_evdns_getaddrinfo_fn
evutil_snprintf
evutil_sockaddr_cmp
evutil_sockaddr_is_loopback
evutil_socket_connect
evutil_socket_error_to_string
evutil_socket_finished_connecting
evutil_socket_geterror
evutil_socketpair
evutil_strtoll
evutil_tv_to_msec
evutil_vsnprintf
in6addr_any
in6addr_loopback
win32ops

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/libevent_extra-2-0-5.dll
.dll windows:4 windows x86 arch:x86

71dd846eba7979c4d6fef7e2f023ed7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libevent_core-2-0-5

EVUTIL_ISALNUM
EVUTIL_ISALPHA
EVUTIL_ISDIGIT
EVUTIL_ISXDIGIT
EVUTIL_TOLOWER
_event_strlcpy
_evthread_is_debug_lock_held
_evthreadimpl_is_lock_debugging_enabled
_evthreadimpl_lock_alloc
_evthreadimpl_lock_free
_evthreadimpl_lock_lock
_evthreadimpl_lock_unlock
bufferevent_base_set
bufferevent_disable
bufferevent_disable_hard
bufferevent_enable
bufferevent_free
bufferevent_get_input
bufferevent_get_output
bufferevent_new
bufferevent_set_timeouts
bufferevent_setcb
bufferevent_setfd
bufferevent_settimeout
bufferevent_socket_connect_hostname
evbuffer_add
evbuffer_add_buffer
evbuffer_add_printf
evbuffer_drain
evbuffer_free
evbuffer_get_length
evbuffer_new
evbuffer_pullup
evbuffer_readln
evbuffer_remove
evbuffer_remove_buffer
evconnlistener_free
evconnlistener_get_fd
evconnlistener_new
evconnlistener_set_cb
event_add
event_assign
event_base_get_deferred_cb_queue
event_debug_unassign
event_deferred_cb_cancel
event_deferred_cb_init
event_deferred_cb_schedule
event_del
event_err
event_errx
event_initialized
event_mm_calloc_
event_mm_free_
event_mm_malloc_
event_mm_realloc_
event_mm_strdup_
event_msgx
event_sock_warn
event_warn
event_warnx
evutil_addrinfo_append
evutil_adjust_hints_for_addrconfig
evutil_ascii_strcasecmp
evutil_ascii_strncasecmp
evutil_closesocket
evutil_format_sockaddr_port
evutil_freeaddrinfo
evutil_gai_strerror
evutil_getaddrinfo
evutil_getaddrinfo_common
evutil_inet_pton
evutil_load_windows_system_library
evutil_make_listen_socket_reuseable
evutil_make_socket_closeonexec
evutil_make_socket_nonblocking
evutil_new_addrinfo
evutil_parse_sockaddr_port
evutil_read_file
evutil_secure_rng_get_bytes
evutil_secure_rng_init
evutil_set_evdns_getaddrinfo_fn
evutil_snprintf
evutil_sockaddr_cmp
evutil_sockaddr_is_loopback
evutil_socket_error_to_string
evutil_socket_geterror
evutil_strtoll
evutil_vsnprintf

libssp-0

__stack_chk_fail
__stack_chk_guard

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
atoi
calloc
free
fwrite
gmtime
isspace
localeconv
malloc
memcpy
memset
sscanf
strchr
strcmp
strftime
strlen
strncmp
strpbrk
strspn
strstr
strtol
_unlock
abort
time
vfprintf

shell32

SHGetSpecialFolderPathA

ws2_32

WSAGetLastError
WSASetLastError
bind
gethostbyaddr
gethostname
getsockopt
htonl
htons
inet_ntoa
listen
ntohl
ntohs
recvfrom
sendto
setsockopt
shutdown
socket

