ToDesk_Setup[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ToDesk_Setup.exe
Size

54.0MB
MD5

e82b81f3bbc6a1ffa70cacde98382da9
SHA1

c692a180ae55c3b9a284fce851ceecfefda6a286
SHA256

ce4b9ebd7b80f21a442722d3151816982d7f5ffb59a5e246281f4de0d85fe24a
SHA512

c1d9cbd9840eb5a848f32b6b0447242df3fdf90ca899dde0eac2cd9ffb5d30e20f859c6cc0476b039d8b32b64966b3371cd270233014c2df5b8a94dba94b9e32
SSDEEP

1572864:dG+cwDd/LhmbufLHlNXJ0+3DtfqNjCoq0ALGGCNhp5:dlpLhmqFN5Z3hSdhq0L/hp5

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsNiuniuSkin.dll	acprotect
static1/unpack005/$PLUGINSDIR/nsNiuniuSkin.dll	acprotect

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsNiuniuSkin.dll	upx
static1/unpack001/CrashReport.exe	upx
static1/unpack005/$PLUGINSDIR/nsNiuniuSkin.dll	upx

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/BgWorker.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack002/out.upx
unpack004/out.upx
unpack001/drivers/cameramic/devcon.exe
unpack001/drivers/tdgamepad/devcon.exe
unpack001/drivers/tdscreen/devcon.exe
unpack001/drivers/vhid/devcon.exe
unpack005/$PLUGINSDIR/BgWorker.dll
unpack005/$PLUGINSDIR/System.dll
unpack005/$PLUGINSDIR/nsExec.dll
unpack006/out.upx
unpack005/$PLUGINSDIR/nsProcess.dll

Files

ToDesk_Setup.exe
.exe windows:4 windows x86 arch:x86

7eae418c7423834ffc3d79b4300bd6fb

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/09/2023, 00:00

Not After

02/10/2026, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Sanya,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

32:3d:a5:02:bf:20:5d:1b:93:e7:ae:f4:56:b6:8d:f1:52:e9:87:c6:7a:6a:59:28:56:c1:ae:32:92:a0:27:22
Signer

Actual PE Digest

32:3d:a5:02:bf:20:5d:1b:93:e7:ae:f4:56:b6:8d:f1:52:e9:87:c6:7a:6a:59:28:56:c1:ae:32:92:a0:27:22

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
SetCurrentDirectoryW
GetFileAttributesW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
ExitProcess
MoveFileW
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
lstrcmpW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MulDiv
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
FreeLibrary
GetPrivateProfileStringW
GetModuleHandleW
LoadLibraryExW

user32

GetWindowRect
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
ScreenToClient
EnableMenuItem
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
SystemParametersInfoW
EndDialog
RegisterClassW
DialogBoxParamW
CreateWindowExW
GetClassInfoW
DestroyWindow
CharNextW
ExitWindowsEx
SetWindowTextW
LoadImageW
SetTimer
ShowWindow
PostQuitMessage
wsprintfW
SetWindowLongW
FindWindowExW
IsWindow
CreatePopupMenu
AppendMenuW
GetSystemMetrics
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BgWorker.dll
.dll windows:4 windows x86 arch:x86

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
CloseHandle
SetThreadPriority
CreateThread

user32

IsWindowUnicode
PostMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects

Exports

Exports

CallAndWait

Sections

.text
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleSC.dll
.dll windows:5 windows x86 arch:x86

a9546246ff97b887a4072a24f9106617

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/09/2021, 00:00

Not After

30/09/2023, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=海口市,ST=海南省,C=CN,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b5b7e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68
Signer

Actual PE Digest

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EnterCriticalSection
SetFilePointer
GetACP
CloseHandle
LocalFree
SuspendThread
VirtualProtect
TlsAlloc
GetTickCount
IsDebuggerPresent
GetFullPathNameW
VirtualFree
HeapAlloc
GetStartupInfoW
ExitProcess
GetFileAttributesW
InitializeCriticalSection
GetCPInfoExW
GetThreadPriority
GetCurrentProcess
SetThreadPriority
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
ResumeThread
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
HeapCreate
HeapDestroy
ReadFile
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
HeapSize
lstrcpynW
SetLastError
GetModuleFileNameW
GetLastError
GlobalAlloc
lstrlenW
SetEndOfFile
CompareStringW
CreateThread
HeapFree
WideCharToMultiByte
MultiByteToWideChar
FindClose
LoadLibraryA
ResetEvent
SetEvent
CreateFileW
GetLocaleInfoW
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetLocalTime
WaitForSingleObject
GetCurrentThread
WriteFile
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GlobalFree
VirtualQueryEx
GetThreadLocale
Sleep
SetThreadLocale

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
FindWindowExW
CharLowerBuffW
LoadStringW
CharUpperW
PeekMessageW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

CloseServiceHandle
ControlService
CreateServiceW
LookupAccountNameW
DeleteService
LsaAddAccountRights
StartServiceW
UnlockServiceDatabase
GetServiceKeyNameW
GetServiceDisplayNameW
ChangeServiceConfigW
LsaClose
LockServiceDatabase
OpenServiceW
ChangeServiceConfig2W
EnumDependentServicesW
QueryServiceConfig2W
LsaRemoveAccountRights
QueryServiceStatus
AdjustTokenPrivileges
QueryServiceConfigW
LookupPrivilegeValueW
OpenSCManagerW
LsaOpenPolicy
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

ContinueService
ExistsService
GetErrorMessage
GetServiceBinaryPath
GetServiceDelayedAutoStartInfo
GetServiceDescription
GetServiceDisplayName
GetServiceFailure
GetServiceFailureFlag
GetServiceLogon
GetServiceName
GetServiceStartType
GetServiceStatus
GrantServiceLogonPrivilege
InstallService
PauseService
RemoveService
RemoveServiceLogonPrivilege
RestartService
ServiceIsPaused
ServiceIsRunning
ServiceIsStopped
SetServiceBinaryPath
SetServiceDelayedAutoStartInfo
SetServiceDescription
SetServiceFailure
SetServiceFailureFlag
SetServiceLogon
SetServiceStartType
StartService
StopService
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/killer.dll
.dll windows:6 windows x86 arch:x86

d1e7cac091c2e57d89d4bb643ace96f4

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:64:15:e0:d1:e6:87:25:4a:9f:46:ed:5c:8f:6f:86
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d1:d8:7d:cd:98:c4:70:f6:84:f5:77:e3:b8:23:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b0:77:e9:8e:25:80:5b:a9:0c:8f:3f:b8:48:80:bc:30:ad:30:7d:f2:e7:0c:cd:60:2a:06:5b:96:05:74:ab:0f
Signer

Actual PE Digest

b0:77:e9:8e:25:80:5b:a9:0c:8f:3f:b8:48:80:bc:30:ad:30:7d:f2:e7:0c:cd:60:2a:06:5b:96:05:74:ab:0f

Digest Algorithm

sha256

PE Digest Matches

true

b1:e4:1a:87:07:8b:06:6a:a5:86:32:35:51:0e:e0:d3:69:7f:66:b2
Signer

Actual PE Digest

b1:e4:1a:87:07:8b:06:6a:a5:86:32:35:51:0e:e0:d3:69:7f:66:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcessId
lstrcmpiW
CloseHandle
TerminateProcess
Process32NextW
lstrcpynW
GetCurrentProcess
GlobalFree
OpenProcess
GlobalAlloc
IsProcessorFeaturePresent

user32

wsprintfW

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW

Exports

Exports

IsProcessRunning
KillProcess

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/logo.ico
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

488b9c61d28b8855f328d854ae7601be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
IsDBCSLeadByteEx
CreateProcessW
GetStartupInfoW
CreatePipe
GetVersion
DeleteFileW
lstrcmpiW
lstrlenW
lstrcatW
TerminateProcess
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
CreateFileW
Sleep
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
GetCurrentProcess
ExitProcess
lstrcpynW
GetCommandLineW
GlobalReAlloc
CloseHandle
UnmapViewOfFile
CopyFileW

user32

SendMessageW
CharNextW
CharPrevW
FindWindowExW
wsprintfW
CharNextExA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsNiuniuSkin.dll
.dll windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:9c:95:50:84:8e:a9:4b:c7:94:1d:6d:ad:69:12:f0
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

29/11/2022, 00:00

Not After

28/11/2025, 23:59

Subject

CN=深圳市利洽科技有限公司,O=深圳市利洽科技有限公司,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:dd:6c:39:b6:f6:53:21:e3:25:94:d9:2d:9f:f6:c5:41:c8:a4:57
Signer

Actual PE Digest

2b:dd:6c:39:b6:f6:53:21:e3:25:94:d9:2d:9f:f6:c5:41:c8:a4:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AutoChangeControlTextByLanguage
BindCallBack
BindCallBackEx
DownloadAppFile
DownloadFile
EnableDpi
ExitDUISetup
FileHelper
GetControlAttribute
GetControlProperties
GetCosValue
GetCurrentLangId
GetTimeStamp
GetWindowSize
HttpInvoke
InitCurrentLanguage
InitEngine
InitSkinPage
InitSkinSubPage
KillInnerTimer
KillTimerCallBack
OnlyOneInstance
ProcessEvent
ResetLicenseFile
ResetLicenseFileEx
ScanResourceFiles
SelOrHoverControl
SelectInstallDir
SelectInstallDirEx
SetControlAttribute
SetControlAttributeInner
SetCurrentLangId
SetCurrentLanguage
SetDebugMode
SetDebugSelectScaleMode
SetDownloadMode
SetInnerTimer
SetLangName
SetLangString
SetTimerCallBack
SetTimerControlAttribute
SetTopMost
SetWindowSize
SetWindowTitle
ShowHide
ShowPage
ShowPageItem
ShowSkinSubPage
StringHelper
TranslateMsg

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsSCM.dll
.dll windows:4 windows x86 arch:x86

cae3b41a07819ca715746a4d081b8a6c

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:64:15:e0:d1:e6:87:25:4a:9f:46:ed:5c:8f:6f:86
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d1:d8:7d:cd:98:c4:70:f6:84:f5:77:e3:b8:23:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b4:50:1b:fd:d3:87:d8:bc:76:f5:e1:7a:36:67:d4:8a:25:db:6f:ca:30:d5:a1:9b:74:1d:de:c8:ce:1c:bb:21
Signer

Actual PE Digest

b4:50:1b:fd:d3:87:d8:bc:76:f5:e1:7a:36:67:d4:8a:25:db:6f:ca:30:d5:a1:9b:74:1d:de:c8:ce:1c:bb:21

Digest Algorithm

sha256

PE Digest Matches

true

5c:f1:9a:c2:9d:cf:97:95:e8:30:b3:75:b4:cb:fa:b9:3f:5e:92:2b
Signer

Actual PE Digest

5c:f1:9a:c2:9d:cf:97:95:e8:30:b3:75:b4:cb:fa:b9:3f:5e:92:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CreateServiceA
StartServiceA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CloseServiceHandle

kernel32

GlobalFree
GetLastError
lstrcpyA
lstrcpynA
GlobalAlloc

user32

wsprintfA

Exports

Exports

Install
QueryStatus
Remove
Start
Stop

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/skin.zip
.zip
configpage.xml
default.xml
.xml
finishpage.xml
images/arrow_gray.png
.png
images/[email protected]
.png
images/banner1.png
.png
images/[email protected]
.png
images/banner2.png
.png
images/[email protected]
.png
images/banner3.png
.png
images/[email protected]
.png
images/banner4.png
.png
images/[email protected]
.png
images/bg.png
.png
images/[email protected]
.png
images/browse.png
.png
images/[email protected]
.png
images/check_blue.png
.png
images/[email protected]
.png
images/check_darkgray.png
.png
images/[email protected]
.png
images/check_gray.png
.png
images/[email protected]
.png
images/close_black.png
.png
images/[email protected]
.png
images/close_darkgray.png
.png
images/[email protected]
.png
images/close_gray.png
.png
images/[email protected]
.png
images/close_white.png
.png
images/[email protected]
.png
images/finish.png
.png
images/[email protected]
.png
images/installing.png
.png
images/[email protected]
.png
images/installing_empty.png
.png
images/[email protected]
.png
images/logo1.png
.png
images/[email protected]
.png
images/logo2.png
.png
images/[email protected]
.png
images/logo3.png
.png
images/[email protected]
.png
images/logo_empty.png
.png
images/[email protected]
.png
images/min_black.png
.png
images/[email protected]
.png
images/min_dark.png
.png
images/[email protected]
.png
images/min_gray.png
.png
images/[email protected]
.png
images/min_white.png
.png
images/[email protected]
.png
images/notice.png
.png
images/[email protected]
.png
images/scroll_bg.png
.png
images/[email protected]
.png
images/scroll_fg.png
.png
images/[email protected]
.png
images/shadow.png
.png
images/[email protected]
.png
images/uninst_empty.png
.png
images/[email protected]
.png
images/uninst_finish.png
.png
images/[email protected]
.png
images/uninstall.png
.png
images/uninstall2.png
.png
images/[email protected]
.png
images/[email protected]
.png
images/uninstalling.png
.png
images/[email protected]
.png
images/warning.png
.png
images/[email protected]
.png
install.xml
installingpage.xml
licensepage.xml
logo.ico
msgBox.xml
.xml
uninstallfinishpage.xml
uninstallingpage.xml
uninstallpage.xml
CrashReport.exe
.exe windows:5 windows x86 arch:x86

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/09/2021, 00:00

Not After

30/09/2023, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=海口市,ST=海南省,C=CN,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b5b7e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:60:e1:db:cb:05:81:a3:94:29:d6:f3:99:d4:9d:90:8b:2a:23:fd:f1:9a:1c:55:c6:49:35:f9:eb:60:21:f1
Signer

Actual PE Digest

c3:60:e1:db:cb:05:81:a3:94:29:d6:f3:99:d4:9d:90:8b:2a:23:fd:f1:9a:1c:55:c6:49:35:f9:eb:60:21:f1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 884KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 540KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 907KB - Virtual size: 907KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ToDesk.exe
.exe windows:6 windows x64 arch:x64

cf9e414acce611f7e6c29fcbdb3f7a8a

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/09/2023, 00:00

Not After

02/10/2026, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Sanya,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:1d:87:c1:2a:21:01:66:cc:b6:3e:ff:24:1a:b2:ca:e8:8a:53:08:d1:0a:7d:52:91:31:a4:00:79:d5:15:0d
Signer

Actual PE Digest

b4:1d:87:c1:2a:21:01:66:cc:b6:3e:ff:24:1a:b2:ca:e8:8a:53:08:d1:0a:7d:52:91:31:a4:00:79:d5:15:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\jenkins\workspace\todesk-toc-win\bin\x64\Release\todesk\ToDesk.pdb

Imports

shlwapi

PathIsRelativeW
PathStripPathW
PathCombineW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathFileExistsA

wtsapi32

WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSDisconnectSession
WTSQueryUserToken
WTSLogoffSession
WTSFreeMemory

advapi32

CryptCreateHash
CryptSignHashW
CryptDestroyHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameA
InitializeSecurityDescriptor
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
CreateProcessAsUserW
OpenProcessToken
LogonUserW
CreateProcessAsUserA
CryptGetProvParam
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegGetValueW
GetSecurityInfo
GetUserNameW
SystemFunction036
FreeSid
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CheckTokenMembership
AdjustTokenPrivileges
CreateProcessWithLogonW
LookupPrivilegeValueW
EnumServicesStatusW
OpenServiceW
ChangeServiceConfigW
QueryServiceConfigW
StartServiceW
ControlService
DeleteService
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
CreateServiceW
SetTokenInformation
ImpersonateLoggedOnUser
RevertToSelf
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptEnumProvidersW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

ws2_32

accept
recvfrom
getservbyname
getservbyport
gethostbyaddr
ntohl
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSASetLastError
WSARecvFrom
FreeAddrInfoW
GetAddrInfoW
WSASocketW
send
WSARecv
WSAIoctl
WSADuplicateSocketW
getsockopt
gethostname
getnameinfo
getsockname
freeaddrinfo
getaddrinfo
recv
listen
__WSAFDIsSet
gethostbyname
select
connect
ioctlsocket
WSAGetLastError
WSAStringToAddressA
ntohs
shutdown
setsockopt
bind
closesocket
socket
htons
getpeername
inet_addr
inet_ntoa
htonl
WSACleanup
WSAStartup
sendto
WSASend

