Extracted

• Emerald X.zip

  .zip
• Emerald X/Emerald.exe

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 227KB - Virtual size: 226KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Emerald X/Injector.exe

  .exe windows:6 windows x64 arch:x64

  07cf1b0dd0d4bd84e4088ab25f438e9b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  QueryPerformanceFrequency

  VirtualQueryEx

  LoadLibraryA

  Process32FirstW

  Process32NextW

  FindClose

  lstrcpyW

  lstrcpynW

  lstrcmpiW

  GetProcAddress

  GetModuleHandleA

  GetModuleFileNameW

  VirtualFreeEx

  WriteProcessMemory

  ReadProcessMemory

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  IsDebuggerPresent

  VirtualProtectEx

  VirtualAllocEx

  OpenProcess

  GetCurrentProcessId

  GetLastError

  CloseHandle

  GetTempPathW

  DeleteFileW

  Sleep

  FormatMessageA

  GlobalLock

  GlobalUnlock

  VirtualProtect

  IsProcessorFeaturePresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  SleepConditionVariableSRW

  WakeAllConditionVariable

  GetFileAttributesW

  GetFileInformationByHandleEx

  GetModuleHandleW

  AreFileApisANSI

  GetFileAttributesExW

  FindNextFileW

  FindFirstFileExW

  FindFirstFileW

  CreateFileW

  CreateDirectoryW

  GetLocaleInfoEx

  GetFileSizeEx

  CreateFileA

  VerifyVersionInfoW

  WaitForMultipleObjects

  PeekNamedPipe

  ReadFile

  GetFileType

  GetStdHandle

  GetEnvironmentVariableA

  WaitForSingleObjectEx

  MoveFileExA

  WideCharToMultiByte

  MultiByteToWideChar

  FormatMessageW

  SetLastError

  GetTickCount

  FreeLibrary

  GetSystemDirectoryA

  SleepEx

  DeleteCriticalSection

  InitializeCriticalSectionEx

  LeaveCriticalSection

  EnterCriticalSection

  AcquireSRWLockExclusive

  ReleaseSRWLockExclusive

  QueryPerformanceCounter

  LocalFree

  GetCurrentProcess

  K32QueryWorkingSetEx

  K32GetModuleFileNameExW

  K32GetModuleBaseNameW

  K32EnumProcessModules

  K32EnumProcesses

  Thread32Next

  Thread32First

  CreateToolhelp32Snapshot

  SetConsoleTitleA

  lstrlenW

  lstrcatW

  GlobalAlloc

  user32

  mouse_event

  keybd_event

  MapVirtualKeyA

  SetCursorPos

  GetForegroundWindow

  EmptyClipboard

  FindWindowW

  GetWindowRect

  GetClipboardData

  SetClipboardData

  CloseClipboard

  OpenClipboard

  advapi32

  CryptEncrypt

  GetCurrentHwProfileA

  CryptAcquireContextA

  CryptReleaseContext

  CryptGetHashParam

  CryptGenRandom

  CryptCreateHash

  CryptHashData

  CryptDestroyHash

  CryptDestroyKey

  CryptImportKey

  msvcp140

  ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

  ?always_noconv@codecvt_base@std@@QEBA_NXZ

  ?in@?$codecvt@_SDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_S3AEAPEA_S@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ

  ?out@?$codecvt@_UDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_U1AEAPEB_UPEAD3AEAPEAD@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ

  ?is@?$ctype@D@std@@QEBA_NFD@Z

  ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

  ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

  ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ??Bios_base@std@@QEBA_NXZ

  ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ

  ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

  ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

  ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

  ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

  ?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ

  ?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ

  ?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ

  ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

  ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z

  ?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@AEAD@Z

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

  ?id@?$ctype@D@std@@2V0locale@2@A

  ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

  ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A

  ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z

  ?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ??7ios_base@std@@QEBA_NXZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

  ?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

  ?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

  ?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

  ?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z

  ?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEAPEA_W0PEAH001@Z

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z

  ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z

  ?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ

  ?rdstate@ios_base@std@@QEBAHXZ

  ?fail@ios_base@std@@QEBA_NXZ

  ?_Xbad_function_call@std@@YAXXZ

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?_Winerror_map@std@@YAHH@Z

  ?_Xlength_error@std@@YAXPEBD@Z

  ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

  ??Bid@locale@std@@QEAA_KXZ

  ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z

  ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z

  ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

  ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z

  ?_Incref@facet@locale@std@@UEAAXXZ

  ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?uncaught_exception@std@@YA_NXZ