Exports

Exports

_nm____stack_chk_guard
evdns_add_server_port
evdns_add_server_port_with_base
evdns_base_clear_nameservers_and_suspend
evdns_base_config_windows_nameservers
evdns_base_count_nameservers
evdns_base_free
evdns_base_load_hosts
evdns_base_nameserver_add
evdns_base_nameserver_ip_add
evdns_base_nameserver_sockaddr_add
evdns_base_new
evdns_base_resolv_conf_parse
evdns_base_resolve_ipv4
evdns_base_resolve_ipv6
evdns_base_resolve_reverse
evdns_base_resolve_reverse_ipv6
evdns_base_resume
evdns_base_search_add
evdns_base_search_clear
evdns_base_search_ndots_set
evdns_base_set_option
evdns_cancel_request
evdns_clear_nameservers_and_suspend
evdns_close_server_port
evdns_config_windows_nameservers
evdns_count_nameservers
evdns_err_to_string
evdns_get_global_base
evdns_getaddrinfo
evdns_getaddrinfo_cancel
evdns_init
evdns_nameserver_add
evdns_nameserver_ip_add
evdns_resolv_conf_parse
evdns_resolve_ipv4
evdns_resolve_ipv6
evdns_resolve_reverse
evdns_resolve_reverse_ipv6
evdns_resume
evdns_search_add
evdns_search_clear
evdns_search_ndots_set
evdns_server_request_add_a_reply
evdns_server_request_add_aaaa_reply
evdns_server_request_add_cname_reply
evdns_server_request_add_ptr_reply
evdns_server_request_add_reply
evdns_server_request_drop
evdns_server_request_get_requesting_addr
evdns_server_request_respond
evdns_server_request_set_flags
evdns_set_log_fn
evdns_set_option
evdns_set_random_bytes_fn
evdns_set_transaction_id_fn
evdns_shutdown
evhttp_accept_socket
evhttp_accept_socket_with_handle
evhttp_add_header
evhttp_add_server_alias
evhttp_add_virtual_host
evhttp_bind_listener
evhttp_bind_socket
evhttp_bind_socket_with_handle
evhttp_bound_socket_get_fd
evhttp_bound_socket_get_listener
evhttp_cancel_request
evhttp_clear_headers
evhttp_connection_base_new
evhttp_connection_connect
evhttp_connection_fail
evhttp_connection_free
evhttp_connection_get_base
evhttp_connection_get_bufferevent
evhttp_connection_get_peer
evhttp_connection_new
evhttp_connection_reset
evhttp_connection_set_base
evhttp_connection_set_closecb
evhttp_connection_set_local_address
evhttp_connection_set_local_port
evhttp_connection_set_max_body_size
evhttp_connection_set_max_headers_size
evhttp_connection_set_retries
evhttp_connection_set_timeout
evhttp_decode_uri
evhttp_del_accept_socket
evhttp_del_cb
evhttp_encode_uri
evhttp_find_header
evhttp_free
evhttp_htmlescape
evhttp_make_request
evhttp_new
evhttp_parse_firstline
evhttp_parse_headers
evhttp_parse_query
evhttp_parse_query_str
evhttp_remove_header
evhttp_remove_server_alias
evhttp_remove_virtual_host
evhttp_request_free
evhttp_request_get_command
evhttp_request_get_connection
evhttp_request_get_evhttp_uri
evhttp_request_get_host
evhttp_request_get_input_buffer
evhttp_request_get_input_headers
evhttp_request_get_output_buffer
evhttp_request_get_output_headers
evhttp_request_get_response_code
evhttp_request_get_uri
evhttp_request_is_owned
evhttp_request_new
evhttp_request_own
evhttp_request_set_chunked_cb
evhttp_response_code
evhttp_send_error
evhttp_send_page
evhttp_send_reply
evhttp_send_reply_chunk
evhttp_send_reply_end
evhttp_send_reply_start
evhttp_set_allowed_methods
evhttp_set_cb
evhttp_set_gencb
evhttp_set_max_body_size
evhttp_set_max_headers_size
evhttp_set_timeout
evhttp_start
evhttp_start_read
evhttp_uri_free
evhttp_uri_get_fragment
evhttp_uri_get_host
evhttp_uri_get_path
evhttp_uri_get_port
evhttp_uri_get_query
evhttp_uri_get_scheme
evhttp_uri_get_userinfo
evhttp_uri_join
evhttp_uri_new
evhttp_uri_parse
evhttp_uri_parse_with_flags
evhttp_uri_set_flags
evhttp_uri_set_fragment
evhttp_uri_set_host
evhttp_uri_set_path
evhttp_uri_set_port
evhttp_uri_set_query
evhttp_uri_set_scheme
evhttp_uri_set_userinfo
evhttp_uridecode
evhttp_uriencode
evrpc_add_hook
evrpc_free
evrpc_get_reply
evrpc_get_request
evrpc_hook_add_meta
evrpc_hook_find_meta
evrpc_hook_get_connection
evrpc_init
evrpc_make_request
evrpc_make_request_ctx
evrpc_pool_add_connection
evrpc_pool_free
evrpc_pool_new
evrpc_pool_remove_connection
evrpc_pool_set_timeout
evrpc_register_generic
evrpc_register_rpc
evrpc_remove_hook
evrpc_reqstate_free
evrpc_request_done
evrpc_request_get_pool
evrpc_request_set_cb
evrpc_request_set_pool
evrpc_resume_request
evrpc_send_request_generic
evrpc_unregister_rpc
evtag_consume
evtag_decode_int
evtag_decode_int64
evtag_decode_tag
evtag_encode_int
evtag_encode_int64
evtag_encode_tag
evtag_init
evtag_marshal
evtag_marshal_buffer
evtag_marshal_int
evtag_marshal_int64
evtag_marshal_string
evtag_marshal_timeval
evtag_payload_length
evtag_peek
evtag_peek_length
evtag_unmarshal
evtag_unmarshal_fixed
evtag_unmarshal_header
evtag_unmarshal_int
evtag_unmarshal_int64
evtag_unmarshal_string
evtag_unmarshal_timeval