zrtc

?reset@?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAAXPEAVUnpublishCallback@2@@Z
??B?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEBA_NXZ
??1?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??B?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEBAPEAVAudios@ErizoStreamItf@1@XZ
?createCameraSource@zuler@@YA?AV?$UniquePtr@VCameraSourceItf@zuler@@@1@PEBD@Z
??0?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAA@PEAVCameraSourceItf@1@@Z
??1?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAA@XZ
??4?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??B?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEBAPEAVCameraSourceItf@1@XZ
?reset@?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAAXPEAVListener@ErizoStreamItf@2@@Z
?get@?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEBAPEAVCameraSourceItf@2@XZ
?reset@?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAAXPEAVCameraSourceItf@2@@Z
?reset@?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAAXXZ
??0?$WeakPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??C?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEBAPEAVDataChannelItf@1@XZ
??0?$WeakPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VUnpublishCallback@zuler@@@1@@Z
??0?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVListener@ErizoStreamItf@1@@Z
??4?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??B?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@PEAVUnpublishCallback@1@@Z
??1?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
?get@?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEBAPEAVCameraCapabilitiesItf@CameraSourceItf@2@XZ
??C?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEBAPEAVCameraCapabilitiesItf@CameraSourceItf@1@XZ
??1?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
?getCameraCapabilities@CameraSourceItf@zuler@@SA?AV?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@2@PEBD@Z
??1?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??4?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@PEAVErizoStreamItf@1@@Z
??4?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??C?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEBAPEAVErizoStreamItf@1@XZ
??0?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@PEAVListener@DesktopSourceItf@1@@Z
?get@?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEBAPEAVDesktopSourceItf@2@XZ
??C?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEBAPEAVDesktopSourceItf@1@XZ
??B?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEBA_NXZ
??4?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??1?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@PEAVDesktopSourceItf@1@@Z
?get@?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEBAPEAVErizoStreamItf@2@XZ
??B?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VSubscribeCallback@zuler@@@1@@Z
??0?$WeakPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@DesktopSourceItf@zuler@@@1@@Z
??C?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEBAPEAVSourcesItf@DesktopSourceItf@1@XZ
??1?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VPublishCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VPublishCallback@zuler@@@1@@Z
??1?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??B?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEBA_NXZ
??1?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAA@PEAVErizoRoomItf@1@@Z
??1?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??4?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??B?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEBAPEAVErizoRoomItf@1@XZ
?reset@?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAAXPEAVErizoRoomItf@2@@Z
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??1?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@ErizoRoomItf@zuler@@@1@@Z
??0?$WeakPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@ErizoStreamItf@zuler@@@1@@Z
??1?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVListener@ErizoRoomItf@1@@Z
??4?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??1?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
?reset@?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAAXXZ
??0?$WeakPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VUnsubscribeCallback@zuler@@@1@@Z
??0?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@PEAVErizoClientItf@1@@Z
??4?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
?get@?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEBAPEAVErizoClientItf@2@XZ
?reset@?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAAXXZ
??0?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@PEAVPublishCallback@1@@Z
??4?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??B?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@1@@Z
??0?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??C?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEBAPEAVStreams@ErizoRoomItf@1@XZ
??B?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@PEAVSubscribeCallback@1@@Z
?getSpeakers@AudioDeviceManageItf@zuler@@SA?AV?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@2@XZ
??1?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@PEAVUnsubscribeCallback@1@@Z
??1?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@PEAVErizoStreamItf@1@@Z
??1?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??4?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??B?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEBAPEAVErizoStreamItf@1@XZ
?get@?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEBAPEAVErizoStreamItf@2@XZ
?reset@?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAAXPEAVErizoStreamItf@2@@Z
?setLogWriter@zuler@@YAXPEAVLogWriterItf@1@W4LogLevel@1@@Z
?setRtcLogWriter@zuler@@YAXPEAVLogWriterItf@1@W4LogLevel@1@@Z
??0?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
?use_count@?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEBAJXZ
?reset@?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAAXPEAVVideoFrameItf@2@@Z
?CreateImageProcessingModule@zuler@@YA?AV?$UniquePtr@VImageProcessingModuleItf@zuler@@@1@XZ
??0?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@PEAVImageProcessingModuleItf@1@@Z
??1?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@XZ
??4?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??B?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEBAPEAVImageProcessingModuleItf@1@XZ
??0?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@PEAVThreadItf@1@@Z
??4?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??1?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@XZ
?Create@ThreadItf@zuler@@SA?AV?$SharedPtr@VThreadItf@zuler@@@2@PEBD@Z
??0?$WeakPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@1@@Z
??1?$UniquePtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
?CreateErizoClient@zuler@@YA?AV?$UniquePtr@VErizoClientItf@zuler@@@1@AEAUCONFIG@1@V?$SharedPtr@VThreadItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VErizoClientItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??4?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
?lock@?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEBA?AV?$SharedPtr@VErizoClientItf@zuler@@@2@XZ
??4?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV?$UniquePtr@VErizoClientItf@zuler@@@1@@Z
??C?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEBAPEAVErizoClientItf@1@XZ
??B?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@PEAVReportListener@ErizoClientItf@1@@Z
??4?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??1?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@XZ
?getCameras@CameraSourceItf@zuler@@SA?AV?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@2@XZ
??1?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
??B?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEBAPEAVCamerasItf@CameraSourceItf@1@XZ
?getMicrophones@AudioDeviceManageItf@zuler@@SA?AV?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@2@XZ
?get@?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEBAPEAVErizoRoomItf@2@XZ
?getSources@DesktopSourceItf@zuler@@SA?AV?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@2@W4DesktopType@2@@Z
?createDesktopSource@zuler@@YA?AV?$UniquePtr@VDesktopSourceItf@zuler@@@1@PEBDUSource@DesktopSourceItf@1@H@Z
??0?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
?CreateDCAdapterItf@zuler@@YA?AV?$UniquePtr@VDCAdapterItf@zuler@@@1@UADAPTERCONFIG@1@@Z
?release@?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEAAPEAVDCAdapterItf@2@XZ
??C?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEBAPEAVDCAdapterItf@1@XZ
??1?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEAA@XZ
?get@?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEBAPEAVDataChannelItf@2@XZ
??B?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@XZ
??B?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEBA_NXZ
?get@?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEBAPEAVDataChannelListener@DataChannelItf@2@XZ
??4?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??0?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@PEAVDataChannelListener@DataChannelItf@1@@Z
??0?$WeakPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@1@@Z
??1?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??1?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEAA@XZ
??B?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEBA_NXZ
??C?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEBAPEAVEncodedImageItf@1@XZ
?CreateCodecSDKItf@codec_sdk@zuler@@YA?AV?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@2@XZ
?reset@?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAAXPEAVCodecSDKItf@codec_sdk@2@@Z
??C?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEBAPEAVCodecSDKItf@codec_sdk@1@XZ
??B?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEBA_NXZ
??4?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??4?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAAAEAV01@PEAVCodecSDKItf@codec_sdk@1@@Z
?getDefaultMicrophone@AudioDeviceManageItf@zuler@@SA?AV?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@2@XZ
??0?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@PEAVVideoFrameItf@1@@Z
??4?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??C?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEBAPEAVVideoFrameItf@1@XZ
??B?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEBA_NXZ
??1?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??B?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEBAPEAVAudioDeviceInfoItf@AudioDeviceManageItf@1@XZ
?reset@?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAAXPEAVSinks@AudioSourceItf@2@@Z
??1?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@PEAVSinks@AudioSourceItf@1@@Z
??0?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@PEAVAudioFrameItf@1@@Z
??1?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??B?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEBA_NXZ
??C?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEBAPEAVAudioDevices@AudioDeviceManageItf@1@XZ
??0?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??1?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@XZ
??0?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@PEAVCodecSDKItf@codec_sdk@1@@Z
?get@?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEBAPEAVAudioFrameItf@2@XZ
?get@?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEBAPEAVVideoFrameItf@2@XZ
?destory@VirtualCameraItf@zuler@@SAXPEAV12@@Z
?create@VirtualCameraItf@zuler@@SAPEAV12@PEBD@Z
?get@?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEBAPEAVAudioDevices@AudioDeviceManageItf@2@XZ
?getDefaultSpeaker@AudioDeviceManageItf@zuler@@SA?AV?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@2@XZ
??0?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVStateListener@ErizoConnectionItf@1@@Z
??4?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??1?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVErizoConnectionItf@1@@Z
??4?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??B?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEBA_NXZ
??0?$WeakPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVRtcStatsListener@ErizoConnectionItf@1@@Z
??4?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z
??1?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
?reset@?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAAXPEAVPublishCallback@2@@Z
?reset@?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAAXXZ
??C?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEBAPEAVErizoConnectionItf@1@XZ
??0?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDeviceManageItf@1@@Z
??1?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??4?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAAAEAV01@$$QEAV01@@Z
??C?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEBAPEAVAudioDeviceManageItf@1@XZ
?get@?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEBAPEAVAudioDeviceManageItf@2@XZ
??C?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEBAPEAVErizoConnectionItf@1@XZ
??0?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??C?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEBAPEAVMediaCaps@ErizoConnectionItf@1@XZ
??B?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEBA_NXZ
??1?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??4?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAAAEAV01@AEBV01@@Z

gdi32

EnumFontFamiliesExW
GetFontUnicodeRanges
GetObjectA
StretchDIBits
GetClipBox
RestoreDC
SetDeviceGammaRamp
SaveDC
CreatePen
CreateFontW
SetViewportOrgEx
CreateDCA
GetICMProfileW
CreateDCW
GetStockObject
CreateSolidBrush
GetDeviceCaps
CopyMetaFileW
StartDocA
IntersectClipRect
WidenPath
GetObjectType
CloseFigure
SetStretchBltMode
MoveToEx
CreateFontIndirectA
SelectClipRgn
SetDIBitsToDevice
AbortDoc
LineTo
GetFontData
EndPath
GetTextFaceA
SetPolyFillMode
StrokeAndFillPath
StrokePath
SetMiterLimit
SelectClipPath
EnumFontFamiliesExA
PolyBezierTo
BeginPath
GetClipRgn
FillPath
CreateFontA
CreateDIBitmap
GetCharWidthW
GetOutlineTextMetricsW
GetBitmapBits
GetObjectW
CreateDIBSection
SetLayout
EndPage
StartPage
EndDoc
StartDocW
SetMapMode
AddFontMemResourceEx
GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateRectRgn
CombineRgn
GetDeviceGammaRamp
CreateBitmap
GetDIBits
GetGlyphIndicesW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteDC
ExtCreatePen
DeleteObject

winmm

timeBeginPeriod
timeGetTime
waveOutGetNumDevs
timeSetEvent
timeKillEvent
waveInReset
waveInStart
waveInAddBuffer
timeEndPeriod
waveInPrepareHeader
waveInClose
waveInOpen
waveInGetDevCapsW
waveInGetNumDevs
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutGetErrorTextW
waveOutGetDevCapsW
waveInUnprepareHeader

ole32

CoFreeUnusedLibraries
RevokeDragDrop
CoCreateGuid
PropVariantClear
OleLockRunning
CLSIDFromString
CoTaskMemRealloc
CLSIDFromProgID
StringFromGUID2
CoGetClassObject
CoInitializeEx
CoSetProxyBlanket
OleIsCurrentClipboard
OleSetClipboard
DoDragDrop
CoTaskMemFree
CoTaskMemAlloc
OleDuplicateData
RegisterDragDrop
ReleaseStgMedium
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoInitializeSecurity

oleaut32

SysAllocStringLen
VarUI4FromStr
VariantInit
SysFreeString
LoadRegTypeLi
VariantClear
SysStringLen
SysAllocString
VariantCopy
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
OleCreateFontIndirect
LoadTypeLi

shell32

ord74
SHGetFileInfoW
DragQueryFileW
DragAcceptFiles
SHGetPathFromIDListA
SHGetDesktopFolder
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderW
ShellExecuteExW
Shell_NotifyIconW
ord155
ord25
SHGetFolderPathW
GetCurrentProcessExplicitAppUserModelID
DragFinish
ExtractIconExW
SHGetSpecialFolderPathW
ord727

iphlpapi

GetIpAddrTable
GetAdaptersInfo
GetIpForwardTable
GetBestRoute

user32

GetClipCursor
IsRectEmpty
DestroyIcon
RegisterWindowMessageA
GetDoubleClickTime
UnregisterClassA
RegisterClassExA
CreateWindowExA
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetClipboardSequenceNumber
GetKeyboardLayout
GetKeyboardState
ToUnicode
SetCursorPos
CopyImage
CreateIconIndirect
FlashWindowEx
SetPropW
RemovePropW
IntersectRect
PtInRect
CreateIconFromResource
SetWindowRgn
DialogBoxIndirectParamW
DrawTextW
SystemParametersInfoA
SystemParametersInfoW
LoadCursorFromFileA
DestroyCursor
GetMessageTime
GetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
CallMsgFilterW
GetActiveWindow
GetCapture
IsWindowUnicode
EnableWindow
GetClassLongW
SetClassLongW
EnumThreadWindows
SetScrollInfo
GetScrollInfo
MonitorFromPoint
NotifyWinEvent
MessageBeep
AnimateWindow
IsWindowEnabled
DrawIconEx
SetActiveWindow
MessageBoxW
CreateCaret
DestroyCaret
SetCaretPos
CountClipboardFormats
EnumClipboardFormats
GetQueueStatus
MsgWaitForMultipleObjects
LockWorkStation
ExitWindowsEx
OpenInputDesktop
ValidateRect
PeekMessageA
wsprintfA
GetPropW
GetUpdateRect
GetMessageExtraInfo
TrackMouseEvent
UnregisterDeviceNotification
MessageBoxA
GetWindowTextLengthW
AdjustWindowRectEx
GetMenu
FillRect
InvalidateRgn
RedrawWindow
DestroyAcceleratorTable
IsChild
GetSysColor
CreateAcceleratorTableW
CharNextW
GetClassNameW
GetDlgItem
GetDesktopWindow
InvalidateRect
GetWindowTextW
CallWindowProcW
SetFocus
GetParent
UpdateWindow
GetClassInfoExW
SetParent
SetCapture
SetCursor
ReleaseCapture
SetWindowTextW
MoveWindow
FindWindowW
VkKeyScanW
MapVirtualKeyW
CloseWindowStation
SetThreadDesktop
CloseDesktop
BlockInput
SetProcessWindowStation
OpenDesktopW
GetProcessWindowStation
OpenWindowStationW
SendInput
GetWindowDisplayAffinity
GetThreadDesktop
GetUserObjectInformationW
EnumDisplayDevicesA
MonitorFromWindow
EnumDisplaySettingsExW
EnumDisplaySettingsExA
EnumDisplayDevicesW
GetClipboardFormatNameA
GetSystemMetrics
GetIconInfo
RegisterClipboardFormatW
GetCursorInfo
SetDisplayConfig
SendMessageTimeoutW
SetClipboardViewer
GetClipboardViewer
GetClipboardOwner
GetPriorityClipboardFormat
ChangeClipboardChain
RegisterClassW
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetWindowLongW
GetWindow
SetWindowLongPtrW
GetWindowLongPtrW
IsWindow
SetWindowDisplayAffinity
SetLayeredWindowAttributes
SetWindowLongW
UpdateLayeredWindow
RegisterDeviceNotificationW
DefWindowProcW
UnregisterHotKey
DestroyWindow
CreateWindowExW
EndDialog
RegisterClassExW
LoadAcceleratorsW
RegisterHotKey
TranslateAcceleratorW
LoadIconW
PostQuitMessage
BeginPaint
EndPaint
wsprintfW
GetWindowRect
EnumDisplayMonitors
GetMonitorInfoW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
SendMessageW
QueryDisplayConfig
GetDisplayConfigBufferSizes
DisplayConfigSetDeviceInfo
DisplayConfigGetDeviceInfo
IsIconic
GetWindowThreadProcessId
AttachThreadInput
GetForegroundWindow
DispatchMessageW
PeekMessageW
TranslateMessage
GetFocus
GetDC
GetAsyncKeyState
RegisterRawInputDevices
LoadCursorW
ReleaseDC
GetMessageW
PostThreadMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PostMessageW
ClientToScreen
MapWindowPoints
GetRawInputData
ClipCursor
ShowCursor
GetKeyState
IsWindowVisible
UnregisterClassW
SetTimer
KillTimer
RegisterWindowMessageW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
SetForegroundWindow
SetWindowPos
ScreenToClient
WindowFromPoint
ShowWindow
GetClientRect
GetCursorPos
LoadStringW
DispatchMessageA