  ?_Xout_of_range@std@@YAXPEBD@Z

  ?good@ios_base@std@@QEBA_NXZ

  ?flags@ios_base@std@@QEBAHXZ

  ?width@ios_base@std@@QEBA_JXZ

  ?width@ios_base@std@@QEAA_J_J@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

  ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

  ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

  ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

  ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

  ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z

  ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

  ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

  ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

  ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ?_Syserror_map@std@@YAPEBDH@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?_Throw_Cpp_error@std@@YAXH@Z

  _Cnd_do_broadcast_at_thread_exit

  _Thrd_detach

  ??1_Lockit@std@@QEAA@XZ

  ??0_Lockit@std@@QEAA@H@Z

  ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

  msvcp140_codecvt_ids

  ?id@?$codecvt@_UDU_Mbstatet@@@std@@2V0locale@2@A

  ?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A

  ws2_32

  getpeername

  getsockname

  getsockopt

  ntohs

  bind

  WSAWaitForMultipleEvents

  WSAResetEvent

  WSAEventSelect

  WSAEnumNetworkEvents

  WSACreateEvent

  WSACloseEvent

  WSACleanup

  WSAStartup

  gethostbyname

  gethostname

  gethostbyaddr

  inet_addr

  sendto

  htons

  freeaddrinfo

  getaddrinfo

  WSAGetLastError

  socket

  setsockopt

  send

  select

  recv

  ioctlsocket

  connect

  recvfrom

  listen

  WSASetLastError

  htonl

  accept

  __WSAFDIsSet

  closesocket

  WSAIoctl

  ntdll

  VerSetConditionMask

  RtlCaptureContext

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  shlwapi

  StrCmpW

  PathRemoveFileSpecW

  normaliz

  IdnToAscii

  crypt32

  CertEnumCertificatesInStore

  CertFindCertificateInStore

  CertFreeCertificateContext

  CryptStringToBinaryA

  PFXImportCertStore

  CryptDecodeObjectEx

  CertAddCertificateContextToStore

  CertFindExtension

  CertGetNameStringA

  CryptQueryObject

  CertCreateCertificateChainEngine

  CertFreeCertificateChainEngine

  CertGetCertificateChain

  CertFreeCertificateChain

  CertCloseStore

  CertOpenStore

  wldap32

  ord22

  ord41

  ord45

  ord26

  ord27

  ord50

  ord32

  ord33

  ord46

  ord301

  ord217

  ord143

  ord35

  ord79

  ord30

  ord200

  ord211

  ord60

  vcruntime140

  memchr

  _purecall

  memmove

  strstr

  memcmp

  strchr

  strrchr

  memcpy

  memset

  __C_specific_handler

  __current_exception

  __current_exception_context

  __std_exception_copy

  __std_exception_destroy

  _CxxThrowException

  vcruntime140_1

  __CxxFrameHandler4

  api-ms-win-crt-runtime-l1-1-0

  _errno

  __sys_errlist

  __sys_nerr

  _beginthreadex

  exit

  terminate

  _getpid

  system

  abort

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _register_onexit_function

  _crt_atexit

  _cexit

  _seh_filter_exe

  _set_app_type

  _invalid_parameter_noinfo_noreturn

  _get_initial_narrow_environment

  _initterm

  _initterm_e

  _exit

  __p___argc

  __p___argv

  _c_exit

  _register_thread_local_exe_atexit_callback

  api-ms-win-crt-string-l1-1-0

  tolower

  isalnum

  strncpy

  strnlen

  strspn

  strncmp

  isalpha

  isspace

  strcspn

  strcmp

  strncat

  _strdup

  strpbrk

  toupper

  iscntrl

  isgraph

  ispunct

  isxdigit

  isdigit

  islower

  isupper

  api-ms-win-crt-stdio-l1-1-0

  __p__commode

  _set_fmode

  _read

  _write

  _close

  fopen

  __stdio_common_vsprintf_s

  _open

  feof

  fseek

  _lseeki64

  fgets

  fgetwc

  fputwc

  ungetc

  setvbuf

  fwrite

  _fseeki64

  fsetpos

  fread

  fputc

  fgetpos

  fflush

  fclose

  _get_stream_buffer_pointers

  _wfopen

  __stdio_common_vsprintf

  ungetwc

  __stdio_common_vsscanf

  __stdio_common_vsnprintf_s

  __stdio_common_vfprintf

  fputs

  __acrt_iob_func

  ftell

  fgetc

  api-ms-win-crt-heap-l1-1-0

  calloc

  free

  _set_new_mode

  realloc

  malloc

  _callnewh

  _aligned_malloc

  _aligned_free

  api-ms-win-crt-filesystem-l1-1-0

  _stat64

  _waccess_s

  _access

  _wrmdir

  _fstat64

  _unlink

  _wmkdir

  _unlock_file

  _lock_file

  _wstat64

  api-ms-win-crt-utility-l1-1-0

  qsort

  srand

  api-ms-win-crt-time-l1-1-0

  _localtime64_s

  strftime

  _difftime64

  _time64

  _gmtime64_s

  _gmtime64

  clock

  api-ms-win-crt-math-l1-1-0

  ceilf

  _dsign

  floorf

  floor

  log2

  acos

  _dclass

  modf

  asin

  round

  cosh

  __setusermatherr

  frexp

  pow

  _fdopen

  cos

  ldexp

  exp

  fmod

  atan

  tanh

  tan

  atan2

  sqrt

  sinh

  log10

  sin

  log

  ceil

  api-ms-win-crt-convert-l1-1-0

  wcstombs

  strtoll

  strtoul

  strtol

  strtoull

  strtod

  atoi

  api-ms-win-crt-environment-l1-1-0

  _wdupenv_s

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  ___lc_codepage_func

  Sections

  .text

  Size: 3.9MB - Virtual size: 3.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.2MB - Virtual size: 1.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 109KB - Virtual size: 155KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 256KB - Virtual size: 255KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Emerald X/bin/Monaco/index.html

  .js
• Emerald X/bin/Monaco/vs/base/browser/ui/codicons/codicon/codicon.ttf
• Emerald X/bin/Monaco/vs/base/worker/workerMain.js

  .js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes.js

  .js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/base.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/DataModel.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/Enum.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/EnumItem.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/Enums.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/Instance.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/Model.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/RBXScriptSignal.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/ServiceProvider.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/classes/Workspace.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/functions-krnl.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/functions.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/globals.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/keywords.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/Drawing.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/Krnl.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/debug.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/math.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/table.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/libraries/task.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/modules-table.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/modules.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/params/DataModelServices.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/params/DrawingTypes.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/params/InstanceClasses.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/autocompletes/snippets.js
• Emerald X/bin/Monaco/vs/basic-languages/lua/lua.js

  .js
• Emerald X/bin/Monaco/vs/basic-languages/lua/snippets.js
• Emerald X/bin/Monaco/vs/basic-languages/monaco.contribution.js

  .js
• Emerald X/bin/Monaco/vs/editor/editor.main.css
• Emerald X/bin/Monaco/vs/editor/editor.main.js

  .js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.de.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.es.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.fr.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.it.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.ja.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.ko.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.ru.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.zh-cn.js
• Emerald X/bin/Monaco/vs/editor/editor.main.nls.zh-tw.js
• Emerald X/bin/Monaco/vs/loader.js

  .js
• Emerald X/logs/log2024-09-04_13-01-28.txt
• Emerald X/runtimes/win-arm64/native/WebView2Loader.dll
• Emerald X/runtimes/win-x64/native/WebView2Loader.dll

  .dll windows:5 windows x64 arch:x64

  aaa8a1994a594e4746a652eda600aebf

  
  

  Code Sign

  33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  16-02-2023 20:10

  Not After

  31-01-2024 20:10

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08-07-2011 20:59

  Not After

  08-07-2026 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  fc:d9:ff:45:ce:dd:69:40:84:14:bf:7f:56:d8:a9:e6:e1:d5:19:c6:85:7f:f6:8b:4f:c9:9d:e0:d9:a2:36:8d

  Signer

  Actual PE Digest

  fc:d9:ff:45:ce:dd:69:40:84:14:bf:7f:56:d8:a9:e6:e1:d5:19:c6:85:7f:f6:8b:4f:c9:9d:e0:d9:a2:36:8d

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  D:\a\_work\e\src\out\Release_x64\WebView2Loader.dll.pdb

  Imports

  kernel32

  CloseHandle

  CreateEventW

  CreateFileW

  DeleteCriticalSection

  EncodePointer

  EnterCriticalSection

  ExitProcess

  FindClose

  FindFirstFileExW

  FindNextFileW

  FlsAlloc

  FlsFree

  FlsGetValue

  FlsSetValue

  FlushFileBuffers

  FreeEnvironmentStringsW

  FreeLibrary

  GetACP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  GetConsoleMode

  GetConsoleOutputCP

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetEnvironmentStringsW

  GetEnvironmentVariableW

  GetFileAttributesW

  GetFileType

  GetLastError

  GetModuleFileNameW

  GetModuleHandleExW

  GetModuleHandleW

  GetOEMCP

  GetProcAddress

  GetProcessHeap

  GetStartupInfoW

  GetStdHandle

  GetStringTypeW

  GetSystemInfo

  GetSystemTimeAsFileTime

  HeapAlloc

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionAndSpinCount

  InitializeSListHead

  InterlockedFlushSList

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryW

  MultiByteToWideChar

  OutputDebugStringA

  OutputDebugStringW

  QueryPerformanceCounter

  RaiseException

  ResetEvent

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlPcToFileHeader

  RtlUnwind

  RtlUnwindEx

  RtlVirtualUnwind

  SetEvent

  SetFilePointerEx

  SetLastError

  SetStdHandle

  SetUnhandledExceptionFilter

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  VirtualProtect

  VirtualQuery

  WaitForSingleObjectEx

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  Exports

  Exports

  CompareBrowserVersions

  CreateCoreWebView2Environment

  CreateCoreWebView2EnvironmentWithOptions

  GetAvailableCoreWebView2BrowserVersionString

  Sections

  .text

  Size: 82KB - Virtual size: 81KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 45KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .00cfg

  Size: 512B - Virtual size: 56B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .gxfg

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .retplne

  Size: 512B - Virtual size: 140B

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  _RDATA

  Size: 512B - Virtual size: 348B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Emerald X/runtimes/win-x86/native/WebView2Loader.dll

  .dll windows:5 windows x86 arch:x86

  608537c42a46a95b31cc1ef01ab6eeb0

  
  

  Code Sign

  33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  16-02-2023 20:10

  Not After

  31-01-2024 20:10

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08-07-2011 20:59

  Not After

  08-07-2026 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  45:ea:c3:64:d8:92:9a:17:5f:f3:f5:15:b8:a6:cf:c1:bd:32:2c:b9:a9:7c:66:6e:e2:ff:3a:a7:65:3d:4b:40

  Signer

  Actual PE Digest

  45:ea:c3:64:d8:92:9a:17:5f:f3:f5:15:b8:a6:cf:c1:bd:32:2c:b9:a9:7c:66:6e:e2:ff:3a:a7:65:3d:4b:40

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  D:\a\_work\e\src\out\Release\WebView2Loader.dll.pdb

  Imports

  kernel32

  CloseHandle

  CreateEventW

  CreateFileW

  DecodePointer

  DeleteCriticalSection

  EncodePointer

  EnterCriticalSection

  ExitProcess

  FindClose

  FindFirstFileExW

  FindNextFileW

  FlushFileBuffers

  FreeEnvironmentStringsW

  FreeLibrary

  GetACP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  GetConsoleMode

  GetConsoleOutputCP

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetEnvironmentStringsW

  GetEnvironmentVariableW

  GetFileAttributesW

  GetFileType

  GetLastError

  GetModuleFileNameW

  GetModuleHandleExW

  GetModuleHandleW

  GetOEMCP

  GetProcAddress

  GetProcessHeap

  GetStartupInfoW

  GetStdHandle

  GetStringTypeW

  GetSystemInfo

  GetSystemTimeAsFileTime

  HeapAlloc

  HeapFree

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionAndSpinCount

  InitializeSListHead

  InterlockedFlushSList

  IsDebuggerPresent

  IsProcessorFeaturePresent

  IsValidCodePage

  LCMapStringW

  LeaveCriticalSection

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryW

  MultiByteToWideChar

  OutputDebugStringA

  OutputDebugStringW

  QueryPerformanceCounter

  RaiseException

  ResetEvent

  RtlUnwind

  SetEvent

  SetFilePointerEx

  SetLastError

  SetStdHandle

  SetUnhandledExceptionFilter

  TerminateProcess

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  VirtualProtect

  VirtualQuery

  WaitForSingleObjectEx

  WideCharToMultiByte

  WriteConsoleW

  WriteFile

  Exports

  Exports

  CompareBrowserVersions

  CreateCoreWebView2Environment

  CreateCoreWebView2EnvironmentWithOptions

  GetAvailableCoreWebView2BrowserVersionString

  Sections

  .text

  Size: 62KB - Virtual size: 62KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 29KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .00cfg

  Size: 512B - Virtual size: 8B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