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/libgcc_s_sjlj-1.dll
.dll windows:4 windows x86 arch:x86

67046ace007d27bb6b8f72db46c226fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
calloc
free
fwrite
malloc
memcpy
memset
realloc
strlen
strncmp
_unlock
abort
vfprintf

Exports

Exports

_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_Find_FDE
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_SetGR
_Unwind_SetIP
_Unwind_SjLj_ForcedUnwind
_Unwind_SjLj_RaiseException
_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Resume_or_Rethrow
_Unwind_SjLj_Unregister
__absvdi2
__absvsi2
__addtf3
__addvdi3
__addvsi3
__ashldi3
__ashrdi3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbsi2
__clzdi2
__clzsi2
__cmpdi2
__ctzdi2
__ctzsi2
__deregister_frame
__deregister_frame_info
__deregister_frame_info_bases
__divdc3
__divdi3
__divsc3
__divtc3
__divtf3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffssi2
__fixdfdi
__fixsfdi
__fixtfdi
__fixtfsi
__fixunsdfdi
__fixunsdfsi
__fixunssfdi
__fixunssfsi
__fixunstfdi
__fixunstfsi
__fixunsxfdi
__fixunsxfsi
__fixxfdi
__floatdidf
__floatdisf
__floatditf
__floatdixf
__floatsitf
__floatundidf
__floatundisf
__floatunditf
__floatundixf
__floatunsitf
__gcc_personality_sj0
__getf2
__gttf2
__letf2
__lshrdi3
__lttf2
__moddi3
__muldc3
__muldi3
__mulsc3
__multc3
__multf3
__mulvdi3
__mulvsi3
__mulxc3
__negdi2
__negtf2
__negvdi2
__negvsi2
__netf2
__paritydi2
__paritysi2
__popcountdi2
__popcountsi2
__powidf2
__powisf2
__powitf2
__powixf2
__register_frame
__register_frame_info
__register_frame_info_bases
__register_frame_info_table
__register_frame_info_table_bases
__register_frame_table
__subtf3
__subvdi3
__subvsi3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpdi2
__udivdi3
__udivmoddi4
__umoddi3
__unordtf2

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1012B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/libssp-0.dll
.dll windows:4 windows x86 arch:x86

0548dc6a923e7bd088ace2794de4a204

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_exit
_initterm
_iob
_lock
_onexit
calloc
fgets
free
fwrite
gets
malloc
memcpy
memmove
memset
strlen
strncmp
strncpy
_unlock
abort
vfprintf
_write
_open
_close

Exports

Exports

__chk_fail
__gets_chk
__memcpy_chk
__memmove_chk
__mempcpy_chk
__memset_chk
__stack_chk_fail
__stack_chk_guard
__stpcpy_chk
__strcat_chk
__strcpy_chk
__strncat_chk
__strncpy_chk

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 964B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 361B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/license.txt
Tor/ssleay32.dll
.dll windows:4 windows x86 arch:x86

670a727601fae5dba9313a3fa4dd74c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libeay32