kernel32

GetACP
FindNextFileA
FindFirstFileExW
GetProcessAffinityMask
VirtualProtect
GetThreadPriority
GetStartupInfoW
GetVolumeInformationW
GetLogicalDriveStringsW
ReadDirectoryChangesW
GetShortPathNameW
GetLongPathNameW
CreateHardLinkW
SetFileTime
RemoveDirectoryW
LCMapStringW
GetSystemDirectoryA
AssignProcessToJobObject
CreateJobObjectW
UnregisterWaitEx
WriteConsoleInputW
SetConsoleTextAttribute
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
SetConsoleCursorInfo
GetConsoleCursorInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
ReadConsoleW
ReadConsoleInputW
GetNumberOfConsoleInputEvents
SetConsoleMode
GetFileInformationByHandle
lstrlenW
LocalSize
GetCPInfo
GetNamedPipeHandleStateW
WaitNamedPipeW
CreateNamedPipeW
UnregisterWait
RegisterWaitForSingleObject
SwitchToThread
SetHandleInformation
GetModuleHandleA
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
DebugBreak
LoadLibraryExA
AllocConsole
GetTempFileNameA
GetUserDefaultLCID
GetSystemDefaultLCID
GetCurrencyFormatW
GetNumberFormatW
CompareStringW
GetComputerNameW
TlsFree
ResumeThread
WaitForMultipleObjects
SleepEx
MoveFileExA
CompareFileTime
FindFirstFileA
FileTimeToLocalFileTime
GetDriveTypeW
RtlCaptureContext
WinExec
SetUnhandledExceptionFilter
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateEventA
CreateDirectoryA
ReadConsoleA
RtlVirtualUnwind
GetCommandLineA
GetCurrentProcessId
CloseHandle
OutputDebugStringW
MultiByteToWideChar
CreateMutexW
RtlUnwind
OutputDebugStringA
MoveFileW
DeleteFileW
GetModuleFileNameA
LocalFree
GetCommandLineW
GetCurrentThreadId
GetTickCount
GetProcAddress
LoadLibraryW
GetModuleHandleW
DecodePointer
GetLocalTime
RaiseException
GetLastError
Sleep
InitializeCriticalSectionEx
FindFirstFileW
GetOEMCP
CreateDirectoryW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
RtlLookupFunctionEntry
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetExitCodeThread
GetStringTypeW
RtlPcToFileHeader
EncodePointer
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
RtlUnwindEx
InterlockedFlushSList
SystemTimeToTzSpecificLocalTime
ExitThread
FreeLibraryAndExitThread
SetStdHandle
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
SetThreadAffinityMask
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
FileTimeToSystemTime
GetNativeSystemInfo
WakeAllConditionVariable
InitializeConditionVariable
SleepConditionVariableCS
WakeConditionVariable
AreFileApisANSI
HeapCreate
GetFullPathNameW
GetDiskFreeSpaceW
LockFile
GetFullPathNameA
UnlockFileEx
GetTempPathW
GetVersionExW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
GetVersionExA
DeleteFileA
HeapReAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetFileTime
GetFileType
SetFileAttributesW
GenerateConsoleCtrlEvent
CreateProcessW
FreeConsole
GetConsoleWindow
TerminateProcess
GlobalDeleteAtom
GlobalAddAtomW
OpenProcess
CreateFileW
lstrcpyW
FindNextFileW
FindClose
FreeResource
DeviceIoControl
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateEventW
GlobalSize
SetEvent
GlobalFree
CreateThread
GetFileAttributesW
ProcessIdToSessionId
ReadFile
GetFileSizeEx
WriteFile
SetFilePointer
FlushFileBuffers
FormatMessageW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
SetNamedPipeHandleState
WaitNamedPipeA
CreateNamedPipeA
LocalAlloc
DisconnectNamedPipe
CreateFileA
ConnectNamedPipe
ResetEvent
GetThreadTimes
QueryDepthSList
SizeofResource
SetInformationJobObject
PeekNamedPipe
CreatePipe
GetConsoleCP
SetConsoleCtrlHandler
MoveFileExW
GetFileAttributesExW
SetEndOfFile
GetLocaleInfoA
GetSystemPowerStatus
GetModuleHandleExW
CompareStringA
VerifyVersionInfoW
CancelIo
VerSetConditionMask
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
SetThreadPriority
GetCurrentThread
SetEnvironmentVariableA
GetEnvironmentVariableA
VirtualQuery
VirtualFree
VirtualAlloc
CreateSemaphoreW
ReleaseSemaphore
TryEnterCriticalSection
Process32Next
Process32First
GetSystemInfo
GlobalMemoryStatusEx
ExitProcess
SetFilePointerEx
SetErrorMode
WriteConsoleW
AttachConsole
GetConsoleMode
GetStdHandle
LoadLibraryA
GetEnvironmentVariableW
LoadLibraryExW
MulDiv
lstrcmpW
GetCurrentDirectoryW
CopyFileA
GetProcessHeap
HeapAlloc
HeapFree
GetSystemDirectoryW
GetOverlappedResult
GetExitCodeProcess
SetLastError
WaitForSingleObjectEx
lstrcmpiW
ReadProcessMemory
DuplicateHandle
GetComputerNameExW
GetCurrentProcess
TlsGetValue
FreeLibrary
TlsAlloc
GetModuleHandleExA
TlsSetValue
SetThreadExecutionState
CopyFileW
QueueUserWorkItem
SetDllDirectoryW

winspool.drv

ord203
OpenPrinterW
ClosePrinter
DocumentPropertiesA
EnumPrintersW
OpenPrinterA

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
CommDlgExtendedError

d3d11

D3D11CreateDevice

gdiplus

GdipGetCellAscent
GdipGetEmHeight
GdipEndContainer
GdipBeginContainer2
GdipGetClipBoundsI
GdipSetClipRectI
GdipSetClipRect
GdipDrawImageRectRect
GdipFillPie
GdipGetLineSpacing
GdipFillRectanglesI
GdipFillRectangle
GdipDrawPie
GdipDrawEllipse
GdipDrawRectangle
GdipCreateFontFromLogfontA
GdipGetFamily
GdipGetFontSize
GdipCreateBitmapFromGraphics
GdipDrawImageI
GdipDrawDriverString
GdipFillEllipse
GdipDrawArc
GdipDrawLine
GdipTransformPoints
GdipSetPageUnit
GdipGetWorldTransform
GdipCreateFontFromDC
GdipGetSmoothingMode
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipTranslateWorldTransform
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipGetImageEncoders
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipLoadImageFromStream
GdipDeleteGraphics
GdipCreateFromHDC
GdipDrawImageRectI
GdipLoadImageFromFile
GdipSaveImageToStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteFont
GdipCloneBrush
GdipSetTextRenderingHint
GdipDrawString
GdipCreateSolidFill
GdipCreateFont
GdipDeleteBrush
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDrawLineI
GdipCreatePen1
GdipDeletePen
GdipDeleteCustomLineCap
GdipSetPenCustomEndCap
GdipCreateAdjustableArrowCap
GdipSetPenEndCap
GdipDrawLinesI
GdipSetSmoothingMode
GdipSetPenStartCap
GdipSetPenDashCap197819
GdipSetCompositingMode
GdipCreatePen2
GdipRestoreGraphics
GdipSaveGraphics
GdipAddPathArc
GdipFillRectangleI
GdipMeasureString
GdipDrawPath
GdipFillPath
GdipCreatePath
GdipDeletePath
GdipDrawRectangleI
GdipAddPathLine
GdipFillEllipseI
GdipDrawEllipseI
GdipGraphicsClear
GdipClonePath
GdipResetPath
GdipSetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathBezier
GdipAddPathEllipse
GdipAddPathLineI
GdipAddPathArcI
GdipAddPathRectangleI
GdipGetPathWorldBounds
GdipIsVisiblePathPoint
GdipCreateMatrix
GdipCreateMatrix2
GdipDeleteMatrix
GdipTranslateMatrix
GdipScaleMatrix
GdipRotateMatrix
GdipShearMatrix
GdipGetMatrixElements
GdipCreateTexture
GdipCreateLineBrush
GdipSetLinePresetBlend
GdipSetLineWrapMode
GdipMultiplyLineTransform
GdipCreatePathGradientFromPath
GdipSetPathGradientCenterPoint
GdipSetPathGradientPresetBlend
GdipSetPathGradientWrapMode
GdipSetPathGradientTransform
GdipSetPenLineJoin
GdipSetPenMiterLimit
GdipSetPenDashStyle
GdipSetPenDashOffset
GdipSetPenDashArray
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateFromHWND
GdipSetCompositingQuality
GdipFree
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipResetWorldTransform
GdipMultiplyWorldTransform

dnsapi

DnsFree
DnsQuery_W

comctl32

ImageList_DrawEx
ImageList_Write
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetDragImage

dwmapi

DwmSetWindowAttribute

uxtheme

DrawThemeBackground
CloseThemeData
OpenThemeData
IsThemeBackgroundPartiallyTransparent
SetWindowTheme
GetThemePartSize

psapi

GetModuleFileNameExA
GetModuleInformation
GetModuleBaseNameA
EnumProcessModules

oleacc

AccessibleObjectFromWindow
LresultFromObject

usp10

ScriptShape
ScriptPlace
ScriptBreak
ScriptApplyDigitSubstitution
ScriptItemize
ScriptFreeCache

powrprof

GetCurrentPowerPolicies

mprapi

MprConfigServerConnect
MprConfigGetFriendlyName

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW

crypt32

CertDuplicateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertOpenSystemStoreA
CertGetIntendedKeyUsage
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertCloseStore
CertGetCertificateContextProperty

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmIsIME
ImmAssociateContextEx
ImmGetContext
ImmGetCandidateListW
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmNotifyIME
ImmGetIMEFileNameA

dinput8

DirectInput8Create

hid

HidD_GetAttributes
HidP_GetCaps
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetHidGuid

Exports

Exports

??0AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@QEAA@AEBV012@@Z
??0AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioDeviceManageItf@zuler@@QEAA@AEBV01@@Z
??0AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioDevices@AudioDeviceManageItf@zuler@@QEAA@AEBV012@@Z
??0AudioDevices@AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioFrameItf@zuler@@QEAA@AEBV01@@Z
??0AudioFrameItf@zuler@@QEAA@XZ
??0AudioSinkItf@zuler@@QEAA@AEBV01@@Z
??0AudioSinkItf@zuler@@QEAA@XZ
??0AudioSourceItf@zuler@@QEAA@AEBV01@@Z
??0AudioSourceItf@zuler@@QEAA@XZ
??0Audios@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Audios@ErizoStreamItf@zuler@@QEAA@XZ
??0CameraSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0CameraSourceItf@zuler@@QEAA@AEBV01@@Z
??0CameraSourceItf@zuler@@QEAA@XZ
??0CodecSDKItf@codec_sdk@zuler@@QEAA@AEBV012@@Z
??0CodecSDKItf@codec_sdk@zuler@@QEAA@XZ
??0DCAdapterItf@zuler@@QEAA@AEBV01@@Z
??0DCAdapterItf@zuler@@QEAA@XZ
??0DataChannelItf@zuler@@QEAA@AEBV01@@Z
??0DataChannelItf@zuler@@QEAA@XZ
??0DataChannelListener@DataChannelItf@zuler@@QEAA@AEBV012@@Z
??0DataChannelListener@DataChannelItf@zuler@@QEAA@XZ
??0DataChannelTestItf@zuler@@QEAA@AEBV01@@Z
??0DataChannelTestItf@zuler@@QEAA@XZ
??0DesktopSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0DesktopSourceItf@zuler@@QEAA@AEBV01@@Z
??0DesktopSourceItf@zuler@@QEAA@XZ
??0EncodedImageItf@zuler@@QEAA@AEBV01@@Z
??0EncodedImageItf@zuler@@QEAA@XZ
??0Entry@?$Enum@W4AccountType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4AccountType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4AccountType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4BasicType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4BasicType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4BasicType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4ContentRating@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4ContentRating@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4ContentRating@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4CountryCode@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4CountryCode@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4CountryCode@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4GenreType@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4GenreType@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4GenreType@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4LanguageCode@bmff@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4LanguageCode@bmff@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4LanguageCode@bmff@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??0Entry@?$Enum@W4StikType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@$$QEAU0123@@Z
??0Entry@?$Enum@W4StikType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@AEBU0123@@Z
??0Entry@?$Enum@W4StikType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??0ErizoClientItf@zuler@@QEAA@AEBV01@@Z
??0ErizoClientItf@zuler@@QEAA@XZ
??0ErizoConnectionItf@zuler@@QEAA@AEBV01@@Z
??0ErizoConnectionItf@zuler@@QEAA@XZ
??0ErizoRoomItf@zuler@@QEAA@AEBV01@@Z
??0ErizoRoomItf@zuler@@QEAA@XZ
??0ErizoStreamItf@zuler@@QEAA@AEBV01@@Z
??0ErizoStreamItf@zuler@@QEAA@XZ
??0ErizoUserItf@zuler@@QEAA@AEBV01@@Z
??0ErizoUserItf@zuler@@QEAA@XZ
??0File@io@platform@mp4v2@@QEAA@AEBV0123@@Z
??0File@io@platform@mp4v2@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4Mode@FileProvider@123@PEAV7123@@Z
??0FileProvider@io@platform@mp4v2@@IEAA@XZ
??0FileProvider@io@platform@mp4v2@@QEAA@AEBV0123@@Z
??0Formats@VirtualCameraItf@zuler@@QEAA@AEBV012@@Z
??0Formats@VirtualCameraItf@zuler@@QEAA@XZ
??0ImageProcessingModuleItf@zuler@@QEAA@AEBV01@@Z
??0ImageProcessingModuleItf@zuler@@QEAA@XZ
??0InputListener@RenderSinkItf@zuler@@QEAA@AEBV012@@Z
??0InputListener@RenderSinkItf@zuler@@QEAA@XZ
??0Item@CoverArtBox@itmf@impl@mp4v2@@QEAA@AEBV01234@@Z
??0Item@CoverArtBox@itmf@impl@mp4v2@@QEAA@XZ
??0Listener@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Listener@ErizoRoomItf@zuler@@QEAA@XZ
??0Listener@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Listener@ErizoStreamItf@zuler@@QEAA@XZ
??0Listener@MediaDevicesItf@zuler@@QEAA@AEBV012@@Z
??0Listener@MediaDevicesItf@zuler@@QEAA@XZ
??0Listener@VirtualCameraItf@zuler@@QEAA@AEBV012@@Z
??0Listener@VirtualCameraItf@zuler@@QEAA@XZ
??0Log@impl@mp4v2@@QEAA@W4MP4LogLevel@@@Z
??0LogWriterItf@zuler@@QEAA@AEBV01@@Z
??0LogWriterItf@zuler@@QEAA@XZ
??0MediaCaps@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0MediaCaps@ErizoConnectionItf@zuler@@QEAA@XZ
??0MediaDevicesItf@zuler@@QEAA@AEBV01@@Z
??0MediaDevicesItf@zuler@@QEAA@XZ
??0PublishCallback@zuler@@QEAA@AEBV01@@Z
??0PublishCallback@zuler@@QEAA@XZ
??0RenderSinkItf@zuler@@QEAA@$$QEAV01@@Z
??0RenderSinkItf@zuler@@QEAA@AEBV01@@Z
??0RenderSinkItf@zuler@@QEAA@XZ
??0ReportListener@ErizoClientItf@zuler@@QEAA@AEBV012@@Z
??0ReportListener@ErizoClientItf@zuler@@QEAA@XZ
??0RoomStateObserver@zuler@@QEAA@AEBV01@@Z
??0RoomStateObserver@zuler@@QEAA@XZ
??0RtcStatsListener@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0RtcStatsListener@ErizoConnectionItf@zuler@@QEAA@XZ
??0Sinks@VideoSourceItf@zuler@@QEAA@AEBV012@@Z
??0Sinks@VideoSourceItf@zuler@@QEAA@XZ
??0SoundCardSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0SoundCardSourceItf@zuler@@QEAA@AEBV01@@Z
??0SoundCardSourceItf@zuler@@QEAA@XZ
??0Sources@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Sources@ErizoStreamItf@zuler@@QEAA@XZ
??0StateListener@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0StateListener@ErizoConnectionItf@zuler@@QEAA@XZ
??0Streams@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0Streams@ErizoConnectionItf@zuler@@QEAA@XZ
??0Streams@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Streams@ErizoRoomItf@zuler@@QEAA@XZ
??0SubscribeCallback@zuler@@QEAA@AEBV01@@Z
??0SubscribeCallback@zuler@@QEAA@XZ
??0UnpublishCallback@zuler@@QEAA@AEBV01@@Z
??0UnpublishCallback@zuler@@QEAA@XZ
??0UnsubscribeCallback@zuler@@QEAA@AEBV01@@Z
??0UnsubscribeCallback@zuler@@QEAA@XZ
??0Users@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Users@ErizoRoomItf@zuler@@QEAA@XZ
??0VCameraClientItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VCameraClientItf@vdevice@zuler@@QEAA@XZ
??0VCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VCameraHostItf@vdevice@zuler@@QEAA@XZ
??0VDecryptCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VDecryptCameraHostItf@vdevice@zuler@@QEAA@XZ
??0VEncryptedCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VEncryptedCameraHostItf@vdevice@zuler@@QEAA@XZ
??0VideoFrameItf@zuler@@QEAA@AEBV01@@Z
??0VideoFrameItf@zuler@@QEAA@XZ
??0VideoSinkItf@zuler@@QEAA@AEBV01@@Z
??0VideoSinkItf@zuler@@QEAA@XZ
??0VideoSourceItf@zuler@@QEAA@AEBV01@@Z
??0VideoSourceItf@zuler@@QEAA@XZ
??0Videos@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Videos@ErizoStreamItf@zuler@@QEAA@XZ
??0VirtualCameraItf@zuler@@QEAA@AEBV01@@Z
??0VirtualCameraItf@zuler@@QEAA@XZ
??1AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioDevices@AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioFrameItf@zuler@@UEAA@XZ
??1AudioSinkItf@zuler@@UEAA@XZ
??1AudioSourceItf@zuler@@UEAA@XZ
??1Audios@ErizoStreamItf@zuler@@UEAA@XZ
??1CameraSourceItf@zuler@@UEAA@XZ
??1CodecSDKItf@codec_sdk@zuler@@UEAA@XZ
??1DCAdapterItf@zuler@@UEAA@XZ
??1DataChannelItf@zuler@@UEAA@XZ
??1DataChannelListener@DataChannelItf@zuler@@UEAA@XZ
??1DataChannelTestItf@zuler@@UEAA@XZ
??1DesktopSourceItf@zuler@@UEAA@XZ
??1EncodedImageItf@zuler@@UEAA@XZ
??1Entry@?$Enum@W4AccountType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4BasicType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4ContentRating@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4CountryCode@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4GenreType@itmf@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4LanguageCode@bmff@impl@mp4v2@@$0A@@impl@mp4v2@@QEAA@XZ
??1Entry@?$Enum@W4StikType@itmf@impl@mp4v2@@$0PP@@impl@mp4v2@@QEAA@XZ
??1ErizoClientItf@zuler@@UEAA@XZ
??1ErizoConnectionItf@zuler@@UEAA@XZ
??1ErizoRoomItf@zuler@@UEAA@XZ
??1ErizoStreamItf@zuler@@UEAA@XZ
??1ErizoUserItf@zuler@@UEAA@XZ
??1File@io@platform@mp4v2@@UEAA@XZ
??1FileProvider@io@platform@mp4v2@@UEAA@XZ
??1Formats@VirtualCameraItf@zuler@@UEAA@XZ
??1ImageProcessingModuleItf@zuler@@UEAA@XZ
??1InputListener@RenderSinkItf@zuler@@UEAA@XZ
??1Item@CoverArtBox@itmf@impl@mp4v2@@QEAA@XZ
??1Listener@ErizoRoomItf@zuler@@UEAA@XZ
??1Listener@ErizoStreamItf@zuler@@UEAA@XZ
??1Listener@MediaDevicesItf@zuler@@UEAA@XZ
??1Listener@VirtualCameraItf@zuler@@UEAA@XZ
??1Log@impl@mp4v2@@UEAA@XZ
??1LogWriterItf@zuler@@UEAA@XZ
??1MediaCaps@ErizoConnectionItf@zuler@@UEAA@XZ
??1MediaDevicesItf@zuler@@UEAA@XZ
??1PublishCallback@zuler@@UEAA@XZ
??1RenderSinkItf@zuler@@UEAA@XZ
??1ReportListener@ErizoClientItf@zuler@@UEAA@XZ
??1RoomStateObserver@zuler@@UEAA@XZ
??1RtcStatsListener@ErizoConnectionItf@zuler@@UEAA@XZ
??1Sinks@VideoSourceItf@zuler@@UEAA@XZ
??1SoundCardSourceItf@zuler@@UEAA@XZ
??1Sources@ErizoStreamItf@zuler@@UEAA@XZ
??1StateListener@ErizoConnectionItf@zuler@@UEAA@XZ
??1Streams@ErizoConnectionItf@zuler@@UEAA@XZ
??1Streams@ErizoRoomItf@zuler@@UEAA@XZ
??1SubscribeCallback@zuler@@UEAA@XZ
??1UnpublishCallback@zuler@@UEAA@XZ
??1UnsubscribeCallback@zuler@@UEAA@XZ
??1Users@ErizoRoomItf@zuler@@UEAA@XZ
??1VCameraClientItf@vdevice@zuler@@UEAA@XZ
??1VCameraHostItf@vdevice@zuler@@UEAA@XZ
??1VDecryptCameraHostItf@vdevice@zuler@@UEAA@XZ
??1VEncryptedCameraHostItf@vdevice@zuler@@UEAA@XZ
??1VideoFrameItf@zuler@@UEAA@XZ
??1VideoSinkItf@zuler@@UEAA@XZ
??1VideoSourceItf@zuler@@UEAA@XZ
??1Videos@ErizoStreamItf@zuler@@UEAA@XZ
??1VirtualCameraItf@zuler@@UEAA@XZ
??4?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@QEAAAEAU01@$$QEAU01@@Z
??4?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@QEAAAEAU01@AEBU01@@Z
??4AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4AudioDeviceManageItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4AudioDevices@AudioDeviceManageItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4AudioFrameItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4AudioSinkItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4AudioSourceItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4Audios@ErizoStreamItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4CameraSourceItf@zuler@@QEAAAEAV01@$$QEAV01@@Z
??4CameraSourceItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4CodecSDKItf@codec_sdk@zuler@@QEAAAEAV012@AEBV012@@Z
??4ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV0123@$$QEAV0123@@Z
??4ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV0123@AEBV0123@@Z
??4CoverArtBox@itmf@impl@mp4v2@@QEAAAEAV0123@$$QEAV0123@@Z
??4CoverArtBox@itmf@impl@mp4v2@@QEAAAEAV0123@AEBV0123@@Z
??4DCAdapterItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4DataChannelItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4DataChannelListener@DataChannelItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4DataChannelTestItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4DesktopSourceItf@zuler@@QEAAAEAV01@$$QEAV01@@Z
??4DesktopSourceItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4EncodedImageItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ErizoClientItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ErizoConnectionItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ErizoRoomItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ErizoStreamItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ErizoUserItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4FileProvider@io@platform@mp4v2@@QEAAAEAV0123@AEBV0123@@Z
??4FileSystem@io@platform@mp4v2@@QEAAAEAV0123@$$QEAV0123@@Z
??4FileSystem@io@platform@mp4v2@@QEAAAEAV0123@AEBV0123@@Z
??4Formats@VirtualCameraItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4ImageProcessingModuleItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4IndexedItem@ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV01234@$$QEAV01234@@Z
??4IndexedItem@ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV01234@AEBV01234@@Z
??4IndexedItem@PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV01234@$$QEAV01234@@Z
??4IndexedItem@PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV01234@AEBV01234@@Z
??4InputListener@RenderSinkItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Item@ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV01234@$$QEAV01234@@Z
??4Item@ColorParameterBox@qtff@impl@mp4v2@@QEAAAEAV01234@AEBV01234@@Z
??4Item@CoverArtBox@itmf@impl@mp4v2@@QEAAAEAV01234@AEBV01234@@Z
??4Item@PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV01234@$$QEAV01234@@Z
??4Item@PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV01234@AEBV01234@@Z
??4LessIgnoreCase@impl@mp4v2@@QEAAAEAU012@$$QEAU012@@Z
??4LessIgnoreCase@impl@mp4v2@@QEAAAEAU012@AEBU012@@Z
??4Listener@ErizoRoomItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Listener@ErizoStreamItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Listener@MediaDevicesItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Listener@VirtualCameraItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4LogWriterItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4MediaCaps@ErizoConnectionItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4MediaDevicesItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4Option@prog@platform@mp4v2@@QEAAAEAU0123@$$QEAU0123@@Z
??4Option@prog@platform@mp4v2@@QEAAAEAU0123@AEBU0123@@Z
??4PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV0123@$$QEAV0123@@Z
??4PictureAspectRatioBox@qtff@impl@mp4v2@@QEAAAEAV0123@AEBV0123@@Z
??4PublishCallback@zuler@@QEAAAEAV01@AEBV01@@Z
??4RenderSinkItf@zuler@@QEAAAEAV01@$$QEAV01@@Z
??4RenderSinkItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4ReportListener@ErizoClientItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4RoomStateObserver@zuler@@QEAAAEAV01@AEBV01@@Z
??4RtcStatsListener@ErizoConnectionItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Sinks@VideoSourceItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4SoundCardSourceItf@zuler@@QEAAAEAV01@$$QEAV01@@Z
??4SoundCardSourceItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4Sources@ErizoStreamItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4StateListener@ErizoConnectionItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Streams@ErizoConnectionItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4Streams@ErizoRoomItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4SubscribeCallback@zuler@@QEAAAEAV01@AEBV01@@Z
??4UnpublishCallback@zuler@@QEAAAEAV01@AEBV01@@Z
??4UnsubscribeCallback@zuler@@QEAAAEAV01@AEBV01@@Z
??4Users@ErizoRoomItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4VCameraClientItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VDecryptCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VEncryptedCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VideoFrameItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4VideoSinkItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4VideoSourceItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4Videos@ErizoStreamItf@zuler@@QEAAAEAV012@AEBV012@@Z
??4VirtualCameraItf@zuler@@QEAAAEAV01@AEBV01@@Z
??R?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@QEBA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??RLessIgnoreCase@impl@mp4v2@@QEBA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??_7AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@6B@
??_7AudioDeviceManageItf@zuler@@6B@
??_7AudioDevices@AudioDeviceManageItf@zuler@@6B@
??_7AudioFrameItf@zuler@@6B@
??_7AudioSinkItf@zuler@@6B@
??_7AudioSourceItf@zuler@@6B@
??_7Audios@ErizoStreamItf@zuler@@6B@
??_7CameraSourceItf@zuler@@6B@
??_7CodecSDKItf@codec_sdk@zuler@@6B@
??_7DCAdapterItf@zuler@@6B@
??_7DataChannelItf@zuler@@6B@
??_7DataChannelListener@DataChannelItf@zuler@@6B@
??_7DataChannelTestItf@zuler@@6B@
??_7DesktopSourceItf@zuler@@6B@
??_7EncodedImageItf@zuler@@6B@
??_7ErizoClientItf@zuler@@6B@
??_7ErizoConnectionItf@zuler@@6B@
??_7ErizoRoomItf@zuler@@6B@
??_7ErizoStreamItf@zuler@@6B@
??_7ErizoUserItf@zuler@@6B@
??_7File@io@platform@mp4v2@@6B@
??_7FileProvider@io@platform@mp4v2@@6B@
??_7Formats@VirtualCameraItf@zuler@@6B@
??_7ImageProcessingModuleItf@zuler@@6B@
??_7InputListener@RenderSinkItf@zuler@@6B@
??_7Listener@ErizoRoomItf@zuler@@6B@
??_7Listener@ErizoStreamItf@zuler@@6B@
??_7Listener@MediaDevicesItf@zuler@@6B@
??_7Listener@VirtualCameraItf@zuler@@6B@
??_7Log@impl@mp4v2@@6B@
??_7LogWriterItf@zuler@@6B@
??_7MediaCaps@ErizoConnectionItf@zuler@@6B@
??_7MediaDevicesItf@zuler@@6B@
??_7PublishCallback@zuler@@6B@
??_7RenderSinkItf@zuler@@6B@
??_7ReportListener@ErizoClientItf@zuler@@6B@
??_7RoomStateObserver@zuler@@6B@
??_7RtcStatsListener@ErizoConnectionItf@zuler@@6B@
??_7Sinks@VideoSourceItf@zuler@@6B@
??_7SoundCardSourceItf@zuler@@6B@
??_7Sources@ErizoStreamItf@zuler@@6B@
??_7StateListener@ErizoConnectionItf@zuler@@6B@
??_7Streams@ErizoConnectionItf@zuler@@6B@
??_7Streams@ErizoRoomItf@zuler@@6B@
??_7SubscribeCallback@zuler@@6B@
??_7UnpublishCallback@zuler@@6B@
??_7UnsubscribeCallback@zuler@@6B@
??_7Users@ErizoRoomItf@zuler@@6B@
??_7VCameraClientItf@vdevice@zuler@@6B@
??_7VCameraHostItf@vdevice@zuler@@6B@
??_7VDecryptCameraHostItf@vdevice@zuler@@6B@
??_7VEncryptedCameraHostItf@vdevice@zuler@@6B@
??_7VideoFrameItf@zuler@@6B@
??_7VideoSinkItf@zuler@@6B@
??_7VideoSourceItf@zuler@@6B@
??_7Videos@ErizoStreamItf@zuler@@6B@
??_7VirtualCameraItf@zuler@@6B@
??_FFile@io@platform@mp4v2@@QEAAXXZ
??_FLog@impl@mp4v2@@QEAAXXZ
?DIR_SEPARATOR@FileSystem@io@platform@mp4v2@@2V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@A
?PATH_SEPARATOR@FileSystem@io@platform@mp4v2@@2V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@A
?_cb_func@Log@impl@mp4v2@@0P6AXW4MP4LogLevel@@PEBDPEAD@ZEA
?add@CoverArtBox@itmf@impl@mp4v2@@SA_NPEAXAEBVItem@1234@@Z
?captureTimestamp@VideoFrameItf@zuler@@UEAA_JXZ
?capturerType@VideoFrameItf@zuler@@UEAA?AW4CapturerType@2@XZ
?close@File@io@platform@mp4v2@@UEAA_NXZ
?computeBasicType@itmf@impl@mp4v2@@YA?AW4BasicType@123@PEBXI@Z
?cursorPosition@VideoFrameItf@zuler@@UEBA?AUCursorPosition@2@XZ
?dump@Log@impl@mp4v2@@QEAAXEW4MP4LogLevel@@PEBDZZ
?enumAccountType@itmf@impl@mp4v2@@3V?$Enum@W4AccountType@itmf@impl@mp4v2@@$0PP@@23@B
?enumBasicType@itmf@impl@mp4v2@@3V?$Enum@W4BasicType@itmf@impl@mp4v2@@$0PP@@23@B
?enumContentRating@itmf@impl@mp4v2@@3V?$Enum@W4ContentRating@itmf@impl@mp4v2@@$0PP@@23@B
?enumCountryCode@itmf@impl@mp4v2@@3V?$Enum@W4CountryCode@itmf@impl@mp4v2@@$0A@@23@B
?enumGenreType@itmf@impl@mp4v2@@3V?$Enum@W4GenreType@itmf@impl@mp4v2@@$0A@@23@B
?enumLanguageCode@bmff@impl@mp4v2@@3V?$Enum@W4LanguageCode@bmff@impl@mp4v2@@$0A@@23@B
?enumStikType@itmf@impl@mp4v2@@3V?$Enum@W4StikType@itmf@impl@mp4v2@@$0PP@@23@B
?errorf@Log@impl@mp4v2@@QEAAXAEBVException@23@@Z
?errorf@Log@impl@mp4v2@@QEAAXPEBDZZ
?exists@FileSystem@io@platform@mp4v2@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?get@CoverArtBox@itmf@impl@mp4v2@@SA_NPEAXAEAVItem@1234@I@Z
?getFileSize@FileSystem@io@platform@mp4v2@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEA_J@Z
?getLastErrorStr@sys@platform@mp4v2@@YAPEBDXZ
?getSize@File@io@platform@mp4v2@@UEAA_NAEA_J@Z
?hasCursorPosition@VideoFrameItf@zuler@@UEBA_NXZ
?hasUpdateRect@VideoFrameItf@zuler@@UEBA_NXZ
?hexDump@Log@impl@mp4v2@@QEAAXEW4MP4LogLevel@@PEBEIPEBDZZ
?infof@Log@impl@mp4v2@@QEAAXPEBDZZ
?isDirectory@FileSystem@io@platform@mp4v2@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?isFile@FileSystem@io@platform@mp4v2@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?list@CoverArtBox@itmf@impl@mp4v2@@SA_NPEAXAEAV?$vector@VItem@CoverArtBox@itmf@impl@mp4v2@@V?$allocator@VItem@CoverArtBox@itmf@impl@mp4v2@@@std@@@std@@@Z
?open@File@io@platform@mp4v2@@UEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4Mode@FileProvider@234@@Z
?originFrameSize@VideoFrameItf@zuler@@UEAAXAEAI0@Z
?pathnameCleanup@FileSystem@io@platform@mp4v2@@SAXAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?pathnameOnlyExtension@FileSystem@io@platform@mp4v2@@SAXAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?pathnameStripExtension@FileSystem@io@platform@mp4v2@@SAXAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?pathnameTemp@FileSystem@io@platform@mp4v2@@SAXAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV56@11@Z
?pictureID@VideoFrameItf@zuler@@UEAA_JXZ
?printf@Log@impl@mp4v2@@QEAAXW4MP4LogLevel@@PEBDZZ
?read@File@io@platform@mp4v2@@UEAA_NPEAX_JAEA_J@Z
?remove@CoverArtBox@itmf@impl@mp4v2@@SA_NPEAXI@Z
?rename@FileSystem@io@platform@mp4v2@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?reset@Item@CoverArtBox@itmf@impl@mp4v2@@QEAAXXZ
?seek@File@io@platform@mp4v2@@UEAA_N_J@Z
?set@CoverArtBox@itmf@impl@mp4v2@@SA_NPEAXAEBVItem@1234@I@Z
?setCaptureTimestamp@VideoFrameItf@zuler@@UEAAX_J@Z
?setCursorPosition@VideoFrameItf@zuler@@UEAAXAEBUCursorPosition@2@@Z
?setLogCallback@Log@impl@mp4v2@@SAXP6AXW4MP4LogLevel@@PEBDPEAD@Z@Z
?setMode@File@io@platform@mp4v2@@QEAAXW4Mode@FileProvider@234@@Z
?setName@File@io@platform@mp4v2@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setOriginFrameSize@VideoFrameItf@zuler@@UEAAXII@Z
?setSendRate@DataChannelItf@zuler@@UEAAXURateLimit@2@@Z
?setSendV2@DataChannelItf@zuler@@UEAAX_N@Z
?setSharpenAlpha@VideoFrameItf@zuler@@UEAAXM@Z
?setSharpenMode@VideoFrameItf@zuler@@UEAAXI@Z
?setSourceId@VideoFrameItf@zuler@@UEAAXPEBD@Z
?setUpdateRect@VideoFrameItf@zuler@@UEAAXAEBUUpdateRect@2@@Z
?setVerbosity@Log@impl@mp4v2@@QEAAXW4MP4LogLevel@@@Z
?sharpenAlpha@VideoFrameItf@zuler@@UEAAXAEAM@Z
?sharpenMode@VideoFrameItf@zuler@@UEAAXAEAI@Z
?sourceId@VideoFrameItf@zuler@@UEAAPEBDXZ
?standard@FileProvider@io@platform@mp4v2@@SAAEAV1234@XZ
?truncate@File@io@platform@mp4v2@@UEAA_N_J@Z
?updateRect@VideoFrameItf@zuler@@UEBA?AUUpdateRect@2@XZ
?vdump@Log@impl@mp4v2@@QEAAXEW4MP4LogLevel@@PEBDPEAD@Z
?verbose1f@Log@impl@mp4v2@@QEAAXPEBDZZ
?verbose2f@Log@impl@mp4v2@@QEAAXPEBDZZ
?verbose3f@Log@impl@mp4v2@@QEAAXPEBDZZ
?verbose4f@Log@impl@mp4v2@@QEAAXPEBDZZ
?vprintf@Log@impl@mp4v2@@QEAAXW4MP4LogLevel@@PEBDPEAD@Z
?warningf@Log@impl@mp4v2@@QEAAXPEBDZZ
?write@File@io@platform@mp4v2@@UEAA_NPEBX_JAEA_J@Z
MP4AddAC3AudioTrack
MP4AddALawAudioTrack
MP4AddAmrAudioTrack
MP4AddAudioTrack
MP4AddChapter
MP4AddChapterTextTrack
MP4AddColr
MP4AddEncAudioTrack
MP4AddEncH264VideoTrack
MP4AddEncVideoTrack
MP4AddH263VideoTrack
MP4AddH264PictureParameterSet
MP4AddH264SequenceParameterSet
MP4AddH264VideoTrack
MP4AddHintTrack
MP4AddHrefTrack
MP4AddIPodUUID
MP4AddNeroChapter
MP4AddODTrack
MP4AddPixelAspectRatio
MP4AddRtpESConfigurationPacket
MP4AddRtpHint
MP4AddRtpImmediateData
MP4AddRtpPacket
MP4AddRtpSampleData
MP4AddRtpVideoHint
MP4AddSceneTrack
MP4AddSubpicTrack
MP4AddSubtitleTrack
MP4AddSystemsTrack
MP4AddTextTrack
MP4AddTrack
MP4AddTrackEdit
MP4AddULawAudioTrack
MP4AddVideoTrack
MP4AppendHintTrackSdp
MP4AppendSessionSdp
MP4BinaryToBase16
MP4BinaryToBase64
MP4ChangeMovieTimeScale
MP4CloneTrack
MP4Close
MP4ConvertChapters
MP4ConvertFromMovieDuration
MP4ConvertFromTrackDuration
MP4ConvertFromTrackTimestamp
MP4ConvertToTrackDuration
MP4ConvertToTrackTimestamp
MP4CopySample
MP4CopyTrack
MP4Create
MP4CreateCallbacks
MP4CreateCallbacksEx
MP4CreateEx
MP4DefaultISMACrypParams
MP4DeleteChapters
MP4DeleteTrack
MP4DeleteTrackEdit
MP4Dump
MP4EncAndCloneTrack
MP4EncAndCopySample
MP4EncAndCopyTrack
MP4FindTrackId
MP4FindTrackIndex
MP4Free
MP4FreeH264SeqPictHeaders
MP4GetAmrModeSet
MP4GetAudioProfileLevel
MP4GetBytesProperty
MP4GetChapters
MP4GetDuration
MP4GetFilename
MP4GetFloatProperty
MP4GetGraphicsProfileLevel
MP4GetHintTrackReferenceTrackId
MP4GetHintTrackRtpPayload
MP4GetHintTrackSdp
MP4GetHrefTrackBaseUrl
MP4GetIntegerProperty
MP4GetNumberOfTracks