ASN1_INTEGER_get
ASN1_INTEGER_set
ASN1_const_check_infinite_end
ASN1_get_object
ASN1_object_size
ASN1_put_object
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_dump_indent
BIO_f_buffer
BIO_find_type
BIO_free
BIO_free_all
BIO_get_retry_reason
BIO_int_ctrl
BIO_method_type
BIO_new
BIO_pop
BIO_printf
BIO_push
BIO_puts
BIO_read
BIO_s_connect
BIO_s_file
BIO_s_mem
BIO_s_socket
BIO_set_flags
BIO_snprintf
BIO_test_flags
BIO_write
BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_clear_free
BN_copy
BN_dup
BN_free
BN_num_bits
BN_ucmp
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strndup
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_zlib
CRYPTO_add_lock
CRYPTO_dup_ex_data
CRYPTO_free
CRYPTO_free_ex_data
CRYPTO_get_ex_data
CRYPTO_get_ex_new_index
CRYPTO_lock
CRYPTO_malloc
CRYPTO_mem_ctrl
CRYPTO_memcmp
CRYPTO_new_ex_data
CRYPTO_set_ex_data
DH_compute_key
DH_free
DH_generate_key
DH_new
DH_size
DHparams_dup
DSA_sign
DSA_verify
ECDH_compute_key
ECDSA_sign
ECDSA_verify
EC_GROUP_free
EC_GROUP_get_curve_name
EC_GROUP_get_degree
EC_GROUP_new_by_curve_name
EC_KEY_dup
EC_KEY_free
EC_KEY_generate_key
EC_KEY_get0_group
EC_KEY_get0_private_key
EC_KEY_get0_public_key
EC_KEY_new
EC_KEY_set_group
EC_KEY_set_private_key
EC_KEY_set_public_key
EC_KEY_up_ref
EC_METHOD_get_field_type
EC_POINT_copy
EC_POINT_free
EC_POINT_new
EC_POINT_oct2point
EC_POINT_point2oct
ENGINE_finish
ENGINE_get_ssl_client_cert_function
ENGINE_init
ENGINE_load_ssl_client_cert
ERR_add_error_data
ERR_clear_error
ERR_func_error_string
ERR_load_crypto_strings
ERR_load_strings
ERR_peek_error
ERR_peek_last_error
ERR_put_error
EVP_CIPHER_CTX_block_size
EVP_CIPHER_CTX_cipher
EVP_CIPHER_CTX_cleanup
EVP_CIPHER_CTX_ctrl
EVP_CIPHER_CTX_flags
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_init
EVP_CIPHER_CTX_iv_length
EVP_CIPHER_CTX_key_length
EVP_CIPHER_CTX_new
EVP_CIPHER_block_size
EVP_CIPHER_flags
EVP_CIPHER_iv_length
EVP_CIPHER_key_length
EVP_Cipher
EVP_CipherInit_ex
EVP_DecryptFinal
EVP_DecryptInit_ex
EVP_DecryptUpdate
EVP_Digest
EVP_DigestFinal
EVP_DigestFinal_ex
EVP_DigestInit
EVP_DigestInit_ex
EVP_DigestSignFinal
EVP_DigestSignInit
EVP_DigestUpdate
EVP_EncryptFinal
EVP_EncryptInit_ex
EVP_EncryptUpdate
EVP_MD_CTX_cleanup
EVP_MD_CTX_copy
EVP_MD_CTX_copy_ex
EVP_MD_CTX_create
EVP_MD_CTX_destroy
EVP_MD_CTX_init
EVP_MD_CTX_md
EVP_MD_CTX_set_flags
EVP_MD_size
EVP_MD_type
EVP_PKEY_CTX_ctrl
EVP_PKEY_CTX_free
EVP_PKEY_CTX_new
EVP_PKEY_asn1_find_str
EVP_PKEY_asn1_get0_info
EVP_PKEY_assign
EVP_PKEY_bits
EVP_PKEY_copy_parameters
EVP_PKEY_decrypt
EVP_PKEY_decrypt_init
EVP_PKEY_derive_set_peer
EVP_PKEY_encrypt
EVP_PKEY_encrypt_init
EVP_PKEY_free
EVP_PKEY_missing_parameters
EVP_PKEY_new
EVP_PKEY_new_mac_key
EVP_PKEY_sign
EVP_PKEY_sign_init
EVP_PKEY_size
EVP_PKEY_verify
EVP_PKEY_verify_init
EVP_SignFinal
EVP_VerifyFinal
EVP_add_cipher
EVP_add_digest
EVP_aes_128_cbc
EVP_aes_128_cbc_hmac_sha1
EVP_aes_128_gcm
EVP_aes_192_cbc
EVP_aes_256_cbc
EVP_aes_256_cbc_hmac_sha1
EVP_aes_256_gcm
EVP_camellia_128_cbc
EVP_camellia_256_cbc
EVP_des_cbc
EVP_des_ede3_cbc
EVP_dss1
EVP_ecdsa
EVP_enc_null
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_idea_cbc
EVP_md5
EVP_rc2_40_cbc
EVP_rc2_cbc
EVP_rc4
EVP_seed_cbc
EVP_sha1
EVP_sha224
EVP_sha256
EVP_sha384
EVP_sha512
HMAC_CTX_cleanup
HMAC_CTX_init
HMAC_Final
HMAC_Init_ex
HMAC_Update
MD5_Init
MD5_Transform
OBJ_NAME_add
OBJ_bsearch_
OBJ_find_sigid_algs
OBJ_nid2sn
OBJ_obj2nid
OCSP_RESPID_free
OPENSSL_DIR_end
OPENSSL_DIR_read
OPENSSL_cleanse
OpenSSLDie
PEM_ASN1_read
PEM_ASN1_read_bio
PEM_ASN1_write
PEM_ASN1_write_bio
PEM_read_bio_PrivateKey
PEM_read_bio_RSAPrivateKey
PEM_read_bio_X509
PEM_read_bio_X509_AUX
RAND_add
RAND_bytes
RAND_pseudo_bytes
RSAPrivateKey_dup
RSA_flags
RSA_free
RSA_new
RSA_private_decrypt
RSA_public_encrypt
RSA_sign
RSA_size
RSA_up_ref
RSA_verify
SHA1_Init
SHA1_Transform
SHA224_Init
SHA256_Init
SHA256_Transform
SHA384_Init
SHA512_Init
SHA512_Transform
SRP_Calc_A
SRP_Calc_B
SRP_Calc_client_key
SRP_Calc_server_key
SRP_Calc_u
SRP_Calc_x
SRP_Verify_A_mod_N
SRP_Verify_B_mod_N
SRP_check_known_gN_param
SRP_create_verifier_BN
SRP_get_default_gN
X509_EXTENSION_free
X509_NAME_cmp
X509_NAME_dup
X509_NAME_free
X509_STORE_CTX_cleanup
X509_STORE_CTX_get0_param
X509_STORE_CTX_get_ex_new_index
X509_STORE_CTX_init
X509_STORE_CTX_set_default
X509_STORE_CTX_set_ex_data
X509_STORE_CTX_set_verify_cb
X509_STORE_free
X509_STORE_load_locations
X509_STORE_new
X509_STORE_set_default_paths
X509_VERIFY_PARAM_free
X509_VERIFY_PARAM_get_depth
X509_VERIFY_PARAM_inherit
X509_VERIFY_PARAM_new
X509_VERIFY_PARAM_set1
X509_VERIFY_PARAM_set_depth
X509_VERIFY_PARAM_set_purpose
X509_VERIFY_PARAM_set_trust
X509_certificate_type
X509_check_private_key
X509_check_purpose
X509_free
X509_get_pubkey
X509_get_subject_name
X509_verify_cert
X509_verify_cert_error_string
asn1_GetSequence
asn1_add_error
asn1_const_Finish
d2i_ASN1_INTEGER
d2i_ASN1_OCTET_STRING
d2i_OCSP_RESPID
d2i_PrivateKey
d2i_PrivateKey_bio
d2i_RSAPrivateKey
d2i_RSAPrivateKey_bio
d2i_X509
d2i_X509_EXTENSIONS
d2i_X509_NAME
d2i_X509_bio
i2d_ASN1_INTEGER
i2d_ASN1_OCTET_STRING
i2d_OCSP_RESPID
i2d_X509
i2d_X509_EXTENSIONS
i2d_X509_NAME
lh_delete
lh_doall_arg
lh_free
lh_insert
lh_new
lh_num_items
lh_retrieve
pitem_free
pitem_new
pqueue_find
pqueue_free
pqueue_insert
pqueue_iterator
pqueue_new
pqueue_next
pqueue_peek
pqueue_pop
pqueue_size
sk_delete
sk_dup
sk_find
sk_free
sk_new
sk_new_null
sk_num
sk_pop_free
sk_push
sk_set
sk_set_cmp_func
sk_shift
sk_sort
sk_value
sk_zero