Sections

.text
Size: 23.4MB - Virtual size: 23.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 689KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 863KB - Virtual size: 863KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15.6MB - Virtual size: 15.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/cameramic/ToDeskAudio.inf
drivers/cameramic/ToDeskAudio.sys
.sys windows:10 windows x64 arch:x64

4feec5b801da9928ad124996727bd739

Code Sign

33:00:00:00:57:ee:4d:65:9a:92:3e:7c:10:00:00:00:00:00:57
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/06/2022, 18:08

Not After

01/06/2023, 18:08

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:5f:d4:e2:8c:41:0a:c4:b3:28:cc:0a:cc:55:2d:25:1e:91:40:63:e7:00:bc:0a:98:d7:94:19:83:a1:ba:3f
Signer

Actual PE Digest

bc:5f:d4:e2:8c:41:0a:c4:b3:28:cc:0a:cc:55:2d:25:1e:91:40:63:e7:00:bc:0a:98:d7:94:19:83:a1:ba:3f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\gitlab\VirtualMicrophone\x64\Release\ToDeskAudio.pdb

Imports

portcls.sys

PcInitializeAdapterDriver
PcNewMiniport
PcNewPort
PcRegisterPhysicalConnection
PcRegisterSubdevice
PcAddAdapterDevice
PcDispatchIrp
PcGetPhysicalDeviceObject

ntoskrnl.exe

DbgPrintEx
RtlCopyUnicodeString
ExAllocatePoolWithTag
ExFreePool
ExFreePoolWithTag
KeInitializeEvent
ExAcquireFastMutex
ExReleaseFastMutex
DbgPrint
KeFlushQueuedDpcs
KeSetEvent
KeDelayExecutionThread
KeWaitForSingleObject
KeInitializeSpinLock
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
ExAllocateTimer
ExSetTimer
ExCancelTimer
ExDeleteTimer
PsCreateSystemThread
ObReferenceObjectByHandle
ObfDereferenceObject
ZwClose
RtlInitUnicodeString
ZwOpenSection
ZwMapViewOfSection
ZwUnmapViewOfSection
ZwCreateKey
ZwOpenKey
ZwEnumerateKey
ZwEnumerateValueKey
ZwSetValueKey
RtlFreeUnicodeString
IoRegisterDeviceInterface
IoOpenDeviceInterfaceRegistryKey
IoSetDeviceInterfacePropertyData

hal

KeQueryPerformanceCounter

wdfldr.sys

WdfVersionUnbind
WdfVersionBind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/cameramic/devcon.exe
.exe windows:10 windows x64 arch:x64

a0225eb3236ea941773b705076ada2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

devcon.pdb

Imports

advapi32

RegQueryValueExW
InitiateSystemShutdownExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CloseServiceHandle

kernel32

GetCurrentProcess
FormatMessageW
GetLastError
CloseHandle
LocalFree
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
FreeLibrary
GetDateFormatW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
GetFileAttributesW
GetWindowsDirectoryW
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep

msvcrt

?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
_initterm
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
memset
towlower
__iob_func
__setusermatherr
free
_callnewh
malloc
wprintf
towupper
wcsrchr
_wcsnicmp
fputs
wcschr
iswalpha
fputws
_wcsicmp

ole32

CLSIDFromString

setupapi

SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Connect_MachineW
SetupDiSetClassInstallParamsW
CM_Locate_DevNode_ExW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
CM_Free_Log_Conf_Handle
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameExW
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupScanFileQueueW
SetupDiGetClassDescriptionExW
SetupOpenFileQueue
CM_Get_Next_Res_Des_Ex
CM_Get_DevNode_Status_Ex
SetupCloseInfFile
CM_Get_Res_Des_Data_Ex
SetupDiOpenDevRegKey
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
CM_Get_First_Log_Conf_Ex
SetupDiGetDriverInfoDetailW
CM_Get_Res_Des_Data_Size_Ex
SetupDiBuildDriverInfoList
SetupGetStringFieldW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/cameramic/todeskaudio.cat
drivers/cameramic/virtual_camera_x64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

5b3874f8ac7cebcaf1598f03084badea

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/09/2021, 00:00

Not After

30/09/2023, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=海口市,ST=海南省,C=CN,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b5b7e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:0d:7b:c3:74:a3:c9:10:42:81:df:ea:b9:c7:e8:23:b6:c3:6e:5f:c4:07:bc:4a:8e:04:42:c6:92:30:d9:9c
Signer

Actual PE Digest

13:0d:7b:c3:74:a3:c9:10:42:81:df:ea:b9:c7:e8:23:b6:c3:6e:5f:c4:07:bc:4a:8e:04:42:c6:92:30:d9:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

virtual_camera_x64.dll.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegSetValueExW
EventWrite
EventRegister
EventUnregister
SystemFunction036
RegQueryValueExW

dbghelp

SymSetOptions
SymInitialize
SymFromAddr
SymGetLineFromAddr64
SymSetSearchPathW
SymCleanup
SymGetSearchPathW

user32

GetQueueStatus
PeekMessageW
DispatchMessageW
SetRectEmpty
KillTimer
DefWindowProcW
SetWindowLongPtrW
GetWindowLongPtrW
CreateWindowExW
DestroyWindow
UnregisterClassW
RegisterClassExW
TranslateMessage
PostQuitMessage
MsgWaitForMultipleObjectsEx
SetTimer
PostMessageW

kernel32

lstrlenA
MultiByteToWideChar
GetLastError
OpenFileMappingA
MapViewOfFile
CloseHandle
UnmapViewOfFile
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
InitializeSRWLock
InitializeConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SleepConditionVariableSRW
WakeConditionVariable
VirtualFree
VirtualAlloc
GetCurrentProcess
SetEvent
ResetEvent
ReadFile
WriteFile
Sleep
WaitForMultipleObjects
WaitForSingleObject
GetStdHandle
TerminateProcess
GetCurrentProcessId
GetVersionExW
DisableThreadLibraryCalls
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
DuplicateHandle
CreateEventW
FreeLibrary
CreateThread
SetThreadPriority
GetThreadPriority
GetTickCount
GetModuleHandleW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
ExitProcess
GetProcessHeap
FreeLibraryAndExitThread
ExitThread
SetStdHandle
GetFileType
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetModuleFileNameA
GetCurrentThread
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
RtlUnwind
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
GetCPInfo
LCMapStringEx
InitializeCriticalSectionEx
DecodePointer
EncodePointer
GetStringTypeW
InitOnceComplete
InitOnceBeginInitialize
GetLocaleInfoEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
WakeAllConditionVariable
RtlVirtualUnwind
GetFileAttributesW
SetLastError
CreateDirectoryW
CreateFileW
GetTempPathW
GetCurrentDirectoryW
LocalFree
SetFilePointerEx
GetFileSizeEx
SetEndOfFile
FlushFileBuffers
FindClose
FindNextFileW
FindFirstFileExW
GetSystemTimeAsFileTime
TryAcquireSRWLockExclusive
QueryThreadCycleTime
GetModuleFileNameW
GetLocalTime
OutputDebugStringA
FormatMessageA
TlsGetValue
PostQueuedCompletionStatus
TerminateThread
QueueUserAPC
TlsFree
VerSetConditionMask
VerifyVersionInfoW
CreateIoCompletionPort
InitializeCriticalSectionAndSpinCount
SetWaitableTimer
GetQueuedCompletionStatus
TlsSetValue
TlsAlloc
SleepEx
InitOnceExecuteOnce
GetProductInfo
GetNativeSystemInfo
IsWow64Process
LoadLibraryExW
GetCommandLineW
GetModuleHandleExW
ExpandEnvironmentStringsW
IsDebuggerPresent
RaiseException
GetThreadId
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
GetProcessTimes
WideCharToMultiByte

ole32

CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoInitialize
CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoCreateInstance

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

ws2_32

connect
select
getsockopt
htonl
WSASocketW
bind
__WSAFDIsSet
getsockname
accept
WSASetLastError
setsockopt
freeaddrinfo
WSACleanup
WSAStartup
WSAIoctl
ioctlsocket
WSAGetLastError
closesocket
WSASend
getaddrinfo
WSARecv
listen

Exports

Exports

??0LogWriterItf@zuler@@QEAA@AEBV01@@Z
??0LogWriterItf@zuler@@QEAA@XZ
??0TcpClientItf@zlsocket@zuler@@QEAA@AEBV012@@Z
??0TcpClientItf@zlsocket@zuler@@QEAA@XZ
??0TcpServerItf@zlsocket@zuler@@QEAA@AEBV012@@Z
??0TcpServerItf@zlsocket@zuler@@QEAA@XZ
??0VCameraClientItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VCameraClientItf@vdevice@zuler@@QEAA@XZ
??0VCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VCameraHostItf@vdevice@zuler@@QEAA@XZ
??0VDecryptCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VDecryptCameraHostItf@vdevice@zuler@@QEAA@XZ
??0VEncryptedCameraHostItf@vdevice@zuler@@QEAA@AEBV012@@Z
??0VEncryptedCameraHostItf@vdevice@zuler@@QEAA@XZ
??1LogWriterItf@zuler@@UEAA@XZ
??1TcpClientItf@zlsocket@zuler@@UEAA@XZ
??1TcpServerItf@zlsocket@zuler@@UEAA@XZ
??1VCameraClientItf@vdevice@zuler@@UEAA@XZ
??1VCameraHostItf@vdevice@zuler@@UEAA@XZ
??1VDecryptCameraHostItf@vdevice@zuler@@UEAA@XZ
??1VEncryptedCameraHostItf@vdevice@zuler@@UEAA@XZ
??4LogWriterItf@zuler@@QEAAAEAV01@AEBV01@@Z
??4TcpClientItf@zlsocket@zuler@@QEAAAEAV012@AEBV012@@Z
??4TcpServerItf@zlsocket@zuler@@QEAAAEAV012@AEBV012@@Z
??4VCameraClientItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VDecryptCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??4VEncryptedCameraHostItf@vdevice@zuler@@QEAAAEAV012@AEBV012@@Z
??_7LogWriterItf@zuler@@6B@
??_7TcpClientItf@zlsocket@zuler@@6B@
??_7TcpServerItf@zlsocket@zuler@@6B@
??_7VCameraClientItf@vdevice@zuler@@6B@
??_7VCameraHostItf@vdevice@zuler@@6B@
??_7VDecryptCameraHostItf@vdevice@zuler@@6B@
??_7VEncryptedCameraHostItf@vdevice@zuler@@6B@
?CreateTcpClient@zlsocket@zuler@@YA?AV?$unique_ptr@VTcpClientItf@zlsocket@zuler@@U?$default_delete@VTcpClientItf@zlsocket@zuler@@@std@@@std@@PEAVObserverItf@TcpClientItf@12@PEAVLogObserverItf@612@@Z
CreateVCameraClientItf
DestroyVCameraClientItf
DllCanUnloadNow
DllGetClassObject
DllInstall
DllMain
DllRegisterServer
DllUnregisterServer
GetHandleVerifier

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/cameramic/virtual_camera_x86.dll
.dll regsvr32 windows:5 windows x86 arch:x86

691ac8bc6ba170347b5afd185ad7344c

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/09/2021, 00:00

Not After

30/09/2023, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=海口市,ST=海南省,C=CN,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b5b7e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f1:14:c4:29:1a:96:d6:ee:b3:26:01:c4:22:ef:60:ff:5f:3d:fd:2f:2d:32:77:33:63:0e:50:c2:9c:88:5b:51
Signer

Actual PE Digest

f1:14:c4:29:1a:96:d6:ee:b3:26:01:c4:22:ef:60:ff:5f:3d:fd:2f:2d:32:77:33:63:0e:50:c2:9c:88:5b:51

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

virtual_camera_x86.dll.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegSetValueExW
EventWrite
EventRegister
EventUnregister
SystemFunction036
RegQueryValueExW

dbghelp

SymSetOptions
SymInitialize
SymFromAddr
SymGetLineFromAddr64
SymSetSearchPathW
SymCleanup
SymGetSearchPathW

user32

GetQueueStatus
PeekMessageW
DispatchMessageW
SetRectEmpty
KillTimer
DefWindowProcW
SetWindowLongW
GetWindowLongW
CreateWindowExW
DestroyWindow
UnregisterClassW
RegisterClassExW
TranslateMessage
PostQuitMessage
MsgWaitForMultipleObjectsEx
SetTimer
PostMessageW

kernel32

lstrlenA
MultiByteToWideChar
GetLastError
OpenFileMappingA
MapViewOfFile
CloseHandle
UnmapViewOfFile
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
InitializeSRWLock
InitializeConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
SleepConditionVariableSRW
WakeConditionVariable
VirtualFree
VirtualAlloc
GetCurrentProcess
SetEvent
ResetEvent
ReadFile
WriteFile
Sleep
WaitForMultipleObjects
WaitForSingleObject
GetStdHandle
TerminateProcess
GetCurrentProcessId
GetVersionExW
DisableThreadLibraryCalls
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
DuplicateHandle
CreateEventW
FreeLibrary
CreateThread
SetThreadPriority
GetThreadPriority
GetTickCount
GetModuleHandleW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
ExitProcess
GetProcessHeap
FreeLibraryAndExitThread
ExitThread
SetStdHandle
GetFileType
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetModuleFileNameA
GetCurrentThread
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
RtlUnwind
InterlockedFlushSList
GetCPInfo
LCMapStringEx
InitializeCriticalSectionEx
DecodePointer
EncodePointer
GetStringTypeW
InitOnceComplete
InitOnceBeginInitialize
GetLocaleInfoEx
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
VirtualQuery
SetEnvironmentVariableW
GetFileAttributesW
SetLastError
CreateDirectoryW
CreateFileW
GetTempPathW
GetCurrentDirectoryW
LocalFree
SetFilePointerEx
GetFileSizeEx
SetEndOfFile
FlushFileBuffers
FindClose
FindNextFileW
FindFirstFileExW
GetSystemTimeAsFileTime
TryAcquireSRWLockExclusive
QueryThreadCycleTime
GetModuleFileNameW
GetLocalTime
OutputDebugStringA
FormatMessageA
TlsGetValue
PostQueuedCompletionStatus
TerminateThread
QueueUserAPC
TlsFree
VerSetConditionMask
VerifyVersionInfoW
CreateIoCompletionPort
InitializeCriticalSectionAndSpinCount
SetWaitableTimer
GetQueuedCompletionStatus
TlsSetValue
TlsAlloc
SleepEx
InitOnceExecuteOnce
GetProductInfo
GetNativeSystemInfo
IsWow64Process
LoadLibraryExW
GetCommandLineW
GetModuleHandleExW
ExpandEnvironmentStringsW
IsDebuggerPresent
RaiseException
GetThreadId
SetUnhandledExceptionFilter
RtlCaptureStackBackTrace
GetProcessTimes
WideCharToMultiByte

ole32

CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoInitialize
CoInitializeEx
CoRegisterInitializeSpy
CoRevokeInitializeSpy
CoCreateInstance

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

ws2_32

connect
select
getsockopt
htonl
WSASocketW
bind
__WSAFDIsSet
getsockname
accept
WSASetLastError
setsockopt
freeaddrinfo
WSACleanup
WSAStartup
WSAIoctl
ioctlsocket
WSAGetLastError
closesocket
WSASend
getaddrinfo
WSARecv
listen

Exports

Exports

??0LogWriterItf@zuler@@QAE@ABV01@@Z
??0LogWriterItf@zuler@@QAE@XZ
??0TcpClientItf@zlsocket@zuler@@QAE@ABV012@@Z
??0TcpClientItf@zlsocket@zuler@@QAE@XZ
??0TcpServerItf@zlsocket@zuler@@QAE@ABV012@@Z
??0TcpServerItf@zlsocket@zuler@@QAE@XZ
??0VCameraClientItf@vdevice@zuler@@QAE@ABV012@@Z
??0VCameraClientItf@vdevice@zuler@@QAE@XZ
??0VCameraHostItf@vdevice@zuler@@QAE@ABV012@@Z
??0VCameraHostItf@vdevice@zuler@@QAE@XZ
??0VDecryptCameraHostItf@vdevice@zuler@@QAE@ABV012@@Z
??0VDecryptCameraHostItf@vdevice@zuler@@QAE@XZ
??0VEncryptedCameraHostItf@vdevice@zuler@@QAE@ABV012@@Z
??0VEncryptedCameraHostItf@vdevice@zuler@@QAE@XZ
??1LogWriterItf@zuler@@UAE@XZ
??1TcpClientItf@zlsocket@zuler@@UAE@XZ
??1TcpServerItf@zlsocket@zuler@@UAE@XZ
??1VCameraClientItf@vdevice@zuler@@UAE@XZ
??1VCameraHostItf@vdevice@zuler@@UAE@XZ
??1VDecryptCameraHostItf@vdevice@zuler@@UAE@XZ
??1VEncryptedCameraHostItf@vdevice@zuler@@UAE@XZ
??4LogWriterItf@zuler@@QAEAAV01@ABV01@@Z
??4TcpClientItf@zlsocket@zuler@@QAEAAV012@ABV012@@Z
??4TcpServerItf@zlsocket@zuler@@QAEAAV012@ABV012@@Z
??4VCameraClientItf@vdevice@zuler@@QAEAAV012@ABV012@@Z
??4VCameraHostItf@vdevice@zuler@@QAEAAV012@ABV012@@Z
??4VDecryptCameraHostItf@vdevice@zuler@@QAEAAV012@ABV012@@Z
??4VEncryptedCameraHostItf@vdevice@zuler@@QAEAAV012@ABV012@@Z
??_7LogWriterItf@zuler@@6B@
??_7TcpClientItf@zlsocket@zuler@@6B@
??_7TcpServerItf@zlsocket@zuler@@6B@
??_7VCameraClientItf@vdevice@zuler@@6B@
??_7VCameraHostItf@vdevice@zuler@@6B@
??_7VDecryptCameraHostItf@vdevice@zuler@@6B@
??_7VEncryptedCameraHostItf@vdevice@zuler@@6B@
?CreateTcpClient@zlsocket@zuler@@YA?AV?$unique_ptr@VTcpClientItf@zlsocket@zuler@@U?$default_delete@VTcpClientItf@zlsocket@zuler@@@std@@@std@@PAVObserverItf@TcpClientItf@12@PAVLogObserverItf@612@@Z
CreateVCameraClientItf
DestroyVCameraClientItf
DllCanUnloadNow
DllGetClassObject
DllInstall
DllMain
DllRegisterServer
DllUnregisterServer
GetHandleVerifier

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/tdgamepad/TdGamePad.inf
drivers/tdgamepad/TdGamepad.sys
.sys windows:10 windows x64 arch:x64

283043b7334d424858587e9f6b481875

Code Sign

33:00:00:00:4d:e5:97:a7:75:e3:15:7f:7b:00:00:00:00:00:4d
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09/09/2021, 19:15

Not After

01/09/2022, 19:15

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:3b:a7:50:3e:91:1b:fa:1d:f6:4a:63:ed:18:54:a2:9b:a5:9f:cd:bb:7a:81:07:16:5d:7b:07:bb:fa:8e:9c
Signer

Actual PE Digest

16:3b:a7:50:3e:91:1b:fa:1d:f6:4a:63:ed:18:54:a2:9b:a5:9f:cd:bb:7a:81:07:16:5d:7b:07:bb:fa:8e:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\gitlab\gamepad\ViGEmBus\bin\x64\TdGamepad.pdb

Imports

ext-ms-win-ntos-werkernel-l1-1-1

WerLiveKernelCreateReport
WerLiveKernelOpenDumpFile
WerLiveKernelSubmitReport
WerLiveKernelCancelReport
WerLiveKernelCloseHandle

ntoskrnl.exe

PsGetCurrentProcessId
RtlCompareMemory
RtlAssert
KeDelayExecutionThread
strcmp
strncpy_s
_vsnprintf
PsTerminateSystemThread
ZwOpenKey
ZwQueryValueKey
KeCapturePersistentThreadState
ZwWriteFile
NtBuildNumber
DbgPrintEx
RtlCaptureContext
SeTokenIsAdmin
ZwClose
PsCreateSystemThread
KeWaitForSingleObject
KeClearEvent
KeInitializeEvent
_purecall
_vsnwprintf
RtlRandomEx
ExAllocatePoolWithTag
KeSetEvent
IoGetDeviceInterfaces
IoWMIRegistrationControl
RtlCopyUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
RtlInitUnicodeString

hal

KeQueryPerformanceCounter

wpprecorder.sys

imp_WppRecorderLogCreate
WppAutoLogTrace
WppAutoLogStart
WppAutoLogStop
imp_WppRecorderLogGetDefault
imp_WppRecorderLogDelete
imp_WppRecorderIsDefaultLogAvailable
imp_WppRecorderReplay

wdfldr.sys

WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass
WdfVersionBindClass

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/tdgamepad/devcon.exe
.exe windows:10 windows x64 arch:x64

a0225eb3236ea941773b705076ada2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

devcon.pdb

Imports

advapi32

RegQueryValueExW
InitiateSystemShutdownExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CloseServiceHandle

kernel32

GetCurrentProcess
FormatMessageW
GetLastError
CloseHandle
LocalFree
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
FreeLibrary
GetDateFormatW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
GetFileAttributesW
GetWindowsDirectoryW
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep

msvcrt

?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
_initterm
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
memset
towlower
__iob_func
__setusermatherr
free
_callnewh
malloc
wprintf
towupper
wcsrchr
_wcsnicmp
fputs
wcschr
iswalpha
fputws
_wcsicmp

ole32

CLSIDFromString

setupapi

SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Connect_MachineW
SetupDiSetClassInstallParamsW
CM_Locate_DevNode_ExW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
CM_Free_Log_Conf_Handle
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameExW
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupScanFileQueueW
SetupDiGetClassDescriptionExW
SetupOpenFileQueue
CM_Get_Next_Res_Des_Ex
CM_Get_DevNode_Status_Ex
SetupCloseInfFile
CM_Get_Res_Des_Data_Ex
SetupDiOpenDevRegKey
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
CM_Get_First_Log_Conf_Ex
SetupDiGetDriverInfoDetailW
CM_Get_Res_Des_Data_Size_Ex
SetupDiBuildDriverInfoList
SetupGetStringFieldW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/tdgamepad/tdgamepad.cat
drivers/tdscreen/devcon.exe
.exe windows:10 windows x64 arch:x64

a0225eb3236ea941773b705076ada2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

devcon.pdb

Imports

advapi32

RegQueryValueExW
InitiateSystemShutdownExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CloseServiceHandle

kernel32

GetCurrentProcess
FormatMessageW
GetLastError
CloseHandle
LocalFree
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
FreeLibrary
GetDateFormatW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
GetFileAttributesW
GetWindowsDirectoryW
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep

msvcrt

?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
_initterm
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
memset
towlower
__iob_func
__setusermatherr
free
_callnewh
malloc
wprintf
towupper
wcsrchr
_wcsnicmp
fputs
wcschr
iswalpha
fputws
_wcsicmp

ole32

CLSIDFromString

setupapi

SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Connect_MachineW
SetupDiSetClassInstallParamsW
CM_Locate_DevNode_ExW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
CM_Free_Log_Conf_Handle
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameExW
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupScanFileQueueW
SetupDiGetClassDescriptionExW
SetupOpenFileQueue
CM_Get_Next_Res_Des_Ex
CM_Get_DevNode_Status_Ex
SetupCloseInfFile
CM_Get_Res_Des_Data_Ex
SetupDiOpenDevRegKey
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
CM_Get_First_Log_Conf_Ex
SetupDiGetDriverInfoDetailW
CM_Get_Res_Des_Data_Size_Ex
SetupDiBuildDriverInfoList
SetupGetStringFieldW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/tdscreen/tdIdd.dll
.dll windows:10 windows x64 arch:x64

ffdc1db587dbc9848c01accf99b50ba1

Code Sign

33:00:00:00:56:35:88:7e:de:18:82:ef:76:00:00:00:00:00:56
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/06/2022, 18:08

Not After

01/06/2023, 18:08

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:2b:44:78:31:b6:d3:0b:76:6d:dd:5c:ca:b1:7e:66:81:21:3f:a4:16:c3:91:7b:96:54:3b:43:af:4c:f2:b8
Signer

Actual PE Digest

6c:2b:44:78:31:b6:d3:0b:76:6d:dd:5c:ca:b1:7e:66:81:21:3f:a4:16:c3:91:7b:96:54:3b:43:af:4c:f2:b8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\gitlab\td_idd\x64\Release\tdIdd.pdb

Imports

ntdll

RtlPcToFileHeader
RtlUnwindEx
DbgPrintEx

kernel32

WaitForSingleObject
CreateEventW
WaitForMultipleObjects
GetCurrentProcessId
CreateThread
GetLastError
RaiseException
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionEx
EncodePointer
FlsFree
UnhandledExceptionFilter
IsProcessorFeaturePresent
SetEvent
FlsSetValue
FlsGetValue
FlsAlloc
SetLastError
InterlockedFlushSList
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter

ole32

CoCreateGuid

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
abort
_initialize_onexit_table
_execute_onexit_table
_crt_atexit
_seh_filter_dll
_configure_narrow_argv
terminate
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

calloc
malloc
_callnewh
free

api-ms-win-crt-string-l1-1-0

strcpy_s

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/tdscreen/tdIdd.inf
drivers/tdscreen/tdidd.cat
drivers/vhid/TodeskVhid.dll
.dll windows:10 windows x64 arch:x64

6047d39de7ee665519a17cb161ed3c3d

Code Sign

33:00:00:00:61:c8:8b:12:9c:2a:7f:1d:87:00:00:00:00:00:61
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/04/2023, 19:16

Not After

03/04/2024, 19:16

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:3f:a5:cd:ee:0a:a4:63:a6:1d:3c:22:51:f8:63:da:6b:e3:06:a0:31:d6:e4:41:04:fa:f6:bb:31:ff:0d:53
Signer

Actual PE Digest

93:3f:a5:cd:ee:0a:a4:63:a6:1d:3c:22:51:f8:63:da:6b:e3:06:a0:31:d6:e4:41:04:fa:f6:bb:31:ff:0d:53

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\gitlab\vhid\driver\umdf2\x64\Release\TodeskVhid.pdb

Imports

ntdll

DbgPrintEx

kernel32

InterlockedFlushSList
GetCurrentProcessId
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
FlsFree
FlsSetValue
FlsGetValue
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
FlsAlloc
GetLastError

api-ms-win-crt-heap-l1-1-0

calloc
free

api-ms-win-crt-runtime-l1-1-0

abort
_initialize_onexit_table
terminate
_cexit
_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/vhid/TodeskVhid.inf
drivers/vhid/devcon.exe
.exe windows:10 windows x64 arch:x64

a0225eb3236ea941773b705076ada2af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

devcon.pdb

Imports

advapi32

RegQueryValueExW
InitiateSystemShutdownExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CloseServiceHandle

kernel32

GetCurrentProcess
FormatMessageW
GetLastError
CloseHandle
LocalFree
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
FreeLibrary
GetDateFormatW
FindFirstFileW
GetFullPathNameW
FindNextFileW
FindClose
GetFileAttributesW
GetWindowsDirectoryW
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep

msvcrt

?terminate@@YAXXZ
_commode
_fmode
__C_specific_handler
_initterm
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
memset
towlower
__iob_func
__setusermatherr
free
_callnewh
malloc
wprintf
towupper
wcsrchr
_wcsnicmp
fputs
wcschr
iswalpha
fputws
_wcsicmp

ole32

CLSIDFromString

setupapi

SetupDiClassNameFromGuidExW
SetupCopyOEMInfW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Connect_MachineW
SetupDiSetClassInstallParamsW
CM_Locate_DevNode_ExW
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoListExW
SetupDiCreateDeviceInfoW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
CM_Free_Log_Conf_Handle
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
CM_Free_Res_Des_Handle
SetupOpenInfFileW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameExW
CM_Get_Device_ID_ExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupScanFileQueueW
SetupDiGetClassDescriptionExW
SetupOpenFileQueue
CM_Get_Next_Res_Des_Ex
CM_Get_DevNode_Status_Ex
SetupCloseInfFile
CM_Get_Res_Des_Data_Ex
SetupDiOpenDevRegKey
SetupDiDestroyDriverInfoList
SetupCloseFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
CM_Get_First_Log_Conf_Ex
SetupDiGetDriverInfoDetailW
CM_Get_Res_Des_Data_Size_Ex
SetupDiBuildDriverInfoList
SetupGetStringFieldW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drivers/vhid/todeskvhid.cat
uninst.exe
.exe windows:4 windows x86 arch:x86

7eae418c7423834ffc3d79b4300bd6fb

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/09/2023, 00:00

Not After

02/10/2026, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Sanya,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:72:b5:b6:a1:2e:cd:1a:cb:ef:de:9b:79:d8:dc:d1:3e:cc:f9:0c:6c:7e:f5:0e:02:fa:b8:79:16:60:f2:7d
Signer

Actual PE Digest

87:72:b5:b6:a1:2e:cd:1a:cb:ef:de:9b:79:d8:dc:d1:3e:cc:f9:0c:6c:7e:f5:0e:02:fa:b8:79:16:60:f2:7d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
SetCurrentDirectoryW
GetFileAttributesW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
ExitProcess
MoveFileW
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
lstrcmpW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MulDiv
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
FreeLibrary
GetPrivateProfileStringW
GetModuleHandleW
LoadLibraryExW

user32

GetWindowRect
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
ScreenToClient
EnableMenuItem
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
SystemParametersInfoW
EndDialog
RegisterClassW
DialogBoxParamW
CreateWindowExW
GetClassInfoW
DestroyWindow
CharNextW
ExitWindowsEx
SetWindowTextW
LoadImageW
SetTimer
ShowWindow
PostQuitMessage
wsprintfW
SetWindowLongW
FindWindowExW
IsWindow
CreatePopupMenu
AppendMenuW
GetSystemMetrics
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BgWorker.dll
.dll windows:4 windows x86 arch:x86

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
CloseHandle
SetThreadPriority
CreateThread

user32

IsWindowUnicode
PostMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects

Exports

Exports

CallAndWait

Sections

.text
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

d806a080e21508dd768fa70be247d2ae

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:64:15:e0:d1:e6:87:25:4a:9f:46:ed:5c:8f:6f:86
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d1:d8:7d:cd:98:c4:70:f6:84:f5:77:e3:b8:23:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be
Signer

Actual PE Digest

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be

Digest Algorithm

sha256

PE Digest Matches

true

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93
Signer

Actual PE Digest

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA

Exports

Exports

KillProc

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleSC.dll
.dll windows:5 windows x86 arch:x86

a9546246ff97b887a4072a24f9106617

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/09/2021, 00:00

Not After

30/09/2023, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=海口市,ST=海南省,C=CN,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b5b7e58d97e79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68
Signer