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_errno
_ftime
_initterm
_iob
_lock
_onexit
time
calloc
fprintf
free
fwrite
malloc
memcmp
memmove
strchr
strlen
strncmp
strncpy
_unlock
abort
vfprintf

libssp-0

__stack_chk_fail
__stack_chk_guard

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SRP_generate_client_master_secret
SRP_generate_server_master_secret
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_SESSION_free
SSL_SESSION_get0_peer
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set1_id_context
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_cache_hit
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_export_keying_material
SSL_free
SSL_get0_next_proto_negotiated
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_selected_srtp_profile
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_debug
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_state
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/tor.exe
.exe windows:4 windows x86 arch:x86

53557cac085025048a6630a3ec029eb6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

26/02/2016, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ed:11:7a:a4:22:ac:c0:c5:c5:e2:30:31:17:c4:78:47:a9:b4:0e:20:54:a3:59:22:24:06:7b:a5:29:a1:3d:9f
Signer

Actual PE Digest

ed:11:7a:a4:22:ac:c0:c5:c5:e2:30:31:17:c4:78:47:a9:b4:0e:20:54:a3:59:22:24:06:7b:a5:29:a1:3d:9f

Digest Algorithm

sha256

PE Digest Matches

true

e9:fa:e1:f1:15:0b:a9:b0:ca:f9:65:94:d5:5c:04:0e:c7:fb:8f:6d
Signer

Actual PE Digest

e9:fa:e1:f1:15:0b:a9:b0:ca:f9:65:94:d5:5c:04:0e:c7:fb:8f:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libevent-2-0-5

evdns_add_server_port_with_base
evdns_base_clear_nameservers_and_suspend
evdns_base_config_windows_nameservers
evdns_base_count_nameservers
evdns_base_new
evdns_base_resolv_conf_parse
evdns_base_resolve_ipv4
evdns_base_resolve_ipv6
evdns_base_resolve_reverse
evdns_base_resolve_reverse_ipv6
evdns_base_resume
evdns_base_search_clear
evdns_base_set_option
evdns_close_server_port
evdns_server_request_add_a_reply
evdns_server_request_add_aaaa_reply
evdns_server_request_add_ptr_reply
evdns_server_request_get_requesting_addr
evdns_server_request_respond
evdns_set_log_fn
evdns_set_random_bytes_fn
evdns_shutdown
event_active
event_add
event_base_get_method
event_base_loop
event_base_loopexit
event_base_new_with_config
event_config_free
event_config_new
event_config_set_flag
event_config_set_num_cpus_hint
event_del
event_free
event_get_version
event_new
event_pending
event_set_log_callback
evutil_secure_rng_add_bytes
evutil_secure_rng_get_bytes
evutil_secure_rng_init

advapi32

CryptAcquireContextA
CryptGenRandom

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileMappingA
CreatePipe
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceExA
GetExitCodeProcess
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalMemoryStatusEx
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LoadLibraryA
LocalFree
MapViewOfFile
OpenProcess
PeekNamedPipe
QueryPerformanceCounter
ReadFile
ResetEvent
SetEvent
SetHandleInformation
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthread
_cexit
_chsize
_endthread
_environ
_errno
_exit
_fmode
_fstati64
_fullpath
_getpid
_getwch
_initterm
_iob
_lock
_locking
_lseek
_onexit
_putch
_snwprintf
_stati64
_stricmp
_strnicmp
atoi
calloc
exit
fclose
feof
fgets
fopen
fprintf
fputs
free
fwprintf
fwrite
gmtime
islower
isspace
isupper
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
printf
puts
qsort
raise
realloc
rename
signal
strcat
strchr
strcmp
strerror
strftime
strlen
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
_unlock
_vsnprintf
abort
atof
time
vfprintf
wcscpy
_write
_utime
_unlink
_strdup
_read
_open
_mkdir
_getcwd
_fileno
_fdopen
_close