Actual PE Digest

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EnterCriticalSection
SetFilePointer
GetACP
CloseHandle
LocalFree
SuspendThread
VirtualProtect
TlsAlloc
GetTickCount
IsDebuggerPresent
GetFullPathNameW
VirtualFree
HeapAlloc
GetStartupInfoW
ExitProcess
GetFileAttributesW
InitializeCriticalSection
GetCPInfoExW
GetThreadPriority
GetCurrentProcess
SetThreadPriority
VirtualAlloc
RtlUnwind
GetCPInfo
GetCommandLineW
GetSystemInfo
ResumeThread
GetProcAddress
LeaveCriticalSection
EnumSystemLocalesW
GetStdHandle
GetVersionExW
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
HeapCreate
HeapDestroy
ReadFile
GetDiskFreeSpaceW
VerSetConditionMask
GetUserDefaultUILanguage
FindFirstFileW
TlsFree
HeapSize
lstrcpynW
SetLastError
GetModuleFileNameW
GetLastError
GlobalAlloc
lstrlenW
SetEndOfFile
CompareStringW
CreateThread
HeapFree
WideCharToMultiByte
MultiByteToWideChar
FindClose
LoadLibraryA
ResetEvent
SetEvent
CreateFileW
GetLocaleInfoW
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetLocalTime
WaitForSingleObject
GetCurrentThread
WriteFile
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
IsValidLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
CreateEventW
GlobalFree
VirtualQueryEx
GetThreadLocale
Sleep
SetThreadLocale

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
FindWindowExW
CharLowerBuffW
LoadStringW
CharUpperW
PeekMessageW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

CloseServiceHandle
ControlService
CreateServiceW
LookupAccountNameW
DeleteService
LsaAddAccountRights
StartServiceW
UnlockServiceDatabase
GetServiceKeyNameW
GetServiceDisplayNameW
ChangeServiceConfigW
LsaClose
LockServiceDatabase
OpenServiceW
ChangeServiceConfig2W
EnumDependentServicesW
QueryServiceConfig2W
LsaRemoveAccountRights
QueryServiceStatus
AdjustTokenPrivileges
QueryServiceConfigW
LookupPrivilegeValueW
OpenSCManagerW
LsaOpenPolicy
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

ContinueService
ExistsService
GetErrorMessage
GetServiceBinaryPath
GetServiceDelayedAutoStartInfo
GetServiceDescription
GetServiceDisplayName
GetServiceFailure
GetServiceFailureFlag
GetServiceLogon
GetServiceName
GetServiceStartType
GetServiceStatus
GrantServiceLogonPrivilege
InstallService
PauseService
RemoveService
RemoveServiceLogonPrivilege
RestartService
ServiceIsPaused
ServiceIsRunning
ServiceIsStopped
SetServiceBinaryPath
SetServiceDelayedAutoStartInfo
SetServiceDescription
SetServiceFailure
SetServiceFailureFlag
SetServiceLogon
SetServiceStartType
StartService
StopService
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/killer.dll
.dll windows:6 windows x86 arch:x86

d1e7cac091c2e57d89d4bb643ace96f4

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:64:15:e0:d1:e6:87:25:4a:9f:46:ed:5c:8f:6f:86
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d1:d8:7d:cd:98:c4:70:f6:84:f5:77:e3:b8:23:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/09/2019, 00:00

Not After

29/09/2021, 12:00

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Haikou,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b0:77:e9:8e:25:80:5b:a9:0c:8f:3f:b8:48:80:bc:30:ad:30:7d:f2:e7:0c:cd:60:2a:06:5b:96:05:74:ab:0f
Signer

Actual PE Digest

b0:77:e9:8e:25:80:5b:a9:0c:8f:3f:b8:48:80:bc:30:ad:30:7d:f2:e7:0c:cd:60:2a:06:5b:96:05:74:ab:0f

Digest Algorithm

sha256

PE Digest Matches

true

b1:e4:1a:87:07:8b:06:6a:a5:86:32:35:51:0e:e0:d3:69:7f:66:b2
Signer

Actual PE Digest

b1:e4:1a:87:07:8b:06:6a:a5:86:32:35:51:0e:e0:d3:69:7f:66:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcessId
lstrcmpiW
CloseHandle
TerminateProcess
Process32NextW
lstrcpynW
GetCurrentProcess
GlobalFree
OpenProcess
GlobalAlloc
IsProcessorFeaturePresent

user32

wsprintfW

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW

Exports

Exports

IsProcessRunning
KillProcess

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/logo.ico
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

488b9c61d28b8855f328d854ae7601be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
PeekNamedPipe
GetExitCodeProcess
WaitForSingleObject
GetTickCount
lstrcpyW
IsDBCSLeadByteEx
CreateProcessW
GetStartupInfoW
CreatePipe
GetVersion
DeleteFileW
lstrcmpiW
lstrlenW
lstrcatW
TerminateProcess
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
CreateFileW
Sleep
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
GetCurrentProcess
ExitProcess
lstrcpynW
GetCommandLineW
GlobalReAlloc
CloseHandle
UnmapViewOfFile
CopyFileW

user32

SendMessageW
CharNextW
CharPrevW
FindWindowExW
wsprintfW
CharNextExA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsTextUnicode

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsNiuniuSkin.dll
.dll windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:9c:95:50:84:8e:a9:4b:c7:94:1d:6d:ad:69:12:f0
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

29/11/2022, 00:00

Not After

28/11/2025, 23:59

Subject

CN=深圳市利洽科技有限公司,O=深圳市利洽科技有限公司,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:dd:6c:39:b6:f6:53:21:e3:25:94:d9:2d:9f:f6:c5:41:c8:a4:57
Signer

Actual PE Digest

2b:dd:6c:39:b6:f6:53:21:e3:25:94:d9:2d:9f:f6:c5:41:c8:a4:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AutoChangeControlTextByLanguage
BindCallBack
BindCallBackEx
DownloadAppFile
DownloadFile
EnableDpi
ExitDUISetup
FileHelper
GetControlAttribute
GetControlProperties
GetCosValue
GetCurrentLangId
GetTimeStamp
GetWindowSize
HttpInvoke
InitCurrentLanguage
InitEngine
InitSkinPage
InitSkinSubPage
KillInnerTimer
KillTimerCallBack
OnlyOneInstance
ProcessEvent
ResetLicenseFile
ResetLicenseFileEx
ScanResourceFiles
SelOrHoverControl
SelectInstallDir
SelectInstallDirEx
SetControlAttribute
SetControlAttributeInner
SetCurrentLangId
SetCurrentLanguage
SetDebugMode
SetDebugSelectScaleMode
SetDownloadMode
SetInnerTimer
SetLangName
SetLangString
SetTimerCallBack
SetTimerControlAttribute
SetTopMost
SetWindowSize
SetWindowTitle
ShowHide
ShowPage
ShowPageItem
ShowSkinSubPage
StringHelper
TranslateMsg

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:4 windows x86 arch:x86

d6b0243dd90845123f35b66da1032c84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
lstrcpynW
GlobalAlloc

user32

wsprintfW

Exports

Exports

_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1024B - Virtual size: 993B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/skin.zip
.zip
configpage.xml
default.xml
.xml
finishpage.xml
images/arrow_gray.png
.png
images/[email protected]
.png
images/banner1.png
.png
images/[email protected]
.png
images/banner2.png
.png
images/[email protected]
.png
images/banner3.png
.png
images/[email protected]
.png
images/banner4.png
.png
images/[email protected]
.png
images/bg.png
.png
images/[email protected]
.png
images/browse.png
.png
images/[email protected]
.png
images/check_blue.png
.png
images/[email protected]
.png
images/check_darkgray.png
.png
images/[email protected]
.png
images/check_gray.png
.png
images/[email protected]
.png
images/close_black.png
.png
images/[email protected]
.png
images/close_darkgray.png
.png
images/[email protected]
.png
images/close_gray.png
.png
images/[email protected]
.png
images/close_white.png
.png
images/[email protected]
.png
images/finish.png
.png
images/[email protected]
.png
images/installing.png
.png
images/[email protected]
.png
images/installing_empty.png
.png
images/[email protected]
.png
images/logo1.png
.png
images/[email protected]
.png
images/logo2.png
.png
images/[email protected]
.png
images/logo3.png
.png
images/[email protected]
.png
images/logo_empty.png
.png
images/[email protected]
.png
images/min_black.png
.png
images/[email protected]
.png
images/min_dark.png
.png
images/[email protected]
.png
images/min_gray.png
.png
images/[email protected]
.png
images/min_white.png
.png
images/[email protected]
.png
images/notice.png
.png
images/[email protected]
.png
images/scroll_bg.png
.png
images/[email protected]
.png
images/scroll_fg.png
.png
images/[email protected]
.png
images/shadow.png
.png
images/[email protected]
.png
images/uninst_empty.png
.png
images/[email protected]
.png
images/uninst_finish.png
.png
images/[email protected]
.png
images/uninstall.png
.png
images/uninstall2.png
.png
images/[email protected]
.png
images/[email protected]
.png
images/uninstalling.png
.png
images/[email protected]
.png
images/warning.png
.png
images/[email protected]
.png
install.xml
installingpage.xml
licensepage.xml
logo.ico
msgBox.xml
.xml
uninstallfinishpage.xml
uninstallingpage.xml
uninstallpage.xml
zrtc.dll
.dll windows:5 windows x64 arch:x64

e963baee792d7b7b2716ba67b95b890c

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/01/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

08/09/2023, 00:00

Not After

02/10/2026, 23:59

Subject

SERIALNUMBER=91460000MA5T92TJ7C,CN=Hainan YouQu Technology Co.\, Ltd,O=Hainan YouQu Technology Co.\, Ltd,L=Sanya,ST=Hainan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064861696e616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:f4:98:82:f0:73:8c:b1:ef:3e:b2:c5:b5:27:8c:56:c7:21:e3:7c:4c:8f:e3:f1:1a:0c:ce:08:82:6a:dd:e8
Signer

Actual PE Digest

be:f4:98:82:f0:73:8c:b1:ef:3e:b2:c5:b5:27:8c:56:c7:21:e3:7c:4c:8f:e3:f1:1a:0c:ce:08:82:6a:dd:e8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

zrtc.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
ChangeTimerQueueTimer
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringEx
CompareStringW
CreateDirectoryW
CreateEventExW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateSemaphoreExW
CreateSemaphoreW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
CreateTimerQueue
CreateTimerQueueTimer
CreateWaitableTimerW
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteTimerQueueTimer
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindNextFileA
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushProcessWriteBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesExA
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessTimes
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetThreadId
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetProcessMemoryInfo
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
LockFileEx
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
ProcessIdToSessionId
QueryDepthSList
QueryFullProcessImageNameW
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
QueueUserAPC
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadErrorMode
SetThreadExecutionState
SetThreadPriority
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
SetWaitableTimer
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WTSGetActiveConsoleSessionId
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcmpA
lstrcpyW
lstrcpynW
lstrlenW

user32

BringWindowToTop
CloseDesktop
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
DrawIconEx
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumWindows
FindWindowExW
GetAncestor
GetAsyncKeyState
GetClassInfoExW
GetClassNameW
GetClientRect
GetCursorInfo
GetDC
GetIconInfo
GetLayeredWindowAttributes
GetMonitorInfoA
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowDisplayAffinity
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
IsIconic
IsWindow
IsWindowVisible
KillTimer
LoadCursorW
MonitorFromRect
MsgWaitForMultipleObjectsEx
OpenInputDesktop
PeekMessageW
PostThreadMessageW
PrintWindow
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
ReleaseDC
SendMessageTimeoutW
SetForegroundWindow
SetLayeredWindowAttributes
SetRectEmpty
SetThreadDesktop
SetTimer
SetWindowDisplayAffinity
SetWindowLongW
SetWindowPos
ShowWindow
TranslateMessage
UnregisterClassW
UnregisterDeviceNotification
WindowFromPoint

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
PropVariantClear
StringFromGUID2

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d11

D3D11CreateDevice

advapi32

EventRegister
EventUnregister
EventWrite
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
SystemFunction036

ws2_32

WSAAddressToStringW
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSARecv
WSAResetEvent
WSASend
WSASetEvent
WSASetLastError
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

oleaut32

OleCreatePropertyFrame
SysAllocString
SysFreeString
VariantClear
VariantInit

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetAdaptersAddresses

msdmo

MoFreeMediaType
MoInitMediaType

secur32

AcquireCredentialsHandleA
CompleteAuthToken
DeleteSecurityContext
FreeCredentialsHandle
InitializeSecurityContextA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
DeleteDC
DeleteObject
GetCurrentObject
GetDIBits
GetDeviceCaps
GetObjectW
GetRgnBox
SelectObject

Exports

Exports

??0?$SharedPtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VAudioDeviceManageItf@zuler@@@1@@Z
??0?$SharedPtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDeviceManageItf@1@@Z
??0?$SharedPtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@1@@Z
??0?$SharedPtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDevices@AudioDeviceManageItf@1@@Z
??0?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VAudioFrameItf@zuler@@@1@@Z
??0?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@PEAVAudioFrameItf@1@@Z
??0?$SharedPtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVAudios@ErizoStreamItf@1@@Z
??0?$SharedPtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@PEAVCameraCapabilitiesItf@CameraSourceItf@1@@Z
??0?$SharedPtr@VCameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VCameraSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VCameraSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VCameraSourceItf@zuler@@@zuler@@QEAA@PEAVCameraSourceItf@1@@Z
??0?$SharedPtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@PEAVCamerasItf@CameraSourceItf@1@@Z
??0?$SharedPtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@1@@Z
??0?$SharedPtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@PEAVCodecSDKItf@codec_sdk@1@@Z
??0?$SharedPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VDCAdapterItf@zuler@@@1@@Z
??0?$SharedPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@PEAVDCAdapterItf@1@@Z
??0?$SharedPtr@VDataChannelItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VDataChannelItf@zuler@@@1@@Z
??0?$SharedPtr@VDataChannelItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VDataChannelItf@zuler@@@zuler@@QEAA@PEAVDataChannelItf@1@@Z
??0?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VDataChannelListener@DataChannelItf@zuler@@@1@@Z
??0?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@PEAVDataChannelListener@DataChannelItf@1@@Z
??0?$SharedPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VDesktopSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@PEAVDesktopSourceItf@1@@Z
??0?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VEncodedImageItf@zuler@@@1@@Z
??0?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEAA@PEAVEncodedImageItf@1@@Z
??0?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoClientItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@PEAVErizoClientItf@1@@Z
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVErizoConnectionItf@1@@Z
??0?$SharedPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoRoomItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@PEAVErizoRoomItf@1@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@PEAVErizoStreamItf@1@@Z
??0?$SharedPtr@VErizoUserItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VErizoUserItf@zuler@@@1@@Z
??0?$SharedPtr@VErizoUserItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VErizoUserItf@zuler@@@zuler@@QEAA@PEAVErizoUserItf@1@@Z
??0?$SharedPtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VImageProcessingModuleItf@zuler@@@1@@Z
??0?$SharedPtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@PEAVImageProcessingModuleItf@1@@Z
??0?$SharedPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VInputListener@RenderSinkItf@zuler@@@1@@Z
??0?$SharedPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@PEAVInputListener@RenderSinkItf@1@@Z
??0?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VListener@DesktopSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@PEAVListener@DesktopSourceItf@1@@Z
??0?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VListener@ErizoRoomItf@zuler@@@1@@Z
??0?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVListener@ErizoRoomItf@1@@Z
??0?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VListener@ErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVListener@ErizoStreamItf@1@@Z
??0?$SharedPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VListener@MediaDevicesItf@zuler@@@1@@Z
??0?$SharedPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@PEAVListener@MediaDevicesItf@1@@Z
??0?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVMediaCaps@ErizoConnectionItf@1@@Z
??0?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VPublishCallback@zuler@@@1@@Z
??0?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@PEAVPublishCallback@1@@Z
??0?$SharedPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VRenderSinkItf@zuler@@@1@@Z
??0?$SharedPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@PEAVRenderSinkItf@1@@Z
??0?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VReportListener@ErizoClientItf@zuler@@@1@@Z
??0?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@PEAVReportListener@ErizoClientItf@1@@Z
??0?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVRtcStatsListener@ErizoConnectionItf@1@@Z
??0?$SharedPtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSinks@AudioSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@PEAVSinks@AudioSourceItf@1@@Z
??0?$SharedPtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSinks@VideoSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@PEAVSinks@VideoSourceItf@1@@Z
??0?$SharedPtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSoundCardSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@PEAVSoundCardSourceItf@1@@Z
??0?$SharedPtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSources@ErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVSources@ErizoStreamItf@1@@Z
??0?$SharedPtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@1@@Z
??0?$SharedPtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@PEAVSourcesItf@DesktopSourceItf@1@@Z
??0?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VStateListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVStateListener@ErizoConnectionItf@1@@Z
??0?$SharedPtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VStreams@ErizoConnectionItf@zuler@@@1@@Z
??0?$SharedPtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVStreams@ErizoConnectionItf@1@@Z
??0?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@1@@Z
??0?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVStreams@ErizoRoomItf@1@@Z
??0?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VSubscribeCallback@zuler@@@1@@Z
??0?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@PEAVSubscribeCallback@1@@Z
??0?$SharedPtr@VTaskItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VTaskItf@zuler@@@1@@Z
??0?$SharedPtr@VTaskItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VTaskItf@zuler@@@zuler@@QEAA@PEAVTaskItf@1@@Z
??0?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VThreadItf@zuler@@@1@@Z
??0?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@PEAVThreadItf@1@@Z
??0?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VUnpublishCallback@zuler@@@1@@Z
??0?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@PEAVUnpublishCallback@1@@Z
??0?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VUnsubscribeCallback@zuler@@@1@@Z
??0?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@PEAVUnsubscribeCallback@1@@Z
??0?$SharedPtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@1@@Z
??0?$SharedPtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVUsers@ErizoRoomItf@1@@Z
??0?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VVideoFrameItf@zuler@@@1@@Z
??0?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@PEAVVideoFrameItf@1@@Z
??0?$SharedPtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV?$UniquePtr@VVideos@ErizoStreamItf@zuler@@@1@@Z
??0?$SharedPtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$SharedPtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVVideos@ErizoStreamItf@1@@Z
??0?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDeviceInfoItf@AudioDeviceManageItf@1@@Z
??0?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDeviceManageItf@1@@Z
??0?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@PEAVAudioDevices@AudioDeviceManageItf@1@@Z
??0?$UniquePtr@VAudioFrameItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VAudioFrameItf@zuler@@@zuler@@QEAA@PEAVAudioFrameItf@1@@Z
??0?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVAudios@ErizoStreamItf@1@@Z
??0?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@PEAVCameraCapabilitiesItf@CameraSourceItf@1@@Z
??0?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAA@PEAVCameraSourceItf@1@@Z
??0?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@PEAVCamerasItf@CameraSourceItf@1@@Z
??0?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@PEAVCodecSDKItf@codec_sdk@1@@Z
??0?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEAA@PEAVDCAdapterItf@1@@Z
??0?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEAA@PEAVDataChannelItf@1@@Z
??0?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@PEAVDesktopSourceItf@1@@Z
??0?$UniquePtr@VErizoClientItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoClientItf@zuler@@@zuler@@QEAA@PEAVErizoClientItf@1@@Z
??0?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVErizoConnectionItf@1@@Z
??0?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAA@PEAVErizoRoomItf@1@@Z
??0?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@PEAVErizoStreamItf@1@@Z
??0?$UniquePtr@VErizoUserItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VErizoUserItf@zuler@@@zuler@@QEAA@PEAVErizoUserItf@1@@Z
??0?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@PEAVImageProcessingModuleItf@1@@Z
??0?$UniquePtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@PEAVInputListener@RenderSinkItf@1@@Z
??0?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVMediaCaps@ErizoConnectionItf@1@@Z
??0?$UniquePtr@VMediaDevicesItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VMediaDevicesItf@zuler@@@zuler@@QEAA@PEAVMediaDevicesItf@1@@Z
??0?$UniquePtr@VRenderSinkItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VRenderSinkItf@zuler@@@zuler@@QEAA@PEAVRenderSinkItf@1@@Z
??0?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@PEAVSinks@AudioSourceItf@1@@Z
??0?$UniquePtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@PEAVSinks@VideoSourceItf@1@@Z
??0?$UniquePtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@PEAVSoundCardSourceItf@1@@Z
??0?$UniquePtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVSources@ErizoStreamItf@1@@Z
??0?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@PEAVSourcesItf@DesktopSourceItf@1@@Z
??0?$UniquePtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@PEAVStreams@ErizoConnectionItf@1@@Z
??0?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVStreams@ErizoRoomItf@1@@Z
??0?$UniquePtr@VTaskItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VTaskItf@zuler@@@zuler@@QEAA@PEAVTaskItf@1@@Z
??0?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@PEAVUsers@ErizoRoomItf@1@@Z
??0?$UniquePtr@VVideoFrameItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VVideoFrameItf@zuler@@@zuler@@QEAA@PEAVVideoFrameItf@1@@Z
??0?$UniquePtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@$$QEAV01@@Z
??0?$UniquePtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@PEAVVideos@ErizoStreamItf@1@@Z
??0?$WeakPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VAudioFrameItf@zuler@@@1@@Z
??0?$WeakPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VDCAdapterItf@zuler@@@1@@Z
??0?$WeakPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VDataChannelItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VDataChannelItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VDataChannelItf@zuler@@@1@@Z
??0?$WeakPtr@VDataChannelItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@1@@Z
??0?$WeakPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VDesktopSourceItf@zuler@@@1@@Z
??0?$WeakPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VErizoClientItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VErizoConnectionItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VErizoRoomItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VErizoStreamItf@zuler@@@1@@Z
??0?$WeakPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VInputListener@RenderSinkItf@zuler@@@1@@Z
??0?$WeakPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@DesktopSourceItf@zuler@@@1@@Z
??0?$WeakPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@ErizoRoomItf@zuler@@@1@@Z
??0?$WeakPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@ErizoStreamItf@zuler@@@1@@Z
??0?$WeakPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VListener@MediaDevicesItf@zuler@@@1@@Z
??0?$WeakPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VPublishCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VPublishCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VPublishCallback@zuler@@@1@@Z
??0?$WeakPtr@VPublishCallback@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VRenderSinkItf@zuler@@@1@@Z
??0?$WeakPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@1@@Z
??0?$WeakPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$WeakPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@1@@Z
??0?$WeakPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VSubscribeCallback@zuler@@@1@@Z
??0?$WeakPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VTaskItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VTaskItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VTaskItf@zuler@@@1@@Z
??0?$WeakPtr@VTaskItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VThreadItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VThreadItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VThreadItf@zuler@@@1@@Z
??0?$WeakPtr@VThreadItf@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VUnpublishCallback@zuler@@@1@@Z
??0?$WeakPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VUnsubscribeCallback@zuler@@@1@@Z
??0?$WeakPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@XZ
??0?$WeakPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@AEBV01@@Z
??0?$WeakPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@AEBV?$SharedPtr@VVideoFrameItf@zuler@@@1@@Z
??0?$WeakPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@XZ
??0AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@QEAA@AEBV012@@Z
??0AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioDeviceManageItf@zuler@@QEAA@AEBV01@@Z
??0AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioDevices@AudioDeviceManageItf@zuler@@QEAA@AEBV012@@Z
??0AudioDevices@AudioDeviceManageItf@zuler@@QEAA@XZ
??0AudioFrameItf@zuler@@QEAA@AEBV01@@Z
??0AudioFrameItf@zuler@@QEAA@XZ
??0AudioSinkItf@zuler@@QEAA@AEBV01@@Z
??0AudioSinkItf@zuler@@QEAA@XZ
??0AudioSourceItf@zuler@@QEAA@AEBV01@@Z
??0AudioSourceItf@zuler@@QEAA@XZ
??0Audios@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Audios@ErizoStreamItf@zuler@@QEAA@XZ
??0CameraSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0CameraSourceItf@zuler@@QEAA@AEBV01@@Z
??0CameraSourceItf@zuler@@QEAA@XZ
??0CodecSDKItf@codec_sdk@zuler@@QEAA@AEBV012@@Z
??0CodecSDKItf@codec_sdk@zuler@@QEAA@XZ
??0DCAdapterItf@zuler@@QEAA@AEBV01@@Z
??0DCAdapterItf@zuler@@QEAA@XZ
??0DataChannelItf@zuler@@QEAA@AEBV01@@Z
??0DataChannelItf@zuler@@QEAA@XZ
??0DataChannelListener@DataChannelItf@zuler@@QEAA@AEBV012@@Z
??0DataChannelListener@DataChannelItf@zuler@@QEAA@XZ
??0DataChannelTestItf@zuler@@QEAA@AEBV01@@Z
??0DataChannelTestItf@zuler@@QEAA@XZ
??0DesktopSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0DesktopSourceItf@zuler@@QEAA@AEBV01@@Z
??0DesktopSourceItf@zuler@@QEAA@XZ
??0EncodedImageItf@zuler@@QEAA@AEBV01@@Z
??0EncodedImageItf@zuler@@QEAA@XZ
??0ErizoClientItf@zuler@@QEAA@AEBV01@@Z
??0ErizoClientItf@zuler@@QEAA@XZ
??0ErizoConnectionItf@zuler@@QEAA@AEBV01@@Z
??0ErizoConnectionItf@zuler@@QEAA@XZ
??0ErizoRoomItf@zuler@@QEAA@AEBV01@@Z
??0ErizoRoomItf@zuler@@QEAA@XZ
??0ErizoStreamItf@zuler@@QEAA@AEBV01@@Z
??0ErizoStreamItf@zuler@@QEAA@XZ
??0ErizoUserItf@zuler@@QEAA@AEBV01@@Z
??0ErizoUserItf@zuler@@QEAA@XZ
??0Formats@VirtualCameraItf@zuler@@QEAA@AEBV012@@Z
??0Formats@VirtualCameraItf@zuler@@QEAA@XZ
??0ImageProcessingModuleItf@zuler@@QEAA@AEBV01@@Z
??0ImageProcessingModuleItf@zuler@@QEAA@XZ
??0InputListener@RenderSinkItf@zuler@@QEAA@AEBV012@@Z
??0InputListener@RenderSinkItf@zuler@@QEAA@XZ
??0Listener@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Listener@ErizoRoomItf@zuler@@QEAA@XZ
??0Listener@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Listener@ErizoStreamItf@zuler@@QEAA@XZ
??0Listener@MediaDevicesItf@zuler@@QEAA@AEBV012@@Z
??0Listener@MediaDevicesItf@zuler@@QEAA@XZ
??0Listener@VirtualCameraItf@zuler@@QEAA@AEBV012@@Z
??0Listener@VirtualCameraItf@zuler@@QEAA@XZ
??0LogWriterItf@zuler@@QEAA@AEBV01@@Z
??0LogWriterItf@zuler@@QEAA@XZ
??0MediaCaps@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0MediaCaps@ErizoConnectionItf@zuler@@QEAA@XZ
??0MediaDevicesItf@zuler@@QEAA@AEBV01@@Z
??0MediaDevicesItf@zuler@@QEAA@XZ
??0PublishCallback@zuler@@QEAA@AEBV01@@Z
??0PublishCallback@zuler@@QEAA@XZ
??0RenderSinkItf@zuler@@QEAA@$$QEAV01@@Z
??0RenderSinkItf@zuler@@QEAA@AEBV01@@Z
??0RenderSinkItf@zuler@@QEAA@XZ
??0ReportListener@ErizoClientItf@zuler@@QEAA@AEBV012@@Z
??0ReportListener@ErizoClientItf@zuler@@QEAA@XZ
??0RoomStateObserver@zuler@@QEAA@AEBV01@@Z
??0RoomStateObserver@zuler@@QEAA@XZ
??0RtcStatsListener@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0RtcStatsListener@ErizoConnectionItf@zuler@@QEAA@XZ
??0Sinks@VideoSourceItf@zuler@@QEAA@AEBV012@@Z
??0Sinks@VideoSourceItf@zuler@@QEAA@XZ
??0SoundCardSourceItf@zuler@@QEAA@$$QEAV01@@Z
??0SoundCardSourceItf@zuler@@QEAA@AEBV01@@Z
??0SoundCardSourceItf@zuler@@QEAA@XZ
??0Sources@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Sources@ErizoStreamItf@zuler@@QEAA@XZ
??0StateListener@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0StateListener@ErizoConnectionItf@zuler@@QEAA@XZ
??0Streams@ErizoConnectionItf@zuler@@QEAA@AEBV012@@Z
??0Streams@ErizoConnectionItf@zuler@@QEAA@XZ
??0Streams@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Streams@ErizoRoomItf@zuler@@QEAA@XZ
??0SubscribeCallback@zuler@@QEAA@AEBV01@@Z
??0SubscribeCallback@zuler@@QEAA@XZ
??0TaskItf@zuler@@QEAA@AEBV01@@Z
??0TaskItf@zuler@@QEAA@XZ
??0ThreadItf@zuler@@QEAA@AEBV01@@Z
??0ThreadItf@zuler@@QEAA@XZ
??0UnpublishCallback@zuler@@QEAA@AEBV01@@Z
??0UnpublishCallback@zuler@@QEAA@XZ
??0UnsubscribeCallback@zuler@@QEAA@AEBV01@@Z
??0UnsubscribeCallback@zuler@@QEAA@XZ
??0Users@ErizoRoomItf@zuler@@QEAA@AEBV012@@Z
??0Users@ErizoRoomItf@zuler@@QEAA@XZ
??0VideoFrameItf@zuler@@QEAA@AEBV01@@Z
??0VideoFrameItf@zuler@@QEAA@XZ
??0VideoSinkItf@zuler@@QEAA@AEBV01@@Z
??0VideoSinkItf@zuler@@QEAA@XZ
??0VideoSourceItf@zuler@@QEAA@AEBV01@@Z
??0VideoSourceItf@zuler@@QEAA@XZ
??0Videos@ErizoStreamItf@zuler@@QEAA@AEBV012@@Z
??0Videos@ErizoStreamItf@zuler@@QEAA@XZ
??0VirtualCameraItf@zuler@@QEAA@AEBV01@@Z
??0VirtualCameraItf@zuler@@QEAA@XZ
??0ZString@zuler@@QEAA@$$QEAV01@@Z
??0ZString@zuler@@QEAA@AEBV01@@Z
??0ZString@zuler@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0ZString@zuler@@QEAA@PEBD@Z
??0ZString@zuler@@QEAA@XZ
??0virtual_camera@zuler@@QEAA@PEBD@Z
??1?$SharedPtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VCameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VDataChannelItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VEncodedImageItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VErizoUserItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VPublishCallback@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VTaskItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VThreadItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$SharedPtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VAudioDeviceInfoItf@AudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VAudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VAudioDevices@AudioDeviceManageItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VAudioFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VAudios@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VCameraCapabilitiesItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VCameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VCamerasItf@CameraSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VCodecSDKItf@codec_sdk@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VDCAdapterItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VDataChannelItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VErizoUserItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VImageProcessingModuleItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VMediaCaps@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VMediaDevicesItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VRenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VSinks@AudioSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VSinks@VideoSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VSoundCardSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VSources@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VSourcesItf@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VStreams@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VStreams@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VTaskItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VUsers@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VVideoFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$UniquePtr@VVideos@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VAudioFrameItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VDCAdapterItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VDataChannelItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VDataChannelListener@DataChannelItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VDesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VInputListener@RenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VListener@DesktopSourceItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VListener@ErizoRoomItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VListener@ErizoStreamItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VListener@MediaDevicesItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VPublishCallback@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VRenderSinkItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VReportListener@ErizoClientItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VRtcStatsListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VStateListener@ErizoConnectionItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VSubscribeCallback@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VTaskItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VThreadItf@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VUnpublishCallback@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VUnsubscribeCallback@zuler@@@zuler@@QEAA@XZ
??1?$WeakPtr@VVideoFrameItf@zuler@@@zuler@@QEAA@XZ
??1AudioDeviceInfoItf@AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioDevices@AudioDeviceManageItf@zuler@@UEAA@XZ
??1AudioFrameItf@zuler@@UEAA@XZ
??1AudioSinkItf@zuler@@UEAA@XZ
??1AudioSourceItf@zuler@@UEAA@XZ
??1Audios@ErizoStreamItf@zuler@@UEAA@XZ

Sections

.text
Size: 39.9MB - Virtual size: 39.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nvFatBi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nv_fatb
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 72B

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 4KB - Virtual size: 3KB

.xdata
Size: 563KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IPPCODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPDATA
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eae418c7423834ffc3d79b4300bd6fb

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

32:3d:a5:02:bf:20:5d:1b:93:e7:ae:f4:56:b6:8d:f1:52:e9:87:c6:7a:6a:59:28:56:c1:ae:32:92:a0:27:22Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 171KB

.ndata Size: - Virtual size: 108KB

.rsrc Size: 268KB - Virtual size: 267KB

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 987B

.reloc Size: 512B - Virtual size: 66B

a9546246ff97b887a4072a24f9106617

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68Signer

Headers

File Characteristics

Imports

kernel32

version

user32

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:0d:29:14:16:08:fd:2c:c6:1e:29:52:13:0b:ef:e6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

32:3d:a5:02:bf:20:5d:1b:93:e7:ae:f4:56:b6:8d:f1:52:e9:87:c6:7a:6a:59:28:56:c1:ae:32:92:a0:27:22
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 171KB

.ndata
Size: - Virtual size: 108KB

.rsrc
Size: 268KB - Virtual size: 267KB

.text
Size: 1024B - Virtual size: 987B

.reloc
Size: 512B - Virtual size: 66B

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:c8:af:c0:ac:40:df:1f:98:a4:2d:ee:25:29:55:92
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

17:bd:ef:03:a9:3e:34:8d:02:f0:6f:90:e7:70:5d:a2:b1:20:4f:ea:a0:96:49:37:84:6f:37:35:10:58:71:68
Signer

.text
Size: 956KB - Virtual size: 956KB

.itext
Size: 2KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 14KB

.bss
Size: - Virtual size: 25KB

.idata
Size: 4KB - Virtual size: 3KB

.didata
Size: 512B - Virtual size: 490B

.edata
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 90KB - Virtual size: 89KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

01:64:15:e0:d1:e6:87:25:4a:9f:46:ed:5c:8f:6f:86
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0d:d1:d8:7d:cd:98:c4:70:f6:84:f5:77:e3:b8:23:e2
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

b0:77:e9:8e:25:80:5b:a9:0c:8f:3f:b8:48:80:bc:30:ad:30:7d:f2:e7:0c:cd:60:2a:06:5b:96:05:74:ab:0f
Signer

b1:e4:1a:87:07:8b:06:6a:a5:86:32:35:51:0e:e0:d3:69:7f:66:b2
Signer