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

libssp-0

__stack_chk_fail
__stack_chk_guard

user32

MessageBoxW

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
send
setsockopt
socket

libeay32

ASN1_STRING_to_UTF8
ASN1_TIME_print
BIO_ctrl
BIO_f_buffer
BIO_free
BIO_new
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_number_read
BIO_number_written
BIO_s_mem
BIO_write
BN_bin2bn
BN_bn2bin
BN_bn2hex
BN_clear_free
BN_cmp
BN_copy
BN_dup
BN_hex2bn
BN_new
BN_num_bits
BN_set_word
BN_sub_word
BN_to_ASN1_INTEGER
BUF_MEM_free
CONF_modules_unload
CRYPTO_THREADID_set_callback
CRYPTO_THREADID_set_numeric
CRYPTO_cleanup_all_ex_data
CRYPTO_free
CRYPTO_num_locks
CRYPTO_set_dynlock_create_callback
CRYPTO_set_dynlock_destroy_callback
CRYPTO_set_dynlock_lock_callback
CRYPTO_set_locking_callback
DH_compute_key
DH_free
DH_generate_key
DH_new
DH_size
DH_up_ref
EC_KEY_free
EC_KEY_new_by_curve_name
ENGINE_by_id
ENGINE_cleanup
ENGINE_ctrl_cmd_string
ENGINE_free
ENGINE_get_cipher_engine
ENGINE_get_default_DH
ENGINE_get_default_ECDH
ENGINE_get_default_ECDSA
ENGINE_get_default_RAND
ENGINE_get_default_RSA
ENGINE_get_digest_engine
ENGINE_get_id
ENGINE_get_name
ENGINE_load_builtin_engines
ENGINE_register_all_complete
ENGINE_set_default
ERR_free_strings
ERR_func_error_string
ERR_get_error
ERR_lib_error_string
ERR_load_crypto_strings
ERR_peek_error
ERR_reason_error_string
ERR_remove_state
EVP_CIPHER_CTX_cleanup
EVP_EncryptInit
EVP_EncryptUpdate
EVP_PKEY_assign
EVP_PKEY_bits
EVP_PKEY_cmp
EVP_PKEY_free
EVP_PKEY_get1_RSA
EVP_PKEY_new
EVP_PKEY_type
EVP_aes_128_ctr
EVP_cleanup
EVP_sha1
EVP_sha256
HMAC
OBJ_obj2nid
OBJ_txt2nid
OPENSSL_add_all_algorithms_noconf
OPENSSL_cleanse
PEM_read_bio_RSAPrivateKey
PEM_read_bio_RSAPublicKey
PEM_write_bio_RSAPrivateKey
PEM_write_bio_RSAPublicKey
PKCS5_PBKDF2_HMAC_SHA1
RAND_SSLeay
RAND_bytes
RAND_get_rand_method
RAND_poll
RAND_seed
RAND_set_rand_method
RSAPrivateKey_dup
RSAPublicKey_dup
RSA_check_key
RSA_free
RSA_generate_key_ex
RSA_new
RSA_private_decrypt
RSA_private_encrypt
RSA_public_decrypt
RSA_public_encrypt
RSA_size
SHA1
SHA1_Final
SHA1_Init
SHA1_Update
SHA256
SHA256_Final
SHA256_Init
SHA256_Update
SHA512
SHA512_Final
SHA512_Init
SHA512_Update
SSLeay
SSLeay_version
X509_NAME_ENTRY_get_data
X509_NAME_ENTRY_get_object
X509_NAME_add_entry_by_NID
X509_NAME_cmp
X509_NAME_entry_count
X509_NAME_free
X509_NAME_get_entry
X509_NAME_new
X509_STORE_add_cert
X509_cmp
X509_cmp_time
X509_dup
X509_free
X509_get_issuer_name
X509_get_pubkey
X509_get_serialNumber
X509_get_subject_name
X509_new
X509_set_issuer_name
X509_set_pubkey
X509_set_subject_name
X509_set_version
X509_sign
X509_time_adj
X509_verify
d2i_RSAPrivateKey
d2i_RSAPublicKey
d2i_X509
i2d_RSAPrivateKey
i2d_RSAPublicKey
i2d_X509
sk_num
sk_value

ssleay32

SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_new
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey
SSL_CTX_use_certificate
SSL_accept
SSL_connect
SSL_ctrl
SSL_do_handshake
SSL_free
SSL_get_current_cipher
SSL_get_error
SSL_get_ex_data
SSL_get_ex_new_index
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_rbio
SSL_get_session
SSL_get_wbio
SSL_library_init
SSL_load_error_strings
SSL_new
SSL_pending
SSL_read
SSL_renegotiate
SSL_set_bio
SSL_set_cipher_list
SSL_set_ex_data
SSL_set_info_callback
SSL_set_session_secret_cb
SSL_set_verify
SSL_shutdown
SSL_state
SSL_state_string_long
SSL_write
SSLv23_method

zlib1

deflate
deflateEnd
deflateInit2_
inflate
inflateEnd
inflateInit2_
zlibVersion

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 511KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tor/zlib1.dll
.dll windows:4 windows x86 arch:x86

1482b34ce1d2ee072623f0075f4cab83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_errno
_initterm
_iob
_lock
_lseeki64
_onexit
calloc
free
fwrite
malloc
memchr
memcpy
memset
strerror
strlen
strncmp
_unlock
_vsnprintf
_wopen
abort
vfprintf
wcstombs
_write
_read
_open
_close

libssp-0

__stack_chk_fail
__stack_chk_guard

Exports

Exports

adler32
adler32_combine
adler32_combine64
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 964B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
changes.txt
lang/English.xml
.xml
lang/Russian.xml
.xml
license.txt
msu.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

26/02/2016, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a7:db:2c:0a:f5:c4:58:e4:59:62:79:54:31:48:fe:de:0b:c6:dc:c7:19:a2:6c:02:81:78:8b:ce:42:7d:b3:cd
Signer

Actual PE Digest

a7:db:2c:0a:f5:c4:58:e4:59:62:79:54:31:48:fe:de:0b:c6:dc:c7:19:a2:6c:02:81:78:8b:ce:42:7d:b3:cd

Digest Algorithm

sha256

PE Digest Matches

true

ed:57:92:b3:41:ec:58:c7:fa:ed:b8:5d:75:54:e0:a1:b1:44:e7:1c
Signer

Actual PE Digest

ed:57:92:b3:41:ec:58:c7:fa:ed:b8:5d:75:54:e0:a1:b1:44:e7:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
msu_l.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15/04/2015, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

26/02/2016, 00:00

Not After

14/04/2016, 23:59

Subject

CN=Thanksoft,O=Thanksoft,L=Dnepropetrovsk,ST=Dnepropetrovsk,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3e:ba:e5:f4:e6:e9:e5:2c:5f:18:b9:86:ef:86:63:aa:c1:fd:3f:c5:79:7f:10:32:d1:13:0d:b2:4a:58:26:d0
Signer

Actual PE Digest

3e:ba:e5:f4:e6:e9:e5:2c:5f:18:b9:86:ef:86:63:aa:c1:fd:3f:c5:79:7f:10:32:d1:13:0d:b2:4a:58:26:d0

Digest Algorithm

sha256

PE Digest Matches

true

0c:50:ad:1f:df:bd:b1:c5:2b:e1:af:eb:6e:63:b2:07:04:d5:8a:14
Signer

Actual PE Digest

0c:50:ad:1f:df:bd:b1:c5:2b:e1:af:eb:6e:63:b2:07:04:d5:8a:14

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nfapi.dll
.dll windows:4 windows x86 arch:x86

bf4f0533d2f227fd7b8cbb862021108e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

j:\projects\netfilter3\bin\Release_c_api\Win32\nfapi.pdb

Imports

kernel32

GetModuleHandleA
OpenProcess
GetCurrentProcessId
GetTickCount
GetLogicalDriveStringsW
QueryDosDeviceW
GetProcAddress
WriteFile
GetLastError
CancelIo
GetOverlappedResult
CreateFileA
DeviceIoControl
WaitForMultipleObjects
WaitForSingleObject
CreateEventA
SetEvent
CloseHandle
GetSystemInfo
ResetEvent
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetDriveTypeW
DeleteCriticalSection
FlushFileBuffers
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

advapi32

OpenSCManagerA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
DeleteService
OpenServiceA
CloseServiceHandle
StartServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CreateServiceA

psapi

GetModuleFileNameExA
GetModuleFileNameExW

Exports

Exports

nf_addRule
nf_adjustProcessPriviledges
nf_completeTCPConnectRequest
nf_completeUDPConnectRequest
nf_deleteRules
nf_free
nf_getConnCount
nf_getProcessNameA
nf_getProcessNameFromKernel
nf_getProcessNameW
nf_getTCPConnInfo
nf_getUDPConnInfo
nf_init
nf_registerDriver
nf_setOptions
nf_setTCPTimeout
nf_tcpClose
nf_tcpDisableFiltering
nf_tcpIsProxy
nf_tcpPostReceive
nf_tcpPostSend
nf_tcpSetConnectionState
nf_tcpSetSockOpt
nf_udpDisableFiltering
nf_udpPostReceive
nf_udpPostSend
nf_udpSetConnectionState
nf_unRegisterDriver

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nfapinet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\nfsdk-std-1.4.6.9\samples\CSharp\nfapinet\obj\x86\Release\nfapinet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nunit.framework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ea4df5d94204fc550be1874e1b77ea7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5aCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13Certificate

Extended Key Usages

Key Usages

96:ec:d4:79:1f:9a:73:18:4f:e7:70:21:82:22:86:12:87:82:20:8e:fd:40:12:28:20:01:11:cb:cf:60:f4:1eSigner

96:db:9c:c8:00:2d:2c:82:dd:85:22:26:ac:03:8f:44:41:fa:89:54Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 212KB

.rsrc Size: 17KB - Virtual size: 17KB

f657cdbb0ef64f27813cf66292211d81

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 8KB

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 6KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

3b:50:06:9e:94:5d:49:34:fd:f6:54:6b:ca:6c:cf:5a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

3a:f1:a1:ac:b2:17:d0:c6:f6:ce:6d:7a:43:28:10:75
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

96:ec:d4:79:1f:9a:73:18:4f:e7:70:21:82:22:86:12:87:82:20:8e:fd:40:12:28:20:01:11:cb:cf:60:f4:1e
Signer

96:db:9c:c8:00:2d:2c:82:dd:85:22:26:ac:03:8f:44:41:fa:89:54
Signer

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 212KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 352B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 578B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 610B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 630B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 25KB

.reloc
Size: 1024B - Virtual size: 882B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate