wzdu46[.]exe | Triage

resource
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/linker.dll
unpack002/$PLUGINSDIR/nsProcess.dll
unpack002/$PLUGINSDIR/nsSessionSIDW.dll
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsEnvVariables.dll
unpack003/$PLUGINSDIR/nsProcess.dll
unpack003/$PLUGINSDIR/nsisos.dll

wzdu46.exe

.exe windows:5 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

54:2a:ed:fd:25:c8:8b:ef:5b:f3:db:da:9b:8c:b2:79:89:07:1d:ec:29:9c:3a:2e:75:43:80:d4:62:7c:da:87
Signer

Actual PE Digest

54:2a:ed:fd:25:c8:8b:ef:5b:f3:db:da:9b:8c:b2:79:89:07:1d:ec:29:9c:3a:2e:75:43:80:d4:62:7c:da:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime

CompareFileTime

SearchPathW

GetShortPathNameW

GetFullPathNameW

MoveFileW

SetCurrentDirectoryW

GetFileAttributesW

GetLastError

CreateDirectoryW

SetFileAttributesW

Sleep

GetTickCount

GetFileSize

GetModuleFileNameW

GetCurrentProcess

CopyFileW

ExitProcess

GetWindowsDirectoryW

GetTempPathW

GetCommandLineW

SetErrorMode

lstrcpynA

CloseHandle

lstrcpynW

GetDiskFreeSpaceW

GlobalUnlock

GlobalLock

CreateThread

LoadLibraryW

CreateProcessW

lstrcmpiA

CreateFileW

GetTempFileNameW

lstrcatW

GetProcAddress

LoadLibraryA

GetModuleHandleA

OpenProcess

lstrcpyW

GetVersionExW

GetSystemDirectoryW

GetVersion

lstrcpyA

RemoveDirectoryW

lstrcmpiW

lstrcmpW

ExpandEnvironmentStringsW

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GlobalFree

GetModuleHandleW

LoadLibraryExW

FreeLibrary

WritePrivateProfileStringW

GetPrivateProfileStringW

WideCharToMultiByte

MulDiv

lstrlenA

WriteFile

ReadFile

MultiByteToWideChar

SetFilePointer

FindClose

FindNextFileW

FindFirstFileW

DeleteFileW

lstrlenW

user32

ScreenToClient

GetMessagePos

CallWindowProcW

IsWindowVisible

LoadBitmapW

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

TrackPopupMenu

GetWindowRect

AppendMenuW

CreatePopupMenu

GetSystemMetrics

EndDialog

EnableMenuItem

GetSystemMenu

SetClassLongW

IsWindowEnabled

SetWindowPos

DialogBoxParamW

CheckDlgButton

CreateWindowExW

SystemParametersInfoW

RegisterClassW

SetDlgItemTextW

GetDlgItemTextW

MessageBoxIndirectW

CharNextA

CharUpperW

CharPrevW

DispatchMessageW

PeekMessageW

wsprintfA

DestroyWindow

CreateDialogParamW

SetTimer

SetWindowTextW

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfW

SendMessageTimeoutW

LoadCursorW

SetCursor

GetWindowLongW

GetSysColor

CharNextW

GetClassInfoW

ExitWindowsEx

FindWindowExW

GetDlgItem

SetWindowLongW

LoadImageW

GetDC

EnableWindow

InvalidateRect

SendMessageW

DefWindowProcW

BeginPaint

GetClientRect

FillRect

DrawTextW

EndPaint

IsWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectW

SetBkMode

SetTextColor

SelectObject

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

SHGetFileInfoW

ShellExecuteW

SHFileOperationW

SHGetSpecialFolderLocation

advapi32

RegEnumKeyW

RegOpenKeyExW

RegCloseKey

RegDeleteKeyW

RegDeleteValueW

RegCreateKeyExW

RegSetValueExW

RegQueryValueExW

RegEnumValueW

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

96333436-d2cd-41d6-89cd-d775a226d032.exe

.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

87:13:19:50:39:ed:20:24:6e:3d:17:a7:d0:e0:ca:4f:af:a9:23:51:af:ec:93:f2:bf:b2:81:92:8c:ed:19:cf
Signer

Actual PE Digest

87:13:19:50:39:ed:20:24:6e:3d:17:a7:d0:e0:ca:4f:af:a9:23:51:af:ec:93:f2:bf:b2:81:92:8c:ed:19:cf

Digest Algorithm

sha256

PE Digest Matches

true

c2:78:ec:62:c2:95:a6:65:b2:6f:29:f4:9c:35:55:a9:47:e7:01:7d
Signer

Actual PE Digest

c2:78:ec:62:c2:95:a6:65:b2:6f:29:f4:9c:35:55:a9:47:e7:01:7d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime

CompareFileTime

SearchPathW

GetShortPathNameW

GetFullPathNameW

MoveFileW

SetCurrentDirectoryW

GetFileAttributesW

GetLastError

CreateDirectoryW

SetFileAttributesW

Sleep

GetTickCount

CreateFileW

GetFileSize

GetModuleFileNameW

GetCurrentProcess

CopyFileW

ExitProcess

GetWindowsDirectoryW

GetTempPathW

GetCommandLineW

SetErrorMode

CloseHandle

lstrlenW

lstrcpynW

GetDiskFreeSpaceW

GlobalUnlock

GlobalLock

CreateThread

LoadLibraryW

CreateProcessW

lstrcmpiA

GetTempFileNameW

lstrcatW

GetProcAddress

LoadLibraryA

GetModuleHandleA

OpenProcess

lstrcpyW

GetVersionExW

GetSystemDirectoryW

GetVersion

lstrcpyA

RemoveDirectoryW

lstrcmpiW

lstrcmpW

ExpandEnvironmentStringsW

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GlobalFree

GetModuleHandleW

LoadLibraryExW

FreeLibrary

WritePrivateProfileStringW

GetPrivateProfileStringW

WideCharToMultiByte

MulDiv

lstrlenA

WriteFile

ReadFile

MultiByteToWideChar

SetFilePointer

FindClose

FindNextFileW

FindFirstFileW

DeleteFileW

lstrcpynA

user32

ScreenToClient

GetMessagePos

CallWindowProcW

IsWindowVisible

LoadBitmapW

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

TrackPopupMenu

GetWindowRect

AppendMenuW

CreatePopupMenu

GetSystemMetrics

EndDialog

EnableMenuItem

GetSystemMenu

SetClassLongW

IsWindowEnabled

SetWindowPos

DialogBoxParamW

CheckDlgButton

CreateWindowExW

SystemParametersInfoW

RegisterClassW

SetDlgItemTextW

GetDlgItemTextW

MessageBoxIndirectW

CharNextA

CharUpperW

CharPrevW

DispatchMessageW

PeekMessageW

wsprintfA

DestroyWindow

CreateDialogParamW

SetTimer

SetWindowTextW

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfW

SendMessageTimeoutW

LoadCursorW

SetCursor

GetWindowLongW

GetSysColor

CharNextW

GetClassInfoW

ExitWindowsEx

FindWindowExW

GetDlgItem

SetWindowLongW

LoadImageW

GetDC

EnableWindow

InvalidateRect

SendMessageW

DefWindowProcW

BeginPaint

GetClientRect

FillRect

DrawTextW

EndPaint

IsWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectW

SetBkMode

SetTextColor

SelectObject

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

SHGetFileInfoW

ShellExecuteW

SHFileOperationW

SHGetSpecialFolderLocation

advapi32

RegEnumKeyW

RegOpenKeyExW

RegCloseKey

RegDeleteKeyW

RegDeleteValueW

RegCreateKeyExW

RegSetValueExW

RegQueryValueExW

RegEnumValueW

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 996KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$APPDATA/WinZip/WinZip Driver Updater/Language/Brazilian.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Danish.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Dutch.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/English.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Finnish.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/French.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/German.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Italian.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Japanese.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Norwegian.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Russian.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Spanish.xml

.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Swedish.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/TradChinese.xml

$APPDATA/WinZip/WinZip Driver Updater/Language/Turkish.xml

.xml

$PLUGINSDIR/InstallOptions.dll

.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW

GetModuleHandleW

GlobalLock

GlobalUnlock

GetCurrentDirectoryW

SetCurrentDirectoryW

GetPrivateProfileIntW

GetPrivateProfileStringW

lstrcatW

WritePrivateProfileStringW

lstrcpynW

lstrlenW

lstrcpyW

GlobalFree

GlobalAlloc

user32

OpenClipboard

DestroyIcon

LoadCursorW

DispatchMessageW

TranslateMessage

GetMessageW

IsDialogMessageW

ShowWindow

SetWindowLongW

GetClientRect

SetWindowRgn

LoadIconW

LoadImageW

CreateWindowExW

MapDialogRect

GetClipboardData

GetWindowRect

CreateDialogParamW

EnableMenuItem

GetSystemMenu

EnableWindow

GetDlgItem

SetCursor

DrawTextW

GetWindowLongW

DrawFocusRect

CallWindowProcW

PostMessageW

wsprintfW

CharNextW

MessageBoxW

CloseClipboard

GetDlgCtrlID

MapWindowPoints

SetWindowPos

PtInRect

GetWindowTextW

SetWindowTextW

SendMessageW

DestroyWindow

gdi32

SelectObject

CreateRectRgn

GetObjectW

CombineRgn

DeleteObject

CreateCompatibleDC

GetDIBits

SetTextColor

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

ShellExecuteW

SHGetDesktopFolder

comdlg32

GetOpenFileNameW

CommDlgExtendedError

GetSaveFileNameW

ole32

CoTaskMemFree

Exports

dialog

initDialog

show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

GetLastError

lstrcpyW

lstrcpynW

GetProcAddress

WideCharToMultiByte

lstrcatW

lstrlenW

lstrcmpiW

LoadLibraryW

GetModuleHandleW

MultiByteToWideChar

VirtualAlloc

VirtualProtect

FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString

StringFromGUID2

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ioSpecial.ini

$PLUGINSDIR/linker.dll

.dll windows:5 windows x86 arch:x86

d3b0357e5a9df93304cb6f852ecac3b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

user32

LoadCursorW

CreateCursor

GetFocus

DrawTextW

SetCapture

BeginPaint

ScreenToClient

SetCursor

ClientToScreen

GetClientRect

PtInRect

GetDC

DrawFocusRect

InvalidateRect

GetWindowLongW

GetAncestor

ReleaseDC

SetWindowLongW

EndPaint

SetFocus

DestroyCursor

SetWindowPos

IsWindow

ReleaseCapture

SendMessageW

CallWindowProcW

GetWindowRect

gdi32

GetObjectW

SelectObject

DeleteObject

SetBkMode

CreateFontIndirectW

SetTextColor

GetStockObject

shell32

ShellExecuteW

kernel32

lstrcpynW

GlobalFree

lstrcpyW

GlobalAlloc

GetModuleHandleW

Exports

Link

Unload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/modern-wizard.bmp

$PLUGINSDIR/nsProcess.dll

.dll windows:5 windows x86 arch:x86

ac319d454aab2743618109b2a2c428de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

Process32NextW

Process32FirstW

TerminateProcess

WaitForSingleObject

GetExitCodeProcess

OpenProcess

CloseHandle

GetCurrentProcessId

CreateToolhelp32Snapshot

GetVersionExW

lstrcmpiW

lstrlenW

GlobalFree

lstrcpynW

GlobalAlloc

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

IsProcessorFeaturePresent

user32

GetWindowThreadProcessId

GetClassNameW

GetWindowTextW

PostMessageW

EnumWindows

Exports

_CloseProcess

_CloseProcessWindow

_FindProcess

_KillProcess

_Unload

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsSessionSIDW.dll

.dll windows:5 windows x86 arch:x86

b3031de3a4e382143eb2236474719dea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

FindResourceExW

OpenProcess

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

LocalFree

FindResourceW

lstrcpynW

GlobalAlloc

WideCharToMultiByte

MultiByteToWideChar

LoadResource

LockResource

SizeofResource

RaiseException

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSection

DeleteCriticalSection

HeapDestroy

HeapAlloc

HeapFree

HeapReAlloc

HeapSize

GetProcessHeap

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

RtlUnwind

GetCurrentThreadId

GetCommandLineA

GetLastError

GetCPInfo

InterlockedIncrement

InterlockedDecrement

GetACP

GetOEMCP

IsValidCodePage

GetModuleHandleW

GetProcAddress

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

SetLastError

Sleep

ExitProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

HeapCreate

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

VirtualAlloc

LCMapStringA

LCMapStringW

GetStringTypeA

GetStringTypeW

GetLocaleInfoA

WriteFile

LoadLibraryA

InitializeCriticalSectionAndSpinCount

advapi32

ConvertSidToStringSidW

OpenProcessToken

GetTokenInformation

Exports

getSessionSID

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

DUNotifier.exe

.exe windows:6 windows x64 arch:x64

0b0e36f86dba36cabbd1dacd407e687c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:a7:f5:61:8f:f6:3c:98:0b:07:64:68:bf:53:d0:9e:f1:1d:4e:66:30:8c:0b:e0:e6:b1:6e:77:ab:dd:73:6c
Signer

Actual PE Digest

6d:a7:f5:61:8f:f6:3c:98:0b:07:64:68:bf:53:d0:9e:f1:1d:4e:66:30:8c:0b:e0:e6:b1:6e:77:ab:dd:73:6c

Digest Algorithm

sha256

PE Digest Matches

true

de:3c:fb:e4:c4:2c:59:8c:d3:a8:ba:c0:2e:32:ae:3e:0d:55:ba:a9
Signer

Actual PE Digest

de:3c:fb:e4:c4:2c:59:8c:d3:a8:ba:c0:2e:32:ae:3e:0d:55:ba:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\IPM_Nuget_git\bin\x64\Release\notifier.pdb

Imports

kernel32

GetCurrentThread

GetLocalTime

GetVersionExA

RtlCaptureContext

GetEnvironmentVariableA

GetEnvironmentVariableW

GetCurrentDirectoryA

GetFileAttributesW

OutputDebugStringA

SetLastError

SuspendThread

ResumeThread

GetThreadContext

ReadProcessMemory

GetModuleFileNameA

GetModuleHandleExW

InitializeCriticalSectionAndSpinCount

TerminateThread

CreateEventW

WaitForMultipleObjects

OpenThread

GetLocaleInfoW

InitializeCriticalSection

ReleaseSemaphore

CreateSemaphoreA

GlobalAlloc

GlobalLock

GlobalUnlock

GlobalFree

MulDiv

lstrcmpW

GetTempFileNameW

ResetEvent

WaitForMultipleObjectsEx

OpenEventA

SetWaitableTimer

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetModuleHandleA

CreateWaitableTimerA

GetTickCount

VerifyVersionInfoW

VerSetConditionMask

CreateMutexW

WaitForSingleObject

ReleaseMutex

GetUserDefaultLangID

RtlUnwind

LocalFree

lstrlenA

lstrlenW

GetFileSize

CreateFileW

SetEndOfFile

WriteConsoleW

SetStdHandle

SetEnvironmentVariableA

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineA

GetOEMCP

IsValidCodePage

FindNextFileW

FindFirstFileExW

FindClose

DeleteFileW

GetTimeZoneInformation

SetFilePointerEx

ReadConsoleW

ReadFile

GetConsoleMode

GetConsoleCP

FlushFileBuffers

EnumSystemLocalesW

IsValidLocale

GetTimeFormatW

GetDateFormatW

GetFileType

GetACP

WriteFile

GetStdHandle

ExitProcess

FreeLibraryAndExitThread

ExitThread

CreateThread

RtlUnwindEx

RtlPcToFileHeader

AreFileApisANSI

GetUserDefaultLCID

GetStringTypeExW

LoadLibraryA

GetStartupInfoW

IsProcessorFeaturePresent

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

LoadLibraryExA

VirtualFree

VirtualAlloc

FlushInstructionCache

InterlockedPushEntrySList

InterlockedPopEntrySList

InitializeSListHead

OutputDebugStringW

IsDebuggerPresent

LCMapStringW

WaitForSingleObjectEx

GetCurrentProcess

ExpandEnvironmentStringsW

SetEnvironmentVariableW

TerminateProcess

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

OpenProcess

ProcessIdToSessionId

CreateProcessW

GetExitCodeProcess

QueryDosDeviceW

GetLogicalDriveStringsW

GetCurrentThreadId

Sleep

WTSGetActiveConsoleSessionId

CompareStringW

GetSystemTimeAsFileTime

SwitchToThread

EncodePointer

GetCPInfo

GetStringTypeW

SetUnhandledExceptionFilter

LoadLibraryW

GetCurrentProcessId

CreateEventA

SetEvent

QueryPerformanceFrequency

QueryPerformanceCounter

CloseHandle

GetTempPathW

WideCharToMultiByte

MultiByteToWideChar

FindResourceW

lstrcmpiW

SizeofResource

LockResource

LoadResource

LoadLibraryExW

GetProcAddress

GetModuleHandleW

GetModuleFileNameW

FreeLibrary

FindResourceExW

LeaveCriticalSection

EnterCriticalSection

GetCommandLineW

DeleteCriticalSection

InitializeCriticalSectionEx

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

GetLastError

RaiseException

GetFileAttributesExW

DecodePointer

user32

FindWindowW

IsRectEmpty

IntersectRect

CopyRect

SetRectEmpty

GetDesktopWindow

GetShellWindow

GetClassNameW

GetTopWindow

GetWindow

LoadStringW

MonitorFromPoint

MonitorFromWindow

GetMonitorInfoW

GetAncestor

SendMessageW

SetWindowPos

GetDC

BeginPaint

EndPaint

SetPropW

GetPropW

GetClientRect

ScreenToClient

GetWindowLongW

SetWindowLongW

SetWindowLongPtrW

GetParent

EnumChildWindows

GetMessageW

TranslateMessage

GetWindowRect

PeekMessageW

PostMessageW

PostThreadMessageW

DestroyWindow

CreateDialogParamW

SetWindowTextW

MapWindowPoints

ShowWindow

DestroyIcon

RegisterClassExW

GetClassInfoExW

CreateWindowExW

LoadCursorW

DefWindowProcW

CallWindowProcW

InvalidateRect

GetWindowLongPtrW

TrackMouseEvent

ReleaseDC

GetWindowTextW

GetWindowTextLengthW

FillRect

GetFocus

ReleaseCapture

IsWindowEnabled

SetCursor

DestroyCursor

DrawIconEx

GetIconInfo

LoadImageW

RegisterWindowMessageW

IsChild

MoveWindow

GetDlgItem

SetFocus

GetKeyState

SetCapture

SetTimer

KillTimer

CreateAcceleratorTableW

DestroyAcceleratorTable

InvalidateRgn

RedrawWindow

ClientToScreen

GetSysColor

EndDialog

GetForegroundWindow

GetLastInputInfo

SystemParametersInfoW

GetActiveWindow

CharNextW

IsWindowVisible

IsWindow

DispatchMessageW

UnregisterClassW

gdi32

StretchBlt

CreateCompatibleBitmap

GetStockObject

GetBitmapBits

GetDeviceCaps

CreateSolidBrush

GetObjectW

SetStretchBltMode

BitBlt

SaveDC

RestoreDC

SelectObject

DeleteObject

DeleteDC

CreateCompatibleDC

shell32

SHGetFolderPathW

ShellExecuteW

ExtractIconExW

DuplicateIcon

SHCreateDirectoryExW

ole32

CoMarshalInterface

OleLockRunning

CLSIDFromProgID

OleUninitialize

CoCreateInstance

CoTaskMemAlloc

CoTaskMemRealloc

OleInitialize

StringFromGUID2

CoTaskMemFree

CoUninitialize

CoInitializeEx

CoInitializeSecurity

CoSetProxyBlanket

CreateStreamOnHGlobal

CoGetClassObject

CLSIDFromString

CoUnmarshalInterface

oleaut32

SafeArrayCreate

SysAllocStringLen

DispCallFunc

SafeArrayUnaccessData

SafeArrayAccessData

SafeArrayGetLBound

SafeArrayGetUBound

VariantCopy

VariantChangeType

LoadTypeLi

SysStringByteLen

SysStringLen

VariantInit

SysAllocString

VarUI4FromStr

VariantClear

SysFreeString

LoadRegTypeLi

SysAllocStringByteLen

OleCreateFontIndirect

advapi32

RegCloseKey

RegCreateKeyExW

RegDeleteKeyW

RegDeleteValueW

RegEnumKeyExW

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

RegQueryValueExW

LookupAccountSidW

ConvertStringSidToSidW

ChangeServiceConfigW

CloseServiceHandle

OpenSCManagerW

OpenServiceW

QueryServiceConfigW

QueryServiceStatus

StartServiceW

OpenProcessToken

AdjustTokenPrivileges

GetTokenInformation

LookupPrivilegeValueW

GetUserNameA

CryptAcquireContextW

CryptGetHashParam

CryptCreateHash

CryptHashData

CryptDestroyHash

LockServiceDatabase

UnlockServiceDatabase

RegOpenKeyW

CryptDecrypt

CryptReleaseContext

CryptDeriveKey

CryptDestroyKey

shlwapi

UrlEscapeW

PathFileExistsW

wtsapi32

WTSQuerySessionInformationW

WTSFreeMemory

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

GetFileVersionInfoA

GetFileVersionInfoSizeA

msimg32

AlphaBlend

powrprof

CallNtPowerInformation

psapi

GetProcessImageFileNameW

winhttp

WinHttpOpen

WinHttpCloseHandle

WinHttpConnect

WinHttpReadData

WinHttpAddRequestHeaders

WinHttpGetIEProxyConfigForCurrentUser

WinHttpQueryDataAvailable

WinHttpSendRequest

WinHttpSetCredentials

WinHttpQueryAuthSchemes

WinHttpReceiveResponse

WinHttpQueryHeaders

WinHttpSetOption

WinHttpOpenRequest

WinHttpGetDefaultProxyConfiguration

wininet

HttpAddRequestHeadersW

InternetSetOptionW

HttpOpenRequestW

HttpSendRequestW

InternetOpenW

InternetCloseHandle

InternetConnectW

InternetReadFile

InternetQueryDataAvailable

HttpQueryInfoW

InternetGetConnectedState

gdiplus

GdipCreateFromHDC

GdipCreateSolidFill

GdipDeleteBrush

GdipCloneBrush

GdipMeasureString

GdiplusStartup

GdipSetStringFormatTrimming

GdipSetStringFormatFlags

GdipCloneStringFormat

GdipDeleteStringFormat

GdipFree

GdipAlloc

GdipGetFontSize

GdipStringFormatGetGenericTypographic

GdipSetStringFormatAlign

GdipGetStringFormatAlign

GdipSetStringFormatLineAlign

GdipGetStringFormatLineAlign

GdipGetStringFormatTrimming

GdipFillRectangleI

GdipCreateFontFamilyFromName

GdipGetFontHeight

GdipSetTextRenderingHint

GdipDeleteFont

GdipGetFontStyle

GdipCreateFromHWND

GdipCloneFont

GdipCreateStringFormat

GdipCloneImage

GdipDisposeImage

GdipCreateBitmapFromStream

GdipCreateBitmapFromScan0

GdipGetImageGraphicsContext

GdipGetImageHeight

GdipGetDpiY

GdipDeleteFontFamily

GdipCreateBitmapFromFile

GdipCreateImageAttributes

GdipCreateBitmapFromResource

GdipDrawImageRectRectI

GdipSetInterpolationMode

GdipSetPixelOffsetMode

GdipSetImageAttributesWrapMode

GdipDeleteGraphics

GdipGetFamilyName

GdipCreateFont

GdipGetFamily

GdipGetGenericFontFamilySansSerif

GdipDrawString

GdipGetStringFormatFlags

GdipDisposeImageAttributes

GdipGetImageWidth

urlmon

CoInternetSetFeatureEnabled

Exports

??0?$oserializer@Vtext_oarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@boost@@QEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCNextCheckDelayManager@Utils@IPMUtility@@@serialization@boost@@@serialization@boost@@IEAA@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCNextCheckDelayManager@Utils@IPMUtility@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCNextCheckDelayManager@Utils@IPMUtility@@@23@XZ

?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ

?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ

?get_const_instance@?$singleton@V?$oserializer@Vtext_oarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vtext_oarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@3@XZ

?get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ

?get_mutable_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ

?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ

?is_destroyed@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ

?is_locked@singleton_module@serialization@boost@@QEAA_NXZ

?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?lock@?1??get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ@4_NA

?lock@singleton_module@serialization@boost@@QEAAXXZ

?save_object_data@?$oserializer@Vtext_oarchive@archive@boost@@VCNextCheckDelayManager@Utils@IPMUtility@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?unlock@singleton_module@serialization@boost@@QEAAXXZ

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 533KB - Virtual size: 533KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

interpro
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

DUNotifierTray.exe

.exe windows:6 windows x64 arch:x64

5c6420d797da6276477b8d6af75f9627

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

30:88:bb:19:e2:21:5e:87:b6:eb:6b:6e:87:de:9c:8d:03:3a:98:a2:e5:57:c6:2a:1d:45:cf:35:b0:bc:68:ba
Signer

Actual PE Digest

30:88:bb:19:e2:21:5e:87:b6:eb:6b:6e:87:de:9c:8d:03:3a:98:a2:e5:57:c6:2a:1d:45:cf:35:b0:bc:68:ba

Digest Algorithm

sha256

PE Digest Matches

true

66:98:25:9d:b4:9f:b4:b5:4c:c3:13:fe:50:e2:59:aa:55:a1:22:8b
Signer

Actual PE Digest

66:98:25:9d:b4:9f:b4:b5:4c:c3:13:fe:50:e2:59:aa:55:a1:22:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateProcessW

MoveFileExW

VerSetConditionMask

SetEvent

CreateEventA

LocalFree

VerifyVersionInfoW

LocalAlloc

GetFileAttributesW

lstrlenW

LoadLibraryW

IsDebuggerPresent

ExpandEnvironmentStringsW

WaitForSingleObject

GetCurrentProcessId

GetExitCodeProcess

FindClose

WaitForSingleObjectEx

GlobalAlloc

GlobalLock

GlobalUnlock

MulDiv

lstrcmpW

SetEndOfFile

CreateFileW

WriteConsoleW

SetStdHandle

SetEnvironmentVariableA

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineW

GetCommandLineA

GetOEMCP

IsValidCodePage

FindNextFileW

FindFirstFileExW

SetLastError

GetTimeZoneInformation

SetFilePointerEx

ReadConsoleW

ReadFile

GetConsoleMode

GetConsoleCP

FlushFileBuffers

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

GetFileType

GetACP

WriteFile

GetStdHandle

GetModuleHandleExW

ExitProcess

RtlUnwindEx

RtlPcToFileHeader

QueryPerformanceCounter

GetStartupInfoW

IsProcessorFeaturePresent

TerminateProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

ResetEvent

GetLocaleInfoW

LCMapStringW

CompareStringW

GetCPInfo

GetSystemTimeAsFileTime

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

SwitchToThread

CreateEventW

InitializeCriticalSectionAndSpinCount

GetStringTypeW

LoadLibraryExA

VirtualFree

VirtualAlloc

FlushInstructionCache

GetCurrentProcess

InterlockedPushEntrySList

InterlockedPopEntrySList

InitializeSListHead

EncodePointer

OutputDebugStringW

CloseHandle

GetTempPathW

GetTempFileNameW

DeleteFileW

DecodePointer

lstrcmpiW

LoadLibraryExW

GetProcAddress

GetModuleHandleW

FreeLibrary

DeleteCriticalSection

InitializeCriticalSectionEx

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

GetUserDefaultLangID

WideCharToMultiByte

MultiByteToWideChar

GetCurrentThreadId

FindResourceW

LockResource

SizeofResource

RtlUnwind

LoadResource

GetModuleFileNameW

FindResourceExW

GetTickCount

Sleep

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

SetCurrentDirectoryW

user32

GetClassNameW

GetTopWindow

GetWindow

MonitorFromWindow

DialogBoxParamW

EndDialog

GetActiveWindow

SetTimer

KillTimer

SetWindowTextW

GetClientRect

GetWindowRect

CopyRect

GetLastInputInfo

GetShellWindow

MonitorFromPoint

SetWindowPos

ShowWindow

UnregisterClassW

GetAncestor

IsWindow

GetDC

GetWindowLongW

SetWindowLongW

FindWindowW

CharNextW

SetWindowLongPtrW

GetWindowTextLengthW

RegisterWindowMessageW

SendMessageW

DefWindowProcW

CallWindowProcW

RegisterClassExW

GetClassInfoExW

CreateWindowExW

IsChild

DestroyWindow

GetMonitorInfoW

IsWindowVisible

GetForegroundWindow

MoveWindow

LoadCursorW

GetParent

GetWindowLongPtrW

FillRect

GetSysColor

ScreenToClient

ClientToScreen

GetDlgItem

GetWindowTextW

RedrawWindow

InvalidateRgn

InvalidateRect

EndPaint

BeginPaint

ReleaseDC

DestroyAcceleratorTable

CreateAcceleratorTableW

ReleaseCapture

SetCapture

GetKeyState

GetFocus

SetFocus

GetDesktopWindow

gdi32

GetDeviceCaps

DeleteDC

GetObjectW

SelectObject

GetStockObject

DeleteObject

CreateSolidBrush

CreateCompatibleDC

CreateCompatibleBitmap

BitBlt

shell32

ShellExecuteW

ole32

CreateStreamOnHGlobal

CLSIDFromString

CLSIDFromProgID

CoTaskMemFree

CoTaskMemRealloc

CoTaskMemAlloc

CoCreateInstance

OleUninitialize

OleLockRunning

CoGetClassObject

OleInitialize

StringFromGUID2

oleaut32

VariantClear

VariantChangeType

LoadTypeLi

LoadRegTypeLi

DispCallFunc

OleCreateFontIndirect

VariantCopy

VariantInit

SafeArrayUnaccessData

SafeArrayAccessData

SafeArrayGetLBound

SafeArrayGetUBound

SafeArrayCreate

SysStringLen

SysAllocStringLen

SysAllocString

SysFreeString

VarUI4FromStr

advapi32

RegCloseKey

RegDeleteKeyW

RegDeleteValueW

RegEnumKeyExW

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

RegQueryValueExW

LookupAccountSidW

ConvertStringSidToSidW

RegCreateKeyExW

shlwapi

UrlEscapeW

wtsapi32

WTSFreeMemory

WTSQuerySessionInformationW

version

GetFileVersionInfoW

VerQueryValueW

GetFileVersionInfoSizeW

wintrust

WinVerifyTrust

crypt32

CryptQueryObject

CryptMsgClose

CryptMsgGetParam

CertCloseStore

CertFindCertificateInStore

CertFreeCertificateContext

CertGetNameStringW

winhttp

WinHttpGetDefaultProxyConfiguration

WinHttpGetIEProxyConfigForCurrentUser

WinHttpOpen

WinHttpCloseHandle

WinHttpOpenRequest

WinHttpQueryHeaders

WinHttpReceiveResponse

WinHttpQueryAuthSchemes

WinHttpSetCredentials

WinHttpSendRequest

WinHttpQueryDataAvailable

WinHttpReadData

WinHttpConnect

wininet

HttpOpenRequestW

HttpSendRequestW

InternetOpenW

InternetCloseHandle

InternetConnectW

InternetReadFile

InternetQueryDataAvailable

HttpQueryInfoW

urlmon

CoInternetSetFeatureEnabled

Exports

?get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ

?is_locked@singleton_module@serialization@boost@@QEAA_NXZ

?lock@?1??get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ@4_NA

?lock@singleton_module@serialization@boost@@QEAAXXZ

?unlock@singleton_module@serialization@boost@@QEAAXXZ

Sections

.text
Size: 380KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

DriverUpdater.exe

.exe windows:6 windows x64 arch:x64

7d2093f3438b6c0981e6fab1c6c1ba2d

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:2b:75:e8:33:ea:ea:41:94:db:8b:66:53:1e:0b:cf:6c:b4:a7:a0:f1:72:35:20:20:f8:08:91:d9:f9:f3:54
Signer

Actual PE Digest

55:2b:75:e8:33:ea:ea:41:94:db:8b:66:53:1e:0b:cf:6c:b4:a7:a0:f1:72:35:20:20:f8:08:91:d9:f9:f3:54

Digest Algorithm

sha256

PE Digest Matches

true

ad:21:93:fe:24:59:46:88:a1:40:2c:e8:59:bd:a3:12:2d:e9:2e:57
Signer

Actual PE Digest

ad:21:93:fe:24:59:46:88:a1:40:2c:e8:59:bd:a3:12:2d:e9:2e:57

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

SetupGetLineByIndexW

SetupFindNextMatchLineW

SetupGetLineCountW

SetupVerifyInfFileW

SetupDiGetActualSectionToInstallW

SetupDiGetDriverInstallParamsW

SetupGetFieldCount

SetupGetStringFieldW

CM_Get_Parent

SetupDiSetDeviceInstallParamsW

CM_Get_DevNode_Status

SetupCopyOEMInfW

SetupFindFirstLineW

SetupDiEnumDriverInfoW

SetupDiGetDeviceInstallParamsW

SetupOpenFileQueue

SetupCloseFileQueue

SetupScanFileQueueW

SetupDiGetDeviceInstanceIdW

SetupDiEnumDeviceInfo

SetupDiDestroyDeviceInfoList

SetupDiBuildDriverInfoList

SetupDiGetClassDevsW

SetupDiSetSelectedDriverW

SetupDiGetDriverInfoDetailW

SetupDiDestroyDriverInfoList

SetupDiSetDeviceRegistryPropertyW

SetupDiGetDeviceRegistryPropertyW

SetupCloseInfFile

SetupOpenInfFileW

SetupDiGetClassDescriptionW

SetupGetInfDriverStoreLocationW

SetupDiGetDevicePropertyW

SetupDiCallClassInstaller

kernel32

GetLogicalDriveStringsW

QueryDosDeviceW

TerminateProcess

GetExitCodeProcess

CreateProcessW

ProcessIdToSessionId

OpenProcess

WTSGetActiveConsoleSessionId

CreateToolhelp32Snapshot

Process32FirstW

Process32NextW

ExpandEnvironmentStringsW

GetTickCount

CreateEventW

WaitForMultipleObjects

ReadDirectoryChangesW

GetFileTime

GetFileSize

ReadFile

SetFilePointer

FileTimeToSystemTime

GetTempFileNameW

GetTempPathW

CreateDirectoryW

GetBinaryTypeW

SetPriorityClass

InitializeCriticalSectionAndSpinCount

GetWindowsDirectoryW

GetVersionExA

OpenThread

TerminateThread

GetSystemFirmwareTable

GetDateFormatW

SetFileAttributesW

SetWaitableTimer

GetSystemTime

CreateWaitableTimerW

SetUnhandledExceptionFilter

GetCurrentThread

GetLocalTime

RtlCaptureContext

GetEnvironmentVariableA

GetCurrentDirectoryA

OutputDebugStringA

SuspendThread

ResumeThread

GetThreadContext

ReadProcessMemory

GetFileAttributesW

GetUserDefaultLocaleName

OpenEventA

ResetEvent

GetFileAttributesExW

GetSystemTimeAsFileTime

PostQueuedCompletionStatus

SleepEx

TlsAlloc

TlsGetValue

TlsFree

CreateIoCompletionPort

GetQueuedCompletionStatus

QueueUserAPC

TlsSetValue

GetModuleHandleA

FlushFileBuffers

MapViewOfFile

CreateFileMappingW

FormatMessageA

SystemTimeToFileTime

LockFileEx

CreateFileMappingA

UnlockFile

HeapCompact

DeleteFileA

LoadLibraryA

FlushViewOfFile

GetSystemInfo

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapValidate

UnmapViewOfFile

UnlockFileEx

SetEndOfFile

GetFullPathNameA

LockFile

GetDiskFreeSpaceW

GetFullPathNameW

HeapCreate

AreFileApisANSI

TryEnterCriticalSection

GetVersion

VirtualProtect

Thread32Next

Thread32First

FlushInstructionCache

SetThreadContext

VirtualFree

VirtualAlloc

VirtualQuery

CreateWaitableTimerA

InitializeSListHead

IsDebuggerPresent

GetUserDefaultLangID

GetModuleFileNameA

GlobalMemoryStatusEx

InterlockedPopEntrySList

InterlockedPushEntrySList

LoadLibraryExA

GetStringTypeExW

LCMapStringW

GetUserDefaultLCID

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

IsProcessorFeaturePresent

GetStartupInfoW

GetStdHandle

GetFileType

GlobalMemoryStatus

FlushConsoleInputBuffer

GetCommandLineA

GetCommandLineW

DeleteFileW

DecodePointer

CloseHandle

DuplicateHandle

RaiseException

GetLastError

SetLastError

QueryPerformanceCounter

QueryPerformanceFrequency

HeapDestroy

HeapAlloc

HeapReAlloc

HeapFree

HeapSize

GetProcessHeap

InitializeCriticalSection

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionEx

DeleteCriticalSection

SetEvent

WaitForSingleObjectEx

CreateMutexW

CreateEventA

GetCurrentProcess

ExitProcess

GetCurrentThreadId

FindResourceExW

FreeLibrary

GetModuleFileNameW

GetModuleHandleW

GetProcAddress

LoadLibraryExW

GetNativeSystemInfo

DeviceIoControl

CreateFileA

LocalAlloc

lstrlenA

GetThreadId

GetLocaleInfoW

GetVersionExW

SetProcessWorkingSetSize

WriteFile

FindNextFileW

FindFirstFileW

FindClose

CreateFileW

GetEnvironmentVariableW

WaitForMultipleObjectsEx

GetModuleHandleExW

VerifyVersionInfoW

VerSetConditionMask

lstrlenW

CopyFileW

ReleaseSemaphore

LoadLibraryW

GetCurrentProcessId

Sleep

WaitForSingleObject

SetCurrentDirectoryW

WideCharToMultiByte

MultiByteToWideChar

FindResourceW

CreateSemaphoreA

lstrcmpiW

lstrcmpW

FormatMessageW

MulDiv

LocalFree

GlobalFree

GlobalUnlock

GlobalHandle

GlobalLock

GlobalAlloc

SizeofResource

LockResource

OutputDebugStringW

LoadResource

EncodePointer

user32

LoadStringW

ReleaseCapture

SetCapture

GetFocus

GetActiveWindow

SetFocus

CharNextW

CreateAcceleratorTableW

DestroyAcceleratorTable

GetSystemMetrics

GetDC

ReleaseDC

BeginPaint

GetUserObjectInformationW

GetProcessWindowStation

SendDlgItemMessageW

GetDlgItem

EndDialog

DialogBoxIndirectParamW

DialogBoxParamW

IsIconic

SetWindowPos

MoveWindow

DestroyWindow

IsChild

IsWindow

CreateWindowExW

GetClassInfoExW

RegisterClassExW

UnregisterClassW

CallWindowProcW

DefWindowProcW

SendMessageW

RegisterWindowMessageW

EndPaint

InvalidateRect

InvalidateRgn

RedrawWindow

SetWindowTextW

InflateRect

FrameRect

GetSysColorBrush

WindowFromDC

DrawFrameControl

DrawEdge

RemovePropW

EnableScrollBar

ShowScrollBar

SetScrollRange

SetScrollPos

SendNotifyMessageW

GetIconInfo

GetMessageTime

OffsetRect

DrawTextW

HideCaret

SetDlgItemTextW

GetKeyState

TrackMouseEvent

GetWindowDC

GetAncestor

GetTopWindow

GetLastInputInfo

GetShellWindow

EnumDisplayMonitors

GetWindowThreadProcessId

EnumThreadWindows

IsRectEmpty

IntersectRect

SetRectEmpty

GetForegroundWindow

PostThreadMessageW

GetWindowRgn

GetScrollRange

GetClipboardData

CloseClipboard

OpenClipboard

GetMessagePos

GetDlgCtrlID

CallNextHookEx

UnhookWindowsHookEx

SetWindowsHookExW

ExitWindowsEx

MonitorFromPoint

DrawIconEx

UpdateWindow

SetMenuItemInfoW

TrackPopupMenu

AppendMenuW

DestroyMenu

CreatePopupMenu

IsWindowEnabled

EnableWindow

KillTimer

SetTimer

PostQuitMessage

UnregisterDeviceNotification

RegisterDeviceNotificationW

GetMonitorInfoW

MonitorFromWindow

SetWindowRgn

SystemParametersInfoW

GetScrollInfo

SetScrollInfo

DestroyCursor

EnumChildWindows

PtInRect

CopyRect

SetRect

MapWindowPoints

GetCursorPos

SetCursor

GetPropW

SetPropW

GetScrollPos

ScrollWindowEx

GetCapture

IsWindowVisible

LoadIconW

LoadBitmapW

DrawStateW

GetWindowRect

MessageBoxW

SetForegroundWindow

CreateDialogParamW

ShowWindow

PostMessageW

PeekMessageW

DispatchMessageW

TranslateMessage

GetMessageW

MapDialogRect

LoadImageW

DestroyIcon

LoadCursorW

GetWindow

GetClassNameW

FindWindowW

GetParent

GetDesktopWindow

SetWindowLongPtrW

GetWindowLongPtrW

SetWindowLongW

GetWindowLongW

FillRect

GetSysColor

ScreenToClient

ClientToScreen

SetWindowContextHelpId

GetClientRect

GetWindowTextLengthW

GetWindowTextW

gdi32

CreateCompatibleDC

CreateSolidBrush

DeleteDC

DeleteObject

GetDeviceCaps

GetStockObject

SelectObject

GetObjectW

CreatePatternBrush

StretchBlt

SetStretchBltMode

TextOutW

CreatePen

LineTo

MoveToEx

SetViewportOrgEx

RoundRect

BeginPath

EndPath

StrokePath

CreateRoundRectRgn

CreateRectRgn

Rectangle

CreateFontIndirectW

RestoreDC

SaveDC

GetTextExtentPoint32W

SetBkMode

SetTextColor

CreateFontW

GetObjectA

CombineRgn

FillRgn

SetBkColor

GetBitmapBits

CreateBitmap

IntersectClipRect

PatBlt

SelectClipRgn

PlayEnhMetaFile

ExtTextOutW

SetWindowOrgEx

SetBrushOrgEx

UnrealizeObject

BitBlt

CreateCompatibleBitmap

winspool.drv

GetPrintProcessorDirectoryW

GetPrinterDriverDirectoryW

shell32

SHGetPathFromIDListW

SHGetSpecialFolderLocation

SHCreateDirectoryExW

SHGetFolderPathW

ShellExecuteW

Shell_NotifyIconW

ord165

DuplicateIcon

SHGetSpecialFolderPathW

SHFileOperationW

SHGetFileInfoW

ole32

CreateStreamOnHGlobal

CoInitializeEx

CLSIDFromProgID

StringFromGUID2

CoTaskMemAlloc

CoTaskMemRealloc

CoTaskMemFree

CoGetClassObject

OleUninitialize

OleLockRunning

OleRun

CoInitializeSecurity

StringFromCLSID

CoSetProxyBlanket

CoMarshalInterface

CoUnmarshalInterface

CoUninitialize

CoCreateInstance

OleInitialize

CLSIDFromString

oleaut32

SafeArrayAccessData

SafeArrayUnaccessData

DispCallFunc

SafeArrayGetUBound

SafeArrayCreate

VariantChangeType

VariantCopy

OleCreateFontIndirect

GetErrorInfo

LoadRegTypeLi

SafeArrayGetLBound

VarUI4FromStr

VariantClear

VariantInit

SysAllocStringByteLen

SysStringLen

LoadTypeLi

SysFreeString

SysAllocStringLen

SysAllocString

advapi32

LookupAccountSidW

RegCreateKeyExW

RegDeleteKeyW

RegDeleteValueW

RegEnumKeyExW

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

CryptAcquireContextW

DeregisterEventSource

RegisterEventSourceW

ReportEventW

CryptReleaseContext

CryptGetHashParam

CryptCreateHash

CryptHashData

CryptDestroyHash

AllocateAndInitializeSid

CheckTokenMembership

FreeSid

ConvertStringSidToSidW

CryptEnumProvidersA

CryptGenRandom

CryptAcquireContextA

GetUserNameA

SetEntriesInAclW

SetSecurityDescriptorOwner

SetSecurityDescriptorGroup

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

CreateWellKnownSid

UnlockServiceDatabase

LockServiceDatabase

RegEnumKeyW

RegOpenKeyW

CryptDecrypt

CryptDestroyKey

CryptDeriveKey

StartServiceW

QueryServiceStatus

QueryServiceConfigW

OpenServiceW

OpenSCManagerW

CloseServiceHandle

ChangeServiceConfigW

RegEnumValueW

RegQueryValueExW

GetTokenInformation

LookupPrivilegeValueW

AdjustTokenPrivileges

OpenProcessToken

RegCloseKey

shlwapi

UrlEscapeW

PathGetDriveNumberW

PathAppendW

PathAddBackslashW

PathFileExistsW

comctl32

ord380

ImageList_Create

ImageList_Destroy

ImageList_GetImageCount

ImageList_ReplaceIcon

ImageList_Remove

InitCommonControlsEx

msimg32

AlphaBlend

TransparentBlt

gdiplus

GdipGetFontSize

GdipGetFontHeight

GdipCreateHBITMAPFromBitmap

GdipCreateFromHWND

GdipCreateFromHWNDICM

GdipGetLogFontW

GdipGetImageWidth

GdipGetImageHeight

GdipCreateImageAttributes

GdipDisposeImageAttributes

GdipSetImageAttributesWrapMode

GdipSetPixelOffsetMode

GdipDrawImageRectRectI

GdipSetTextRenderingHint

GdipGetDpiY

GdipGetFamilyName

GdipGetFamily

GdipCreateBitmapFromStream

GdipCreatePath

GdipDeletePath

GdipAddPathLineI

GdipCreateBitmapFromResource

GdipCreateBitmapFromScan0

GdipGetImageGraphicsContext

GdipGetFontStyle

GdipDrawImageRectI

GdipSetInterpolationMode

GdipSetSmoothingMode

GdipCreateBitmapFromHICON

GdipDisposeImage

GdipCloneImage

GdipCreateStringFormat

GdipDrawString

GdipGetFontHeightGivenDPI

GdipCloneFont

GdipSetTextContrast

GdipGetStringFormatTrimming

GdipSetStringFormatTrimming

GdipGetStringFormatLineAlign

GdipSetStringFormatLineAlign

GdipGetStringFormatAlign

GdipSetStringFormatAlign

GdipGetStringFormatFlags

GdipFillRectangleI

GdipCreateSolidFill

GdipDeleteBrush

GdipCloneBrush

GdipFree

GdipAlloc

GdipSetStringFormatFlags

GdipCloneStringFormat

GdipDeleteStringFormat

GdipStringFormatGetGenericTypographic

GdipMeasureString

GdipDeleteFont

GdipCreateFont

GdipGetGenericFontFamilySansSerif

GdipDeleteFontFamily

GdipCreateFontFamilyFromName

GdipDeleteGraphics

GdipCreateFromHDC

GdiplusStartup

GdipCreateBitmapFromFile

GdipAddPathArcI

GdipClosePathFigure

GdipGetFontUnit

GdipImageSelectActiveFrame

GdipImageGetFrameCount

GdipSetImageAttributesColorMatrix

GdipCloneBitmapAreaI

GdipGetImagePixelFormat

GdipCreateFontFromLogfontA

GdipCreateFontFromDC

GdipFillPath

msvcp140

??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEAPEA_W0PEAH001@Z

?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ

?_Pnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ

?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z

?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ

?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ

??7ios_base@std@@QEBA_NXZ

?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z

?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z

?toupper@?$ctype@_W@std@@QEBA_W_W@Z

?id@?$numpunct@_W@std@@2V0locale@2@A

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

?classic@locale@std@@SAAEBV12@XZ

?_Gettrue@_Locinfo@std@@QEBAPEBDXZ

?_Getfalse@_Locinfo@std@@QEBAPEBDXZ

?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ

_Mbrtowc

?__ExceptionPtrCreate@@YAXPEAX@Z

?__ExceptionPtrDestroy@@YAXPEAX@Z

?__ExceptionPtrCopy@@YAXPEAXPEBX@Z

?__ExceptionPtrAssign@@YAXPEAXPEBX@Z

?__ExceptionPtrToBool@@YA_NPEBX@Z

?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z

?_Syserror_map@std@@YAPEBDH@Z

_Thrd_start

_Thrd_join

_Thrd_id

_Mtx_init

_Mtx_destroy

_Cnd_init

_Cnd_destroy

_Cnd_init_in_situ

_Cnd_destroy_in_situ

_Cnd_wait

_Cnd_broadcast

_Cnd_signal

_Cnd_register_at_thread_exit

_Cnd_unregister_at_thread_exit

_Cnd_do_broadcast_at_thread_exit

?_Throw_Cpp_error@std@@YAXH@Z

?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z

?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z

??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z

?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z

?imbue@ios_base@std@@QEAA?AVlocale@2@AEBV32@@Z

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z

?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z

?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z

?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAG@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAI@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAJ@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAK@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAM@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAN@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAO@Z

?id@?$collate@_W@std@@2V0locale@2@A

?id@?$collate@D@std@@2V0locale@2@A

?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

?id@?$ctype@_W@std@@2V0locale@2@A

?id@?$ctype@D@std@@2V0locale@2@A

?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z

?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z

?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JH@Z

?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

?_Throw_C_error@std@@YAXH@Z

_Mtx_unlock

_Mtx_lock

_Mtx_destroy_in_situ

_Mtx_init_in_situ

?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@AEAD@Z

?sync@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ

?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

?do_unshift@?$codecvt@DDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

?do_out@?$codecvt@DDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

?do_max_length@codecvt_base@std@@MEBAHXZ

?do_length@?$codecvt@DDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1_K@Z

?do_in@?$codecvt@DDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEAPEAX@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_J@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_K@Z

?do_get@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHAEA_N@Z

?id@?$numpunct@D@std@@2V0locale@2@A

?id@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z

?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z

?get@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEB_W4@Z

?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?id@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ

?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBUtm@@PEB_W4@Z

?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

?exceptions@ios_base@std@@QEAAXH@Z

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@PEAV32@@Z

?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@PEAV32@@Z

?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z

?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z

?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z

?swap@?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z

?bad@ios_base@std@@QEBA_NXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z

?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA_W_W@Z

?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ

?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ

?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ

?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

_Strxfrm

?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z

?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z

?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z

?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z

?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ

?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z

?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ

?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

?_Incref@facet@locale@std@@UEAAXXZ

?do_encoding@codecvt_base@std@@MEBAHXZ

?pubsync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

?pubimbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z

??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ

??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ

?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z

?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

_Tolower

_Toupper

?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ

??0id@locale@std@@QEAA@_K@Z

??0ctype_base@std@@QEAA@_K@Z

??1ctype_base@std@@UEAA@XZ

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z

?widen@?$ctype@D@std@@QEBADD@Z

?narrow@?$ctype@D@std@@QEBADDD@Z

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?_Winerror_map@std@@YAHH@Z

?_Winerror_message@std@@YAKKPEADK@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ

_Query_perf_counter

_Query_perf_frequency

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?_Xbad_function_call@std@@YAXXZ

?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEAD_J@Z

?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

?getloc@ios_base@std@@QEBA?AVlocale@2@XZ

?width@ios_base@std@@QEAA_J_J@Z

?width@ios_base@std@@QEBA_JXZ

?setf@ios_base@std@@QEAAHHH@Z

?flags@ios_base@std@@QEAAHH@Z

?flags@ios_base@std@@QEBAHXZ

?fail@ios_base@std@@QEBA_NXZ

?good@ios_base@std@@QEBA_NXZ

??Bios_base@std@@QEBA_NXZ

?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?widen@?$ctype@_W@std@@QEBA_WD@Z

?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z

?tolower@?$ctype@_W@std@@QEBA_W_W@Z

?is@?$ctype@_W@std@@QEBA_NF_W@Z

?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?toupper@?$ctype@D@std@@QEBADD@Z

?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z

?tolower@?$ctype@D@std@@QEBADD@Z

?is@?$ctype@D@std@@QEBA_NFD@Z

?always_noconv@codecvt_base@std@@QEBA_NXZ

?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

??0_Lockit@std@@QEAA@H@Z

??1_Lockit@std@@QEAA@XZ

?uncaught_exception@std@@YA_NXZ

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPEBD@Z

?_Xout_of_range@std@@YAXPEBD@Z

_Strcoll

?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

_Wcscoll

_Wcsxfrm

??0_Locinfo@std@@QEAA@PEBD@Z

??1_Locinfo@std@@QEAA@XZ

?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ

?c_str@?$_Yarn@D@std@@QEBAPEBDXZ

??Bid@locale@std@@QEAA_KXZ

??0facet@locale@std@@IEAA@_K@Z

??1facet@locale@std@@MEAA@XZ

wtsapi32

WTSFreeMemory

WTSQuerySessionInformationW

version

GetFileVersionInfoSizeA

GetFileVersionInfoExW

GetFileVersionInfoSizeExW

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

GetFileVersionInfoA

bcrypt

BCryptOpenAlgorithmProvider

BCryptCloseAlgorithmProvider

BCryptGenRandom

winmm

PlaySoundW

wintrust

WinVerifyTrust

CryptCATAdminAcquireContext

CryptCATAdminReleaseContext

CryptCATAdminEnumCatalogFromHash

CryptCATAdminCalcHashFromFileHandle

CryptCATCatalogInfoFromContext

CryptCATEnumerateMember

CryptCATClose

CryptCATGetAttrInfo

ws2_32

send

WSACleanup

__WSAFDIsSet

accept

bind

closesocket

connect

ioctlsocket

shutdown

getsockname

getsockopt

htonl

htons

listen

ntohl

ntohs

select

setsockopt

WSASetLastError

WSAGetLastError

WSAIoctl

WSARecv

WSASend

WSASocketW

WSAAddressToStringW

getaddrinfo

freeaddrinfo

recv

getpeername

WSAStartup

crypt32

CryptBinaryToStringW

CryptMsgGetParam

CertCloseStore

CertFindCertificateInStore

CertFreeCertificateContext

CertGetNameStringW

CryptQueryObject

CryptMsgClose

psapi

GetProcessImageFileNameW

powrprof

CallNtPowerInformation

wininet

HttpOpenRequestW

InternetGetConnectedState

HttpSendRequestW

InternetOpenW

InternetCloseHandle

InternetConnectW

InternetReadFile

InternetQueryDataAvailable

HttpQueryInfoW

InternetSetOptionW

HttpAddRequestHeadersW

winhttp

WinHttpQueryAuthSchemes

WinHttpOpen

WinHttpQueryHeaders

WinHttpOpenRequest

WinHttpCloseHandle

WinHttpConnect

WinHttpAddRequestHeaders

WinHttpReadData

WinHttpQueryDataAvailable

WinHttpSendRequest

WinHttpSetCredentials

WinHttpReceiveResponse

WinHttpGetDefaultProxyConfiguration

WinHttpGetIEProxyConfigForCurrentUser

WinHttpSetOption

mscms

GetColorDirectoryW

urlmon

CoInternetSetFeatureEnabled

vcruntime140

_purecall

__std_terminate

strchr

strstr

wcschr

wcsrchr

wcsstr

__std_exception_copy

__std_exception_destroy

__std_type_info_compare

__RTDynamicCast

memset

memcpy

__RTtypeid

memmove

memcmp

memchr

__CxxFrameHandler3

__C_specific_handler

_CxxThrowException

__std_type_info_name

api-ms-win-crt-runtime-l1-1-0

signal

_beginthread

_register_thread_local_exe_atexit_callback

_c_exit

raise

_exit

_initterm_e

_initterm

_get_wide_winmain_command_line

_initialize_wide_environment

_configure_wide_argv

_invalid_parameter_noinfo

_invalid_parameter_noinfo_noreturn

_errno

system

_beginthreadex

_endthreadex

abort

_initialize_onexit_table

_register_onexit_function

_crt_atexit

exit

_cexit

_seh_filter_exe

strerror

_set_app_type

terminate

api-ms-win-crt-heap-l1-1-0

_set_new_mode

_recalloc

_msize

calloc

free

malloc

realloc

_callnewh

api-ms-win-crt-convert-l1-1-0

atoi

wcstoul

wcstombs_s

_strtoui64

strtol

_wtoi

strtoul

_wtoi64

api-ms-win-crt-string-l1-1-0

_wcsupr_s

isdigit

isspace

tolower

wcscpy_s

iswspace

isupper

wcscspn

wcsspn

strcmp

isxdigit

_strnicmp

wmemcpy_s

strncpy

strncmp

_wcslwr_s

_wcsicmp

wcsnlen

strcpy_s

wcsncpy_s

strcat_s

_strdup

iswdigit

iswprint

wcscat_s

towlower

iswpunct

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

__stdio_common_vswprintf_s

__stdio_common_vswscanf

__p__commode

_get_stream_buffer_pointers

fopen_s

fclose

feof

_set_fmode

fgetc

fgetpos

fputc

fread

fsetpos

_fseeki64

fwrite

setvbuf

ungetc

fflush

__acrt_iob_func

__stdio_common_vsprintf

__stdio_common_vfprintf

__stdio_common_vsprintf_s

_wfopen

ferror

__stdio_common_vsscanf

fgets

_fileno

fopen

fseek

ftell

_setmode

fputs

fgetwc

fputwc

ungetwc

__stdio_common_vsnprintf_s

api-ms-win-crt-filesystem-l1-1-0

_unlock_file

_lock_file

remove

_stat64i32

api-ms-win-crt-time-l1-1-0

_gmtime64

_time64

_mktime64

strftime

_localtime64_s

wcsftime

api-ms-win-crt-math-l1-1-0

__setusermatherr

pow

ceil

floorf

ceilf

powf

floor

api-ms-win-crt-locale-l1-1-0

localeconv

_wsetlocale

_configthreadlocale

api-ms-win-crt-utility-l1-1-0

rand

rand_s

qsort

srand

api-ms-win-crt-environment-l1-1-0

getenv

_wdupenv_s

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

api-ms-win-crt-conio-l1-1-0

_getch

Exports

??0?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vbinary_oarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vbinary_oarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vtext_oarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vtext_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vtext_oarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@QEAA@XZ

??0?$oserializer@Vxml_oarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@boost@@QEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@UCBackupItem@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@UCLicenseKeySerializer@?A0x7c53500a@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@USizeToSave@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@UUpdateInfo@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@boost@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@boost@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$vector@EV?$allocator@E@std@@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCBackupsInfo@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCBrowserLauncher@?A0x6366df87@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCCommonSettings@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCDriverPackage@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCDriverPackageExclusions@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCFreeDriverUpdater@Misc@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCGeneralSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCLanguageManager@Language@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCLicenseBase@License@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCSerializableString@Serialization@Core@Cxx@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCSimpleExcludeList@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@V?$extended_type_info_typeid@VCTriggerSerializer@Serialization@DriverReviver@@@serialization@boost@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCBrowserLauncher@?A0x6366df87@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCCommonSettings@CSettings@DriverReviver@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCDeviceTypeManager@Core@ReviverSoft@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCEventManager@EventManager@Event@Core@Cxx@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCMsgBoxInfo@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCOperationManager@Core@ReviverSoft@@@serialization@boost@@IEAA@XZ

??0?$singleton@VCSettings@DriverReviver@@@serialization@boost@@IEAA@XZ

?get_const_instance@?$singleton@V?$archive_serializer_map@Vxml_oarchive@archive@boost@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$archive_serializer_map@Vxml_oarchive@archive@boost@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCBackupItem@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UCBackupItem@Core@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCLicenseKeySerializer@?A0x7c53500a@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UCLicenseKeySerializer@?A0x7c53500a@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@USizeToSave@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@USizeToSave@CSettings@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@UUpdateInfo@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@UUpdateInfo@CSettings@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@boost@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@boost@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@boost@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@boost@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$vector@EV?$allocator@E@std@@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$vector@EV?$allocator@E@std@@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCBackupsInfo@Core@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCBackupsInfo@Core@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCBrowserLauncher@?A0x6366df87@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCBrowserLauncher@?A0x6366df87@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCCommonSettings@CSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCCommonSettings@CSettings@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCDriverPackage@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCDriverPackage@Utils@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCDriverPackageExclusions@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCDriverPackageExclusions@Utils@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCFreeDriverUpdater@Misc@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCFreeDriverUpdater@Misc@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCGeneralSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCGeneralSettings@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCLanguageManager@Language@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCLanguageManager@Language@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCLicenseBase@License@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCLicenseBase@License@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCSerializableString@Serialization@Core@Cxx@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCSerializableString@Serialization@Core@Cxx@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCSettings@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCSettings@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCSimpleExcludeList@Utils@ReviverSoft@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCSimpleExcludeList@Utils@ReviverSoft@@@23@XZ

?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCTriggerSerializer@Serialization@DriverReviver@@@serialization@boost@@@serialization@boost@@SAAEBV?$extended_type_info_typeid@VCTriggerSerializer@Serialization@DriverReviver@@@23@XZ

?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vbinary_iarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vbinary_iarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vbinary_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vtext_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vtext_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$iserializer@Vxml_iarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vxml_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vxml_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$map@Vxml_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEBV?$map@Vxml_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ

?get_const_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ

?get_const_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vbinary_oarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vbinary_oarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vtext_oarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vtext_oarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vtext_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vtext_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vtext_oarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vtext_oarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$oserializer@Vxml_oarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEBV?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_const_instance@?$singleton@V?$set@PEBVvoid_caster@void_cast_detail@serialization@boost@@Uvoid_caster_compare@234@V?$allocator@PEBVvoid_caster@void_cast_detail@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEBV?$set@PEBVvoid_caster@void_cast_detail@serialization@boost@@Uvoid_caster_compare@234@V?$allocator@PEBVvoid_caster@void_cast_detail@serialization@boost@@@std@@@std@@XZ

?get_const_instance@?$singleton@VCBrowserLauncher@?A0x6366df87@@@serialization@boost@@SAAEBVCBrowserLauncher@?A0x6366df87@@XZ

?get_const_instance@?$singleton@VCMsgBoxInfo@@@serialization@boost@@SAAEBVCMsgBoxInfo@@XZ

?get_const_instance@?$singleton@VCOperationManager@Core@ReviverSoft@@@serialization@boost@@SAAEBVCOperationManager@Core@ReviverSoft@@XZ

?get_const_instance@?$singleton@VCSettings@DriverReviver@@@serialization@boost@@SAAEBVCSettings@DriverReviver@@XZ

?get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ

?get_mutable_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEAV?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEAV?$iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vxml_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vxml_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$map@Vxml_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAEAV?$map@Vxml_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@XZ

?get_mutable_instance@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ

?get_mutable_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEAV?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@@serialization@boost@@SAAEAV?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@3@XZ

?get_mutable_instance@?$singleton@V?$set@PEBVvoid_caster@void_cast_detail@serialization@boost@@Uvoid_caster_compare@234@V?$allocator@PEBVvoid_caster@void_cast_detail@serialization@boost@@@std@@@std@@@serialization@boost@@SAAEAV?$set@PEBVvoid_caster@void_cast_detail@serialization@boost@@Uvoid_caster_compare@234@V?$allocator@PEBVvoid_caster@void_cast_detail@serialization@boost@@@std@@@std@@XZ

?get_mutable_instance@?$singleton@VCDeviceTypeManager@Core@ReviverSoft@@@serialization@boost@@SAAEAVCDeviceTypeManager@Core@ReviverSoft@@XZ

?get_mutable_instance@?$singleton@VCEventManager@EventManager@Event@Core@Cxx@@@serialization@boost@@SAAEAVCEventManager@EventManager@Event@Core@Cxx@@XZ

?get_mutable_instance@?$singleton@VCMsgBoxInfo@@@serialization@boost@@SAAEAVCMsgBoxInfo@@XZ

?get_mutable_instance@?$singleton@VCOperationManager@Core@ReviverSoft@@@serialization@boost@@SAAEAVCOperationManager@Core@ReviverSoft@@XZ

?get_mutable_instance@?$singleton@VCSettings@DriverReviver@@@serialization@boost@@SAAEAVCSettings@DriverReviver@@XZ

?is_destroyed@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vtext_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vtext_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vxml_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$map@Vxml_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PEBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$multiset@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PEBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@V?$set@PEBVvoid_caster@void_cast_detail@serialization@boost@@Uvoid_caster_compare@234@V?$allocator@PEBVvoid_caster@void_cast_detail@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ

?is_destroyed@?$singleton@VCEventManager@EventManager@Event@Core@Cxx@@@serialization@boost@@SA_NXZ

?is_locked@singleton_module@serialization@boost@@QEAA_NXZ

?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vtext_iarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_ptr@?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@EEBAXAEAVbasic_iarchive@234@PEAXI@Z

?load_object_ptr@?$pointer_iserializer@Vxml_iarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@EEBAXAEAVbasic_iarchive@234@PEAXI@Z

?lock@?1??get_lock@singleton_module@serialization@boost@@AEAAAEA_NXZ@4_NA

?lock@singleton_module@serialization@boost@@QEAAXXZ

?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCBrowserLauncher@?A0x6366df87@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCFreeDriverUpdater@Misc@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vtext_oarchive@archive@boost@@UCLicenseKeySerializer@?A0x7c53500a@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vtext_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vtext_oarchive@archive@boost@@VCLicenseBase@License@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@UCBackupItem@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@USizeToSave@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@UUpdateInfo@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$CBackup@VCSimpleExcludeList@Utils@ReviverSoft@@@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$set@VCSerializableString@Serialization@Core@Cxx@@U?$less@VCSerializableString@Serialization@Core@Cxx@@@std@@V?$allocator@VCSerializableString@Serialization@Core@Cxx@@@6@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCDriverPackageExclusions@Utils@ReviverSoft@@@3@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$shared_ptr@VCSimpleExcludeList@Utils@ReviverSoft@@@3@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@EV?$allocator@E@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UCBackupItem@Core@ReviverSoft@@V?$allocator@UCBackupItem@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@UUpdateInfo@CSettings@DriverReviver@@V?$allocator@UUpdateInfo@CSettings@DriverReviver@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCBackupsInfo@Core@ReviverSoft@@V?$allocator@VCBackupsInfo@Core@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$vector@VCDriverPackage@Utils@ReviverSoft@@V?$allocator@VCDriverPackage@Utils@ReviverSoft@@@std@@@std@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCBackupsInfo@Core@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCCommonSettings@CSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackage@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCGeneralSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCLanguageManager@Language@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCSerializableString@Serialization@Core@Cxx@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCSettings@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCTriggerSerializer@Serialization@DriverReviver@@@detail@archive@boost@@UEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_ptr@?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCDriverPackageExclusions@Utils@ReviverSoft@@@detail@archive@boost@@EEBAXAEAVbasic_oarchive@234@PEBX@Z

?save_object_ptr@?$pointer_oserializer@Vxml_oarchive@archive@boost@@VCSimpleExcludeList@Utils@ReviverSoft@@@detail@archive@boost@@EEBAXAEAVbasic_oarchive@234@PEBX@Z

?unlock@singleton_module@serialization@boost@@QEAAXXZ

Sections

.text
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 680KB - Virtual size: 717KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

DriverUpdater.mab

Uninstall.exe

.exe windows:5 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25/10/2022, 00:00

Not After

25/10/2024, 23:59

Subject

CN=Corel Corporation,O=Corel Corporation,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

eb:5d:bd:da:7c:30:28:01:37:cf:74:6a:c2:9a:00:40:c6:37:e1:19:80:f3:48:6f:38:33:48:e0:3f:7f:a8:96
Signer

Actual PE Digest

eb:5d:bd:da:7c:30:28:01:37:cf:74:6a:c2:9a:00:40:c6:37:e1:19:80:f3:48:6f:38:33:48:e0:3f:7f:a8:96

Digest Algorithm

sha256

PE Digest Matches

true

a5:26:dc:8c:59:d0:3d:88:b1:9a:58:4e:4c:82:b8:d2:36:36:14:69
Signer

Actual PE Digest

a5:26:dc:8c:59:d0:3d:88:b1:9a:58:4e:4c:82:b8:d2:36:36:14:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime

CompareFileTime

SearchPathW

GetShortPathNameW

GetFullPathNameW

MoveFileW

SetCurrentDirectoryW

GetFileAttributesW

GetLastError

CreateDirectoryW

SetFileAttributesW

Sleep

GetTickCount

GetFileSize

GetModuleFileNameW

GetCurrentProcess

CopyFileW

ExitProcess

GetWindowsDirectoryW

GetTempPathW

GetCommandLineW

SetErrorMode

lstrcpynA

CloseHandle

lstrcpynW

GetDiskFreeSpaceW

GlobalUnlock

GlobalLock

CreateThread

LoadLibraryW

CreateProcessW

lstrcmpiA

CreateFileW

GetTempFileNameW

lstrcatW

GetProcAddress

LoadLibraryA

GetModuleHandleA

OpenProcess

lstrcpyW

GetVersionExW

GetSystemDirectoryW

GetVersion

lstrcpyA

RemoveDirectoryW

lstrcmpiW

lstrcmpW

ExpandEnvironmentStringsW

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GlobalFree

GetModuleHandleW

LoadLibraryExW

FreeLibrary

WritePrivateProfileStringW

GetPrivateProfileStringW

WideCharToMultiByte

MulDiv

lstrlenA

WriteFile

ReadFile

MultiByteToWideChar

SetFilePointer

FindClose

FindNextFileW

FindFirstFileW

DeleteFileW

lstrlenW

user32

ScreenToClient

GetMessagePos

CallWindowProcW

IsWindowVisible

LoadBitmapW

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

TrackPopupMenu

GetWindowRect

AppendMenuW

CreatePopupMenu

GetSystemMetrics

EndDialog

EnableMenuItem

GetSystemMenu

SetClassLongW

IsWindowEnabled

SetWindowPos

DialogBoxParamW

CheckDlgButton

CreateWindowExW

SystemParametersInfoW

RegisterClassW

SetDlgItemTextW

GetDlgItemTextW

MessageBoxIndirectW

CharNextA

CharUpperW

CharPrevW

DispatchMessageW

PeekMessageW

wsprintfA

DestroyWindow

CreateDialogParamW

SetTimer

SetWindowTextW

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfW

SendMessageTimeoutW

LoadCursorW

SetCursor

GetWindowLongW

GetSysColor

CharNextW

GetClassInfoW

ExitWindowsEx

FindWindowExW

GetDlgItem

SetWindowLongW

LoadImageW

GetDC

EnableWindow

InvalidateRect

SendMessageW

DefWindowProcW

BeginPaint

GetClientRect

FillRect

DrawTextW

EndPaint

IsWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectW

SetBkMode

SetTextColor

SelectObject

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

SHGetFileInfoW

ShellExecuteW

SHFileOperationW

SHGetSpecialFolderLocation

advapi32

RegEnumKeyW

RegOpenKeyExW

RegCloseKey

RegDeleteKeyW

RegDeleteValueW

RegCreateKeyExW

RegSetValueExW

RegQueryValueExW

RegEnumValueW

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 596KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$PLUGINSDIR/InstallOptions.dll

.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW

GetModuleHandleW

GlobalLock

GlobalUnlock

GetCurrentDirectoryW

SetCurrentDirectoryW

GetPrivateProfileIntW

GetPrivateProfileStringW

lstrcatW

WritePrivateProfileStringW

lstrcpynW

lstrlenW

lstrcpyW

GlobalFree

GlobalAlloc

user32

OpenClipboard

DestroyIcon

LoadCursorW

DispatchMessageW

TranslateMessage

GetMessageW

IsDialogMessageW

ShowWindow

SetWindowLongW

GetClientRect

SetWindowRgn

LoadIconW

LoadImageW

CreateWindowExW

MapDialogRect

GetClipboardData

GetWindowRect

CreateDialogParamW

EnableMenuItem

GetSystemMenu

EnableWindow

GetDlgItem

SetCursor

DrawTextW

GetWindowLongW

DrawFocusRect

CallWindowProcW

PostMessageW

wsprintfW

CharNextW

MessageBoxW

CloseClipboard

GetDlgCtrlID

MapWindowPoints

SetWindowPos

PtInRect

GetWindowTextW

SetWindowTextW

SendMessageW

DestroyWindow

gdi32

SelectObject

CreateRectRgn

GetObjectW

CombineRgn

DeleteObject

CreateCompatibleDC

GetDIBits

SetTextColor

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

ShellExecuteW

SHGetDesktopFolder

comdlg32

GetOpenFileNameW

CommDlgExtendedError

GetSaveFileNameW

ole32

CoTaskMemFree

Exports

dialog

initDialog

show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

GetLastError

lstrcpyW

lstrcpynW

GetProcAddress

WideCharToMultiByte

lstrcatW

lstrlenW

lstrcmpiW

LoadLibraryW

GetModuleHandleW

MultiByteToWideChar

VirtualAlloc

VirtualProtect

FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString

StringFromGUID2

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ioSpecial.ini

$PLUGINSDIR/modern-wizard.bmp

$PLUGINSDIR/nsEnvVariables.dll

.dll windows:5 windows x86 arch:x86

211e16547fae1d5f51bf909bfc524385

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar

GlobalAlloc

lstrcpynW

WideCharToMultiByte

GetCurrentThreadId

GetCommandLineA

GetModuleHandleW

GetProcAddress

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

GetLastError

InterlockedDecrement

HeapFree

Sleep

ExitProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

DeleteCriticalSection

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

HeapCreate

HeapDestroy

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

LeaveCriticalSection

EnterCriticalSection

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

HeapAlloc

VirtualAlloc

HeapReAlloc

WriteFile

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

LoadLibraryA

InitializeCriticalSectionAndSpinCount

RtlUnwind

GetLocaleInfoA

GetStringTypeA

GetStringTypeW

LCMapStringA

LCMapStringW

HeapSize

user32

wsprintfW

advapi32

CheckTokenMembership

FreeSid

AllocateAndInitializeSid

Exports

IsAdministrator

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsProcess.dll

.dll windows:5 windows x86 arch:x86

ac319d454aab2743618109b2a2c428de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

Process32NextW

Process32FirstW

TerminateProcess

WaitForSingleObject

GetExitCodeProcess

OpenProcess

CloseHandle

GetCurrentProcessId

CreateToolhelp32Snapshot

GetVersionExW

lstrcmpiW

lstrlenW

GlobalFree

lstrcpynW

GlobalAlloc

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

IsProcessorFeaturePresent

user32

GetWindowThreadProcessId

GetClassNameW

GetWindowTextW

PostMessageW

EnumWindows

Exports

_CloseProcess

_CloseProcessWindow

_FindProcess

_KillProcess

_Unload

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsisos.dll

.dll windows:5 windows x86 arch:x86

02dceff3de5d2175177a78f2eb554a86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

VerifyVersionInfoW

VerSetConditionMask

GetVersionExW

lstrcpyW

lstrcpynW

GlobalAlloc

IsProcessorFeaturePresent

Exports

osplatform

osversion

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

api-ms-win-core-console-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

7b:ec:97:26:cd:6b:bf:1f:79:1f:cf:2c:05:26:8c:16:fd:95:95:23:b5:71:a2:84:cd:ea:a0:24:41:99:d7:68
Signer

Actual PE Digest

7b:ec:97:26:cd:6b:bf:1f:79:1f:cf:2c:05:26:8c:16:fd:95:95:23:b5:71:a2:84:cd:ea:a0:24:41:99:d7:68

Digest Algorithm

sha256

PE Digest Matches

true

12:f4:3b:b9:51:88:92:ea:6c:22:17:9b:ff:25:34:68:01:88:60:90
Signer

Actual PE Digest

12:f4:3b:b9:51:88:92:ea:6c:22:17:9b:ff:25:34:68:01:88:60:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

AllocConsole

GetConsoleCP

GetConsoleMode

GetConsoleOutputCP

GetNumberOfConsoleInputEvents

PeekConsoleInputA

ReadConsoleA

ReadConsoleInputA

ReadConsoleInputW

ReadConsoleW

SetConsoleCtrlHandler

SetConsoleMode

WriteConsoleA

WriteConsoleW

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-datetime-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

f4:19:d0:30:9a:81:75:94:12:46:79:a5:33:ce:59:fd:58:5b:e3:25:42:6a:87:ee:2b:0d:2e:5a:2d:f9:5f:14
Signer

Actual PE Digest

f4:19:d0:30:9a:81:75:94:12:46:79:a5:33:ce:59:fd:58:5b:e3:25:42:6a:87:ee:2b:0d:2e:5a:2d:f9:5f:14

Digest Algorithm

sha256

PE Digest Matches

true

25:7b:57:dc:5f:6d:78:53:f3:94:11:95:01:c0:d7:13:a4:b4:ad:6c
Signer

Actual PE Digest

25:7b:57:dc:5f:6d:78:53:f3:94:11:95:01:c0:d7:13:a4:b4:ad:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

GetDateFormatA

GetDateFormatW

GetTimeFormatA

GetTimeFormatW

Sections

.rdata
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-debug-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

32:ba:58:20:a4:4e:a8:13:9f:d3:29:8b:6b:d5:32:0b:95:5b:95:17:14:fa:6d:5f:17:20:db:64:96:97:24:26
Signer

Actual PE Digest

32:ba:58:20:a4:4e:a8:13:9f:d3:29:8b:6b:d5:32:0b:95:5b:95:17:14:fa:6d:5f:17:20:db:64:96:97:24:26

Digest Algorithm

sha256

PE Digest Matches

true

31:29:51:42:aa:8e:90:ce:dc:41:47:64:41:6d:63:20:54:69:4f:56
Signer

Actual PE Digest

31:29:51:42:aa:8e:90:ce:dc:41:47:64:41:6d:63:20:54:69:4f:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

DebugBreak

IsDebuggerPresent

OutputDebugStringA

OutputDebugStringW

Sections

.rdata
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-errorhandling-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

b8:c4:71:9f:75:a9:c5:43:4f:d0:4e:73:ac:89:12:eb:a7:19:72:7f:52:cf:a5:d6:d7:6e:d6:30:cd:e9:ec:22
Signer

Actual PE Digest

b8:c4:71:9f:75:a9:c5:43:4f:d0:4e:73:ac:89:12:eb:a7:19:72:7f:52:cf:a5:d6:d7:6e:d6:30:cd:e9:ec:22

Digest Algorithm

sha256

PE Digest Matches

true

8c:d5:3a:0a:16:47:49:65:34:5f:25:8b:cc:5e:49:4d:d1:25:f6:13
Signer

Actual PE Digest

8c:d5:3a:0a:16:47:49:65:34:5f:25:8b:cc:5e:49:4d:d1:25:f6:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

GetErrorMode

GetLastError

RaiseException

SetErrorMode

SetLastError

SetUnhandledExceptionFilter

UnhandledExceptionFilter

Sections

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a9:fc:f1:84:30:f2:70:be:55:7d:4f:d5:89:61:39:d6:80:10:c6:4f:22:ee:8c:4c:66:a7:00:17:e9:da:c5:38
Signer

Actual PE Digest

a9:fc:f1:84:30:f2:70:be:55:7d:4f:d5:89:61:39:d6:80:10:c6:4f:22:ee:8c:4c:66:a7:00:17:e9:da:c5:38

Digest Algorithm

sha256

PE Digest Matches

true

c0:6e:08:94:c2:93:0d:3f:b8:33:1d:fb:61:02:c4:16:f2:8c:9d:c2
Signer

Actual PE Digest

c0:6e:08:94:c2:93:0d:3f:b8:33:1d:fb:61:02:c4:16:f2:8c:9d:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-1-0.pdb

Exports

CompareFileTime

CreateDirectoryA

CreateDirectoryW

CreateFileA

CreateFileW

DefineDosDeviceW

DeleteFileA

DeleteFileW

DeleteVolumeMountPointW

FileTimeToLocalFileTime

FindClose

FindCloseChangeNotification

FindFirstChangeNotificationA

FindFirstChangeNotificationW

FindFirstFileA

FindFirstFileExA

FindFirstFileExW

FindFirstFileW

FindFirstVolumeW

FindNextChangeNotification

FindNextFileA

FindNextFileW

FindNextVolumeW

FindVolumeClose

FlushFileBuffers

GetDiskFreeSpaceA

GetDiskFreeSpaceExA

GetDiskFreeSpaceExW

GetDiskFreeSpaceW

GetDriveTypeA

GetDriveTypeW

GetFileAttributesA

GetFileAttributesExA

GetFileAttributesExW

GetFileAttributesW

GetFileInformationByHandle

GetFileSize

GetFileSizeEx

GetFileTime

GetFileType

GetFinalPathNameByHandleA

GetFinalPathNameByHandleW

GetFullPathNameA

GetFullPathNameW

GetLogicalDriveStringsW

GetLogicalDrives

GetLongPathNameA

GetLongPathNameW

GetShortPathNameW

GetTempFileNameW

GetVolumeInformationByHandleW

GetVolumeInformationW

GetVolumePathNameW

LocalFileTimeToFileTime

LockFile

LockFileEx

QueryDosDeviceW

ReadFile

ReadFileEx

ReadFileScatter

RemoveDirectoryA

RemoveDirectoryW

SetEndOfFile

SetFileAttributesA

SetFileAttributesW

SetFileInformationByHandle

SetFilePointer

SetFilePointerEx

SetFileTime

SetFileValidData

UnlockFile

UnlockFileEx

WriteFile

WriteFileEx

WriteFileGather

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

38:09:76:b4:e3:9d:4f:d8:b4:62:dc:0e:c9:f5:59:a2:04:64:13:77:6b:23:a3:5b:f1:d7:b1:42:cb:61:0e:ba
Signer

Actual PE Digest

38:09:76:b4:e3:9d:4f:d8:b4:62:dc:0e:c9:f5:59:a2:04:64:13:77:6b:23:a3:5b:f1:d7:b1:42:cb:61:0e:ba

Digest Algorithm

sha256

PE Digest Matches

true

eb:b6:3f:4e:26:54:5e:5b:0f:b8:0d:56:68:24:23:e1:f8:38:9b:45
Signer

Actual PE Digest

eb:b6:3f:4e:26:54:5e:5b:0f:b8:0d:56:68:24:23:e1:f8:38:9b:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-2-0.pdb

Exports

CreateFile2

GetTempPathW

GetVolumeNameForVolumeMountPointW

GetVolumePathNamesForVolumeNameW

Sections

.rdata
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-file-l2-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

fc:b2:31:d8:e3:53:e5:76:d2:5e:ea:74:92:52:50:33:93:24:4a:f2:da:3b:b8:99:5e:6f:ad:51:2d:b7:9c:57
Signer

Actual PE Digest

fc:b2:31:d8:e3:53:e5:76:d2:5e:ea:74:92:52:50:33:93:24:4a:f2:da:3b:b8:99:5e:6f:ad:51:2d:b7:9c:57

Digest Algorithm

sha256

PE Digest Matches

true

6f:3d:04:ff:52:02:17:37:a2:eb:a4:ee:5c:2d:fc:74:ff:6c:5f:06
Signer

Actual PE Digest

6f:3d:04:ff:52:02:17:37:a2:eb:a4:ee:5c:2d:fc:74:ff:6c:5f:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l2-1-0.pdb

Exports

CopyFile2

CopyFileExW

CreateDirectoryExW

CreateHardLinkW

CreateSymbolicLinkW

GetFileInformationByHandleEx

MoveFileExW

MoveFileWithProgressW

ReOpenFile

ReadDirectoryChangesW

ReplaceFileW

Sections

.rdata
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-handle-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

b0:5a:57:9f:c2:fa:e7:e3:1f:db:4f:ef:ef:b1:33:38:d0:37:4f:bb:41:5d:cf:93:ee:a2:b4:c7:8c:e9:82:a9
Signer

Actual PE Digest

b0:5a:57:9f:c2:fa:e7:e3:1f:db:4f:ef:ef:b1:33:38:d0:37:4f:bb:41:5d:cf:93:ee:a2:b4:c7:8c:e9:82:a9

Digest Algorithm

sha256

PE Digest Matches

true

1a:30:d8:94:aa:d3:ff:89:c6:71:4e:66:c8:36:71:17:dc:8f:bc:1c
Signer

Actual PE Digest

1a:30:d8:94:aa:d3:ff:89:c6:71:4e:66:c8:36:71:17:dc:8f:bc:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

CloseHandle

CompareObjectHandles

DuplicateHandle

GetHandleInformation

SetHandleInformation

Sections

.rdata
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-heap-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

df:b9:d9:d5:c4:c0:6b:c7:3a:54:41:3b:5b:46:22:af:01:8a:5d:c8:6d:f3:47:98:10:97:4d:a6:ad:bc:62:92
Signer

Actual PE Digest

df:b9:d9:d5:c4:c0:6b:c7:3a:54:41:3b:5b:46:22:af:01:8a:5d:c8:6d:f3:47:98:10:97:4d:a6:ad:bc:62:92

Digest Algorithm

sha256

PE Digest Matches

true

a2:92:ce:3a:03:29:e2:15:83:41:d6:32:5d:a8:bf:37:8d:d0:13:6e
Signer

Actual PE Digest

a2:92:ce:3a:03:29:e2:15:83:41:d6:32:5d:a8:bf:37:8d:d0:13:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-heap-l1-1-0.pdb

Exports

GetProcessHeap

GetProcessHeaps

HeapAlloc

HeapCompact

HeapCreate

HeapDestroy

HeapFree

HeapLock

HeapQueryInformation

HeapReAlloc

HeapSetInformation

HeapSize

HeapSummary

HeapUnlock

HeapValidate

HeapWalk

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-interlocked-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

22:bc:21:d9:6a:f4:91:3b:f9:f9:31:76:29:1e:74:91:61:a3:dc:8b:2f:1c:f8:2d:c8:52:67:63:f8:cb:de:ae
Signer

Actual PE Digest

22:bc:21:d9:6a:f4:91:3b:f9:f9:31:76:29:1e:74:91:61:a3:dc:8b:2f:1c:f8:2d:c8:52:67:63:f8:cb:de:ae

Digest Algorithm

sha256

PE Digest Matches

true

1b:ff:58:9a:66:36:ce:e8:47:c2:6d:35:74:fb:7e:f9:a4:70:dd:b4
Signer

Actual PE Digest

1b:ff:58:9a:66:36:ce:e8:47:c2:6d:35:74:fb:7e:f9:a4:70:dd:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-interlocked-l1-1-0.pdb

Exports

InitializeSListHead

InterlockedFlushSList

InterlockedPopEntrySList

InterlockedPushEntrySList

QueryDepthSList

Sections

.rdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-libraryloader-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

4b:f8:98:e7:0a:ad:54:66:5f:5a:e2:75:d8:8d:af:34:cf:a1:90:30:18:95:63:3e:b2:ca:d2:d7:b3:db:47:ad
Signer

Actual PE Digest

4b:f8:98:e7:0a:ad:54:66:5f:5a:e2:75:d8:8d:af:34:cf:a1:90:30:18:95:63:3e:b2:ca:d2:d7:b3:db:47:ad

Digest Algorithm

sha256

PE Digest Matches

true

33:cb:23:73:a8:5e:5b:8b:52:3c:3b:1c:04:75:64:fc:9e:da:1d:b4
Signer

Actual PE Digest

33:cb:23:73:a8:5e:5b:8b:52:3c:3b:1c:04:75:64:fc:9e:da:1d:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-l1-1-0.pdb

Exports

DisableThreadLibraryCalls

FindResourceExW

FindStringOrdinal

FreeLibrary

FreeLibraryAndExitThread

FreeResource

GetModuleFileNameA

GetModuleFileNameW

GetModuleHandleA

GetModuleHandleExA

GetModuleHandleExW

GetModuleHandleW

GetProcAddress

LoadLibraryExA

LoadLibraryExW

LoadResource

LockResource

SizeofResource

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-localization-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

09:17:78:0e:c8:c8:b1:01:69:29:ea:b7:b9:7f:93:55:78:e2:1d:0c:a3:55:ca:d4:2c:bd:b0:bc:d3:49:ae:bc
Signer

Actual PE Digest

09:17:78:0e:c8:c8:b1:01:69:29:ea:b7:b9:7f:93:55:78:e2:1d:0c:a3:55:ca:d4:2c:bd:b0:bc:d3:49:ae:bc

Digest Algorithm

sha256

PE Digest Matches

true

6a:6c:5b:8c:1e:27:87:98:15:50:b5:0e:23:56:fa:19:38:76:9a:b8
Signer

Actual PE Digest

6a:6c:5b:8c:1e:27:87:98:15:50:b5:0e:23:56:fa:19:38:76:9a:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-localization-l1-2-0.pdb

Exports

ConvertDefaultLocale

EnumSystemGeoID

EnumSystemLocalesA

EnumSystemLocalesW

FindNLSString

FindNLSStringEx

FormatMessageA

FormatMessageW

GetACP

GetCPInfo

GetCPInfoExW

GetCalendarInfoEx

GetCalendarInfoW

GetFileMUIInfo

GetFileMUIPath

GetGeoInfoW

GetLocaleInfoA

GetLocaleInfoEx

GetLocaleInfoW

GetNLSVersion

GetNLSVersionEx

GetOEMCP

GetProcessPreferredUILanguages

GetSystemDefaultLCID

GetSystemDefaultLangID

GetSystemPreferredUILanguages

GetThreadLocale

GetThreadPreferredUILanguages

GetThreadUILanguage

GetUILanguageInfo

GetUserDefaultLCID

GetUserDefaultLangID

GetUserDefaultLocaleName

GetUserGeoID

GetUserPreferredUILanguages

IdnToAscii

IdnToUnicode

IsDBCSLeadByte

IsDBCSLeadByteEx

IsNLSDefinedString

IsValidCodePage

IsValidLanguageGroup

IsValidLocale

IsValidLocaleName

IsValidNLSVersion

LCMapStringA

LCMapStringEx

LCMapStringW

LocaleNameToLCID

ResolveLocaleName

SetCalendarInfoW

SetLocaleInfoW

SetProcessPreferredUILanguages

SetThreadLocale

SetThreadPreferredUILanguages

SetThreadUILanguage

SetUserGeoID

VerLanguageNameA

VerLanguageNameW

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-memory-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

c8:89:13:24:56:ab:c8:b4:c7:1d:9a:ee:05:16:15:75:31:7a:89:cb:6b:a1:28:eb:58:33:38:35:cb:8a:04:98
Signer

Actual PE Digest

c8:89:13:24:56:ab:c8:b4:c7:1d:9a:ee:05:16:15:75:31:7a:89:cb:6b:a1:28:eb:58:33:38:35:cb:8a:04:98

Digest Algorithm

sha256

PE Digest Matches

true

42:b1:1d:88:ec:72:f1:43:a5:cd:d4:4c:63:29:8d:7d:ae:c8:19:2b
Signer

Actual PE Digest

42:b1:1d:88:ec:72:f1:43:a5:cd:d4:4c:63:29:8d:7d:ae:c8:19:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-memory-l1-1-0.pdb

Exports

CreateFileMappingW

FlushViewOfFile

MapViewOfFile

MapViewOfFileEx

OpenFileMappingW

ReadProcessMemory

UnmapViewOfFile

VirtualAlloc

VirtualAllocEx

VirtualFree

VirtualFreeEx

VirtualProtect

VirtualProtectEx

VirtualQuery

VirtualQueryEx

WriteProcessMemory

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-namedpipe-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

34:0b:6f:b0:f3:53:45:e2:46:47:a8:84:79:2a:d4:f3:17:8d:e0:2f:b6:89:66:fa:2a:3d:27:4b:c6:5a:f1:1f
Signer

Actual PE Digest

34:0b:6f:b0:f3:53:45:e2:46:47:a8:84:79:2a:d4:f3:17:8d:e0:2f:b6:89:66:fa:2a:3d:27:4b:c6:5a:f1:1f

Digest Algorithm

sha256

PE Digest Matches

true

3a:29:ee:dd:a1:79:79:cc:5c:7a:eb:92:dc:4b:8a:7c:1c:8c:e6:1d
Signer

Actual PE Digest

3a:29:ee:dd:a1:79:79:cc:5c:7a:eb:92:dc:4b:8a:7c:1c:8c:e6:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-namedpipe-l1-1-0.pdb

Exports

ConnectNamedPipe

CreateNamedPipeW

CreatePipe

DisconnectNamedPipe

GetNamedPipeClientComputerNameW

ImpersonateNamedPipeClient

PeekNamedPipe

SetNamedPipeHandleState

TransactNamedPipe

WaitNamedPipeW

Sections

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processenvironment-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

67:5d:52:ba:08:81:7b:9a:d0:b6:84:28:80:c2:54:a5:a0:6d:d8:40:65:76:7f:6d:91:47:c5:6f:1b:b6:c8:f5
Signer

Actual PE Digest

67:5d:52:ba:08:81:7b:9a:d0:b6:84:28:80:c2:54:a5:a0:6d:d8:40:65:76:7f:6d:91:47:c5:6f:1b:b6:c8:f5

Digest Algorithm

sha256

PE Digest Matches

true

3a:8d:8e:e0:8d:73:b9:9f:8c:c9:fd:a7:ce:ed:62:04:b8:6c:27:42
Signer

Actual PE Digest

3a:8d:8e:e0:8d:73:b9:9f:8c:c9:fd:a7:ce:ed:62:04:b8:6c:27:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processenvironment-l1-1-0.pdb

Exports

ExpandEnvironmentStringsA

ExpandEnvironmentStringsW

FreeEnvironmentStringsA

FreeEnvironmentStringsW

GetCommandLineA

GetCommandLineW

GetCurrentDirectoryA

GetCurrentDirectoryW

GetEnvironmentStrings

GetEnvironmentStringsW

GetEnvironmentVariableA

GetEnvironmentVariableW

GetStdHandle

SearchPathW

SetCurrentDirectoryA

SetCurrentDirectoryW

SetEnvironmentStringsW

SetEnvironmentVariableA

SetEnvironmentVariableW

SetStdHandle

SetStdHandleEx

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processthreads-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

15:d7:7f:f1:a5:64:96:81:25:dd:ac:69:3c:a2:10:bc:86:e1:72:76:cc:f8:96:d6:94:a8:de:7d:71:b1:f7:fe
Signer

Actual PE Digest

15:d7:7f:f1:a5:64:96:81:25:dd:ac:69:3c:a2:10:bc:86:e1:72:76:cc:f8:96:d6:94:a8:de:7d:71:b1:f7:fe

Digest Algorithm

sha256

PE Digest Matches

true

87:99:12:a8:eb:69:86:83:a7:b5:e5:a9:3f:90:62:bf:92:3b:f5:9f
Signer

Actual PE Digest

87:99:12:a8:eb:69:86:83:a7:b5:e5:a9:3f:90:62:bf:92:3b:f5:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-0.pdb

Exports

CreateProcessA

CreateProcessAsUserW

CreateProcessW

CreateRemoteThread

CreateRemoteThreadEx

CreateThread

DeleteProcThreadAttributeList

ExitProcess

ExitThread

FlushProcessWriteBuffers

GetCurrentProcess

GetCurrentProcessId

GetCurrentThread

GetCurrentThreadId

GetExitCodeProcess

GetExitCodeThread

GetPriorityClass

GetProcessId

GetProcessIdOfThread

GetProcessTimes

GetProcessVersion

GetStartupInfoW

GetThreadId

GetThreadPriority

GetThreadPriorityBoost

InitializeProcThreadAttributeList

OpenProcessToken

OpenThread

OpenThreadToken

ProcessIdToSessionId

QueryProcessAffinityUpdateMode

QueueUserAPC

ResumeThread

SetPriorityClass

SetProcessAffinityUpdateMode

SetProcessShutdownParameters

SetThreadPriority

SetThreadPriorityBoost

SetThreadStackGuarantee

SetThreadToken

SuspendThread

SwitchToThread

TerminateProcess

TerminateThread

TlsAlloc

TlsFree

TlsGetValue

TlsSetValue

UpdateProcThreadAttribute

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-processthreads-l1-1-1.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

e8:46:0a:e1:7f:83:77:e2:ef:2d:60:d7:55:5c:ff:a9:66:5d:d9:36:77:fd:86:78:75:2c:2e:f7:c0:8d:b4:11
Signer

Actual PE Digest

e8:46:0a:e1:7f:83:77:e2:ef:2d:60:d7:55:5c:ff:a9:66:5d:d9:36:77:fd:86:78:75:2c:2e:f7:c0:8d:b4:11

Digest Algorithm

sha256

PE Digest Matches

true

de:b1:73:ef:3e:05:78:7e:5a:5a:e0:fd:4e:bb:76:5f:3e:23:28:87
Signer

Actual PE Digest

de:b1:73:ef:3e:05:78:7e:5a:5a:e0:fd:4e:bb:76:5f:3e:23:28:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-1.pdb

Exports

FlushInstructionCache

GetCurrentProcessorNumber

GetCurrentProcessorNumberEx

GetCurrentThreadStackLimits

GetProcessHandleCount

GetProcessMitigationPolicy

GetThreadContext

GetThreadIdealProcessorEx

GetThreadTimes

IsProcessorFeaturePresent

OpenProcess

SetProcessMitigationPolicy

SetThreadContext

SetThreadIdealProcessorEx

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-profile-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

58:fb:c4:0d:4d:31:53:bd:ee:14:2f:34:92:60:d4:86:f5:6b:21:31:6f:17:66:50:ac:ec:01:98:6f:80:e2:1a
Signer

Actual PE Digest

58:fb:c4:0d:4d:31:53:bd:ee:14:2f:34:92:60:d4:86:f5:6b:21:31:6f:17:66:50:ac:ec:01:98:6f:80:e2:1a

Digest Algorithm

sha256

PE Digest Matches

true

3f:fb:52:42:5a:a7:5b:77:61:ec:f8:db:f1:c5:10:cd:e3:ac:56:d7
Signer

Actual PE Digest

3f:fb:52:42:5a:a7:5b:77:61:ec:f8:db:f1:c5:10:cd:e3:ac:56:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-profile-l1-1-0.pdb

Exports

QueryPerformanceCounter

QueryPerformanceFrequency

Sections

.rdata
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-rtlsupport-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

80:37:93:bf:54:7f:d3:df:17:73:0b:f9:fd:3f:c7:0f:45:a7:9e:ad:65:36:33:2f:9b:44:63:43:c6:b7:36:12
Signer

Actual PE Digest

80:37:93:bf:54:7f:d3:df:17:73:0b:f9:fd:3f:c7:0f:45:a7:9e:ad:65:36:33:2f:9b:44:63:43:c6:b7:36:12

Digest Algorithm

sha256

PE Digest Matches

true

bf:5c:c4:ca:4b:59:5d:d4:a6:77:ee:95:ad:cd:2c:cb:d0:92:0d:b1
Signer

Actual PE Digest

bf:5c:c4:ca:4b:59:5d:d4:a6:77:ee:95:ad:cd:2c:cb:d0:92:0d:b1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-rtlsupport-l1-1-0.pdb

Exports

RtlAddFunctionTable

RtlCaptureContext

RtlCaptureStackBackTrace

RtlCompareMemory

RtlDeleteFunctionTable

RtlInstallFunctionTableCallback

RtlLookupFunctionEntry

RtlPcToFileHeader

RtlRaiseException

RtlRestoreContext

RtlUnwind

RtlUnwindEx

RtlVirtualUnwind

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-string-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

d4:10:4e:74:14:23:25:61:72:61:c9:c9:ac:bc:85:66:5f:91:b7:6b:cd:f2:77:3a:dd:ab:60:1c:a1:88:74:b9
Signer

Actual PE Digest

d4:10:4e:74:14:23:25:61:72:61:c9:c9:ac:bc:85:66:5f:91:b7:6b:cd:f2:77:3a:dd:ab:60:1c:a1:88:74:b9

Digest Algorithm

sha256

PE Digest Matches

true

2c:37:e7:33:34:a0:6c:28:29:0a:ac:fb:fd:7a:b8:83:46:a0:0f:91
Signer

Actual PE Digest

2c:37:e7:33:34:a0:6c:28:29:0a:ac:fb:fd:7a:b8:83:46:a0:0f:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

CompareStringEx

CompareStringOrdinal

CompareStringW

FoldStringW

GetStringTypeExW

GetStringTypeW

MultiByteToWideChar

WideCharToMultiByte

Sections

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-synch-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a0:a5:b7:f6:5c:bd:9c:2a:2d:c6:25:e7:29:0d:e1:2c:8f:cf:cd:b1:62:2e:53:61:8e:ec:8c:99:73:03:0f:fc
Signer

Actual PE Digest

a0:a5:b7:f6:5c:bd:9c:2a:2d:c6:25:e7:29:0d:e1:2c:8f:cf:cd:b1:62:2e:53:61:8e:ec:8c:99:73:03:0f:fc

Digest Algorithm

sha256

PE Digest Matches

true

c9:bf:fc:88:28:f6:5c:5e:27:e8:ce:50:25:e2:63:82:f3:70:38:98
Signer

Actual PE Digest

c9:bf:fc:88:28:f6:5c:5e:27:e8:ce:50:25:e2:63:82:f3:70:38:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

AcquireSRWLockExclusive

AcquireSRWLockShared

CancelWaitableTimer

CreateEventA

CreateEventExA

CreateEventExW

CreateEventW

CreateMutexA

CreateMutexExA

CreateMutexExW

CreateMutexW

CreateSemaphoreExW

CreateWaitableTimerExW

DeleteCriticalSection

EnterCriticalSection

InitializeCriticalSection

InitializeCriticalSectionAndSpinCount

InitializeCriticalSectionEx

InitializeSRWLock

LeaveCriticalSection

OpenEventA

OpenEventW

OpenMutexW

OpenSemaphoreW

OpenWaitableTimerW

ReleaseMutex

ReleaseSRWLockExclusive

ReleaseSRWLockShared

ReleaseSemaphore

ResetEvent

SetCriticalSectionSpinCount

SetEvent

SetWaitableTimer

SetWaitableTimerEx

SleepEx

TryAcquireSRWLockExclusive

TryAcquireSRWLockShared

TryEnterCriticalSection

WaitForMultipleObjectsEx

WaitForSingleObject

WaitForSingleObjectEx

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-synch-l1-2-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

80:8f:b3:f2:d7:19:44:17:cd:25:db:1b:92:c1:d6:7b:72:cd:88:41:39:2c:f1:99:26:91:bb:6f:5b:d0:d6:07
Signer

Actual PE Digest

80:8f:b3:f2:d7:19:44:17:cd:25:db:1b:92:c1:d6:7b:72:cd:88:41:39:2c:f1:99:26:91:bb:6f:5b:d0:d6:07

Digest Algorithm

sha256

PE Digest Matches

true

fc:ac:4d:ab:e5:9a:ca:6f:68:71:fa:90:63:af:f4:7a:79:ce:82:87
Signer

Actual PE Digest

fc:ac:4d:ab:e5:9a:ca:6f:68:71:fa:90:63:af:f4:7a:79:ce:82:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-2-0.pdb

Exports

DeleteSynchronizationBarrier

EnterSynchronizationBarrier

InitOnceBeginInitialize

InitOnceComplete

InitOnceExecuteOnce

InitOnceInitialize

InitializeConditionVariable

InitializeSynchronizationBarrier

SignalObjectAndWait

Sleep

SleepConditionVariableCS

SleepConditionVariableSRW

WaitOnAddress

WakeAllConditionVariable

WakeByAddressAll

WakeByAddressSingle

WakeConditionVariable

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-sysinfo-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

3a:55:6e:f2:84:e5:97:4f:30:ba:3c:8d:26:23:d2:69:21:5a:4a:77:d0:32:24:96:43:25:c1:82:4a:33:57:26
Signer

Actual PE Digest

3a:55:6e:f2:84:e5:97:4f:30:ba:3c:8d:26:23:d2:69:21:5a:4a:77:d0:32:24:96:43:25:c1:82:4a:33:57:26

Digest Algorithm

sha256

PE Digest Matches

true

3c:2f:01:6b:52:16:c5:74:cb:91:76:ca:69:6f:e7:4a:e4:09:21:89
Signer

Actual PE Digest

3c:2f:01:6b:52:16:c5:74:cb:91:76:ca:69:6f:e7:4a:e4:09:21:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-sysinfo-l1-1-0.pdb

Exports

GetComputerNameExA

GetComputerNameExW

GetLocalTime

GetLogicalProcessorInformation

GetLogicalProcessorInformationEx

GetSystemDirectoryA

GetSystemDirectoryW

GetSystemInfo

GetSystemTime

GetSystemTimeAdjustment

GetSystemTimeAsFileTime

GetSystemWindowsDirectoryA

GetSystemWindowsDirectoryW

GetTickCount

GetTickCount64

GetVersion

GetVersionExA

GetVersionExW

GetWindowsDirectoryA

GetWindowsDirectoryW

GlobalMemoryStatusEx

SetLocalTime

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-timezone-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a3:ef:80:56:d5:ed:f2:d4:12:94:75:e0:8e:35:77:12:38:c9:87:42:87:41:92:34:b5:34:a2:42:0d:ab:1e:f3
Signer

Actual PE Digest

a3:ef:80:56:d5:ed:f2:d4:12:94:75:e0:8e:35:77:12:38:c9:87:42:87:41:92:34:b5:34:a2:42:0d:ab:1e:f3

Digest Algorithm

sha256

PE Digest Matches

true

7f:01:c4:6d:2b:99:1b:4b:a9:b1:c3:e9:6f:02:1a:0c:34:dd:f9:8e
Signer

Actual PE Digest

7f:01:c4:6d:2b:99:1b:4b:a9:b1:c3:e9:6f:02:1a:0c:34:dd:f9:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-timezone-l1-1-0.pdb

Exports

FileTimeToSystemTime

GetDynamicTimeZoneInformation

GetTimeZoneInformation

GetTimeZoneInformationForYear

SetDynamicTimeZoneInformation

SetTimeZoneInformation

SystemTimeToFileTime

SystemTimeToTzSpecificLocalTime

TzSpecificLocalTimeToSystemTime

Sections

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-core-util-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

bc:81:10:b8:59:9a:d2:c5:1c:02:62:23:48:d7:02:e6:07:05:f5:a0:bb:a0:0b:f4:5d:19:ff:2e:ac:21:47:23
Signer

Actual PE Digest

bc:81:10:b8:59:9a:d2:c5:1c:02:62:23:48:d7:02:e6:07:05:f5:a0:bb:a0:0b:f4:5d:19:ff:2e:ac:21:47:23

Digest Algorithm

sha256

PE Digest Matches

true

84:0f:bd:e1:d0:84:8e:e4:db:a9:8b:22:0c:bc:ce:48:89:d0:7b:a8
Signer

Actual PE Digest

84:0f:bd:e1:d0:84:8e:e4:db:a9:8b:22:0c:bc:ce:48:89:d0:7b:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-util-l1-1-0.pdb

Exports

Beep

DecodePointer

DecodeSystemPointer

EncodePointer

EncodeSystemPointer

Sections

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-conio-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

23:58:a1:d3:25:d9:b7:3a:6a:32:70:c9:f6:78:2f:88:b1:f2:0c:fa:7f:c3:98:79:3d:07:af:2d:c7:7c:88:82
Signer

Actual PE Digest

23:58:a1:d3:25:d9:b7:3a:6a:32:70:c9:f6:78:2f:88:b1:f2:0c:fa:7f:c3:98:79:3d:07:af:2d:c7:7c:88:82

Digest Algorithm

sha256

PE Digest Matches

true

9b:0c:6e:8d:84:9a:ff:4d:6a:93:ee:66:96:a8:6b:f5:ae:e2:fa:9b
Signer

Actual PE Digest

9b:0c:6e:8d:84:9a:ff:4d:6a:93:ee:66:96:a8:6b:f5:ae:e2:fa:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-conio-l1-1-0.pdb

Exports

__conio_common_vcprintf

__conio_common_vcprintf_p

__conio_common_vcprintf_s

__conio_common_vcscanf

__conio_common_vcwprintf

__conio_common_vcwprintf_p

__conio_common_vcwprintf_s

__conio_common_vcwscanf

_cgets

_cgets_s

_cgetws

_cgetws_s

_cputs

_cputws

_getch

_getch_nolock

_getche

_getche_nolock

_getwch

_getwch_nolock

_getwche

_getwche_nolock

_putch

_putch_nolock

_putwch

_putwch_nolock

_ungetch

_ungetch_nolock

_ungetwch

_ungetwch_nolock

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-convert-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a6:c2:10:35:21:c0:ac:bf:76:00:e9:cc:95:b3:24:55:bc:6b:9d:4d:ab:31:ab:96:5e:e4:d7:5d:51:fe:86:c8
Signer

Actual PE Digest

a6:c2:10:35:21:c0:ac:bf:76:00:e9:cc:95:b3:24:55:bc:6b:9d:4d:ab:31:ab:96:5e:e4:d7:5d:51:fe:86:c8

Digest Algorithm

sha256

PE Digest Matches

true

48:9b:cd:2e:3c:33:a4:ba:bd:f8:f6:14:f4:a0:e9:38:cd:04:ca:2c
Signer

Actual PE Digest

48:9b:cd:2e:3c:33:a4:ba:bd:f8:f6:14:f4:a0:e9:38:cd:04:ca:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

__toascii

_atodbl

_atodbl_l

_atof_l

_atoflt

_atoflt_l

_atoi64

_atoi64_l

_atoi_l

_atol_l

_atoldbl

_atoldbl_l

_atoll_l

_ecvt

_ecvt_s

_fcvt

_fcvt_s

_gcvt

_gcvt_s

_i64toa

_i64toa_s

_i64tow

_i64tow_s

_itoa

_itoa_s

_itow

_itow_s

_ltoa

_ltoa_s

_ltow

_ltow_s

_strtod_l

_strtof_l

_strtoi64

_strtoi64_l

_strtoimax_l

_strtol_l

_strtold_l

_strtoll_l

_strtoui64

_strtoui64_l

_strtoul_l

_strtoull_l

_strtoumax_l

_ui64toa

_ui64toa_s

_ui64tow

_ui64tow_s

_ultoa

_ultoa_s

_ultow

_ultow_s

_wcstod_l

_wcstof_l

_wcstoi64

_wcstoi64_l

_wcstoimax_l

_wcstol_l

_wcstold_l

_wcstoll_l

_wcstombs_l

_wcstombs_s_l

_wcstoui64

_wcstoui64_l

_wcstoul_l

_wcstoull_l

_wcstoumax_l

_wctomb_l

_wctomb_s_l

_wtof

_wtof_l

_wtoi

_wtoi64

_wtoi64_l

_wtoi_l

_wtol

_wtol_l

_wtoll

_wtoll_l

atof

atoi

atol

atoll

btowc

c16rtomb

c32rtomb

mbrtoc16

mbrtoc32

mbrtowc

mbsrtowcs

mbsrtowcs_s

mbstowcs

mbstowcs_s

mbtowc

strtod

strtof

strtoimax

strtol

strtold

strtoll

strtoul

strtoull

strtoumax

wcrtomb

wcrtomb_s

wcsrtombs

wcsrtombs_s

wcstod

wcstof

wcstoimax

wcstol

wcstold

wcstoll

wcstombs

wcstombs_s

wcstoul

wcstoull

wcstoumax

wctob

wctomb

wctomb_s

wctrans

Sections

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-environment-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ce:9a:a7:38:c5:49:1f:0f:4e:f9:0d:4c:d3:20:9a:51:47:d0:9b:6d:dd:81:99:1f:a3:de:9e:8d:8b:56:18:1e
Signer

Actual PE Digest

ce:9a:a7:38:c5:49:1f:0f:4e:f9:0d:4c:d3:20:9a:51:47:d0:9b:6d:dd:81:99:1f:a3:de:9e:8d:8b:56:18:1e

Digest Algorithm

sha256

PE Digest Matches

true

64:87:e5:30:f3:50:69:27:38:3a:8f:d5:78:74:d1:ad:93:61:cf:31
Signer

Actual PE Digest

64:87:e5:30:f3:50:69:27:38:3a:8f:d5:78:74:d1:ad:93:61:cf:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

__p__environ

__p__wenviron

_dupenv_s

_putenv

_putenv_s

_searchenv

_searchenv_s

_wdupenv_s

_wgetcwd

_wgetdcwd

_wgetenv

_wgetenv_s

_wputenv

_wputenv_s

_wsearchenv

_wsearchenv_s

getenv

getenv_s

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-filesystem-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

58:98:a4:8c:19:c3:34:ae:c6:77:bd:e6:a0:81:aa:e8:06:89:00:0f:67:a4:94:0e:25:b0:74:0a:ce:18:79:8b
Signer

Actual PE Digest

58:98:a4:8c:19:c3:34:ae:c6:77:bd:e6:a0:81:aa:e8:06:89:00:0f:67:a4:94:0e:25:b0:74:0a:ce:18:79:8b

Digest Algorithm

sha256

PE Digest Matches

true

e2:00:e5:80:92:3e:78:c9:91:4a:a3:5b:28:09:93:a2:c3:e1:6c:c8
Signer

Actual PE Digest

e2:00:e5:80:92:3e:78:c9:91:4a:a3:5b:28:09:93:a2:c3:e1:6c:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-filesystem-l1-1-0.pdb

Exports

_access

_access_s

_chdir

_chdrive

_chmod

_findclose

_findfirst32

_findfirst32i64

_findfirst64

_findfirst64i32

_findnext32

_findnext32i64

_findnext64

_findnext64i32

_fstat32

_fstat32i64

_fstat64

_fstat64i32

_fullpath

_getdiskfree

_getdrive

_getdrives

_lock_file

_makepath

_makepath_s

_mkdir

_rmdir

_splitpath

_splitpath_s

_stat32

_stat32i64

_stat64

_stat64i32

_umask

_umask_s

_unlink

_unlock_file

_waccess

_waccess_s

_wchdir

_wchmod

_wfindfirst32

_wfindfirst32i64

_wfindfirst64

_wfindfirst64i32

_wfindnext32

_wfindnext32i64

_wfindnext64

_wfindnext64i32

_wfullpath

_wmakepath

_wmakepath_s

_wmkdir

_wremove

_wrename

_wrmdir

_wsplitpath

_wsplitpath_s

_wstat32

_wstat32i64

_wstat64

_wstat64i32

_wunlink

remove

rename

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-heap-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

15:e5:f6:c3:88:5f:e4:96:ac:a4:22:7f:5f:79:30:43:d2:0f:56:0a:67:ff:51:f2:d3:3c:34:da:18:39:63:49
Signer

Actual PE Digest

15:e5:f6:c3:88:5f:e4:96:ac:a4:22:7f:5f:79:30:43:d2:0f:56:0a:67:ff:51:f2:d3:3c:34:da:18:39:63:49

Digest Algorithm

sha256

PE Digest Matches

true

df:c7:8e:90:a7:35:c9:07:01:ff:a5:86:cd:39:9b:fe:f3:31:38:30
Signer

Actual PE Digest

df:c7:8e:90:a7:35:c9:07:01:ff:a5:86:cd:39:9b:fe:f3:31:38:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

_aligned_free

_aligned_malloc

_aligned_msize

_aligned_offset_malloc

_aligned_offset_realloc

_aligned_offset_recalloc

_aligned_realloc

_aligned_recalloc

_callnewh

_calloc_base

_expand

_free_base

_get_heap_handle

_heapchk

_heapmin

_heapwalk

_malloc_base

_msize

_query_new_handler

_query_new_mode

_realloc_base

_recalloc

_set_new_mode

calloc

free

malloc

realloc

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-locale-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:70:f4:18:bf:23:21:fc:50:9d:00:00:00:00:00:70
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:F528-3777-8A76,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

25:b8:7a:d3:2d:cb:d4:e0:03:6c:38:a0:06:17:63:db:3a:96:6f:b7:1d:eb:31:e4:9b:8e:a4:bd:2d:f4:69:ea
Signer

Actual PE Digest

25:b8:7a:d3:2d:cb:d4:e0:03:6c:38:a0:06:17:63:db:3a:96:6f:b7:1d:eb:31:e4:9b:8e:a4:bd:2d:f4:69:ea

Digest Algorithm

sha256

PE Digest Matches

true

22:f2:86:b5:0a:2e:4b:0c:f9:40:33:58:b3:51:3b:b1:63:55:00:b0
Signer

Actual PE Digest

22:f2:86:b5:0a:2e:4b:0c:f9:40:33:58:b3:51:3b:b1:63:55:00:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-locale-l1-1-0.pdb

Exports

___lc_codepage_func

___lc_collate_cp_func

___lc_locale_name_func

___mb_cur_max_func

___mb_cur_max_l_func

__initialize_lconv_for_unsigned_char

__pctype_func

__pwctype_func

_configthreadlocale

_create_locale

_free_locale

_get_current_locale

_getmbcp

_lock_locales

_setmbcp

_unlock_locales

_wcreate_locale

_wsetlocale

localeconv

setlocale

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-math-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

7b:a7:0b:e1:e9:b8:99:63:c5:73:e3:b7:29:95:35:9a:25:88:34:82:58:c9:d9:d9:28:aa:d6:3f:74:08:54:15
Signer

Actual PE Digest

7b:a7:0b:e1:e9:b8:99:63:c5:73:e3:b7:29:95:35:9a:25:88:34:82:58:c9:d9:d9:28:aa:d6:3f:74:08:54:15

Digest Algorithm

sha256

PE Digest Matches

true

c8:f2:07:e1:f4:a5:27:0e:ce:38:39:c3:48:1a:ff:f3:d9:27:21:6a
Signer

Actual PE Digest

c8:f2:07:e1:f4:a5:27:0e:ce:38:39:c3:48:1a:ff:f3:d9:27:21:6a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-math-l1-1-0.pdb

Exports

_Cbuild

_Cmulcc

_Cmulcr

_FCbuild

_FCmulcc

_FCmulcr

_LCbuild

_LCmulcc

_LCmulcr

__setusermatherr

_cabs

_chgsign

_chgsignf

_copysign

_copysignf

_d_int

_dclass

_dexp

_dlog

_dnorm

_dpcomp

_dpoly

_dscale

_dsign

_dsin

_dtest

_dunscale

_except1

_fd_int

_fdclass

_fdexp

_fdlog

_fdnorm

_fdopen

_fdpcomp

_fdpoly

_fdscale

_fdsign

_fdsin

_fdtest

_fdunscale

_finite

_finitef

_fpclass

_fpclassf

_get_FMA3_enable

_hypot

_hypotf

_isnan

_isnanf

_j0

_j1

_jn

_ld_int

_ldclass

_ldexp

_ldlog

_ldpcomp

_ldpoly

_ldscale

_ldsign

_ldsin

_ldtest

_ldunscale

_logb

_logbf

_nextafter

_nextafterf

_scalb

_scalbf

_set_FMA3_enable

_y0

_y1

_yn

acos

acosf

acosh

acoshf

acoshl

asin

asinf

asinh

asinhf

asinhl

atan

atan2

atan2f

atanf

atanh

atanhf

atanhl

cabs

cabsf

cabsl

cacos

cacosf

cacosh

cacoshf

cacoshl

cacosl

carg

cargf

cargl

casin

casinf

casinh

casinhf

casinhl

casinl

catan

catanf

catanh

catanhf

catanhl

catanl

cbrt

cbrtf

cbrtl

ccos

ccosf

ccosh

ccoshf

ccoshl

ccosl

ceil

ceilf

cexp

cexpf

cexpl

cimag

cimagf

cimagl

clog

clog10

clog10f

clog10l

clogf

clogl

conj

conjf

conjl

copysign

copysignf

copysignl

cos

cosf

cosh

coshf

cpow

cpowf

cpowl

cproj

cprojf

cprojl

creal

crealf

creall

csin

csinf

csinh

csinhf

csinhl

csinl

csqrt

csqrtf

csqrtl

ctan

ctanf

ctanh

ctanhf

ctanhl

ctanl

erf

erfc

erfcf

erfcl

erff

erfl

exp

exp2

exp2f

exp2l

expf

expm1

expm1f

expm1l

fabs

fdim

fdimf

fdiml

floor

floorf

fma

fmaf

fmal

fmax

fmaxf

fmaxl

fmin

fminf

fminl

fmod

fmodf

frexp

hypot

ilogb

ilogbf

ilogbl

ldexp

lgamma

lgammaf

lgammal

llrint

llrintf

llrintl

llround

llroundf

llroundl

log

log10

log10f

log1p

log1pf

log1pl

log2

log2f

log2l

logb

logbf

logbl

logf

lrint

lrintf

lrintl

lround

lroundf

lroundl

modf

modff

nan

nanf

nanl

nearbyint

nearbyintf

nearbyintl

nextafter

nextafterf

nextafterl

nexttoward

nexttowardf

nexttowardl

norm

normf

norml

pow

powf

remainder

remainderf

remainderl

remquo

remquof

remquol

rint

rintf

rintl

round

roundf

roundl

scalbln

scalblnf

scalblnl

scalbn

scalbnf

scalbnl

sin

sinf

sinh

sinhf

sqrt

sqrtf

tan

tanf

tanh

tanhf

tgamma

tgammaf

tgammal

trunc

truncf

truncl

Sections

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-multibyte-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ec:a8:85:44:5a:b7:7f:ac:d3:fc:e5:59:a7:ec:f6:aa:19:30:a6:7b:8d:0a:73:ed:69:a0:99:83:f4:67:5f:56
Signer

Actual PE Digest

ec:a8:85:44:5a:b7:7f:ac:d3:fc:e5:59:a7:ec:f6:aa:19:30:a6:7b:8d:0a:73:ed:69:a0:99:83:f4:67:5f:56

Digest Algorithm

sha256

PE Digest Matches

true

9d:c5:f1:ea:02:c8:05:49:35:3c:27:dc:30:1b:56:c1:d0:f6:04:e6
Signer

Actual PE Digest

9d:c5:f1:ea:02:c8:05:49:35:3c:27:dc:30:1b:56:c1:d0:f6:04:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-multibyte-l1-1-0.pdb

Exports

__p__mbcasemap

__p__mbctype

_ismbbalnum

_ismbbalnum_l

_ismbbalpha

_ismbbalpha_l

_ismbbblank

_ismbbblank_l

_ismbbgraph

_ismbbgraph_l

_ismbbkalnum

_ismbbkalnum_l

_ismbbkana

_ismbbkana_l

_ismbbkprint

_ismbbkprint_l

_ismbbkpunct

_ismbbkpunct_l

_ismbblead

_ismbblead_l

_ismbbprint

_ismbbprint_l

_ismbbpunct

_ismbbpunct_l

_ismbbtrail

_ismbbtrail_l

_ismbcalnum

_ismbcalnum_l

_ismbcalpha

_ismbcalpha_l

_ismbcblank

_ismbcblank_l

_ismbcdigit

_ismbcdigit_l

_ismbcgraph

_ismbcgraph_l

_ismbchira

_ismbchira_l

_ismbckata

_ismbckata_l

_ismbcl0

_ismbcl0_l

_ismbcl1

_ismbcl1_l

_ismbcl2

_ismbcl2_l

_ismbclegal

_ismbclegal_l

_ismbclower

_ismbclower_l

_ismbcprint

_ismbcprint_l

_ismbcpunct

_ismbcpunct_l

_ismbcspace

_ismbcspace_l

_ismbcsymbol

_ismbcsymbol_l

_ismbcupper

_ismbcupper_l

_ismbslead

_ismbslead_l

_ismbstrail

_ismbstrail_l

_mbbtombc

_mbbtombc_l

_mbbtype

_mbbtype_l

_mbcasemap

_mbccpy

_mbccpy_l

_mbccpy_s

_mbccpy_s_l

_mbcjistojms

_mbcjistojms_l

_mbcjmstojis

_mbcjmstojis_l

_mbclen

_mbclen_l

_mbctohira

_mbctohira_l

_mbctokata

_mbctokata_l

_mbctolower

_mbctolower_l

_mbctombb

_mbctombb_l

_mbctoupper

_mbctoupper_l

_mblen_l

_mbsbtype

_mbsbtype_l

_mbscat_s

_mbscat_s_l

_mbschr

_mbschr_l

_mbscmp

_mbscmp_l

_mbscoll

_mbscoll_l

_mbscpy_s

_mbscpy_s_l

_mbscspn

_mbscspn_l

_mbsdec

_mbsdec_l

_mbsdup

_mbsicmp

_mbsicmp_l

_mbsicoll

_mbsicoll_l

_mbsinc

_mbsinc_l

_mbslen

_mbslen_l

_mbslwr

_mbslwr_l

_mbslwr_s

_mbslwr_s_l

_mbsnbcat

_mbsnbcat_l

_mbsnbcat_s

_mbsnbcat_s_l

_mbsnbcmp

_mbsnbcmp_l

_mbsnbcnt

_mbsnbcnt_l

_mbsnbcoll

_mbsnbcoll_l

_mbsnbcpy

_mbsnbcpy_l

_mbsnbcpy_s

_mbsnbcpy_s_l

_mbsnbicmp

_mbsnbicmp_l

_mbsnbicoll

_mbsnbicoll_l

_mbsnbset

_mbsnbset_l

_mbsnbset_s

_mbsnbset_s_l

_mbsncat

_mbsncat_l

_mbsncat_s

_mbsncat_s_l

_mbsnccnt

_mbsnccnt_l

_mbsncmp

_mbsncmp_l

_mbsncoll

_mbsncoll_l

_mbsncpy

_mbsncpy_l

_mbsncpy_s

_mbsncpy_s_l

_mbsnextc

_mbsnextc_l

_mbsnicmp

_mbsnicmp_l

_mbsnicoll

_mbsnicoll_l

_mbsninc

_mbsninc_l

_mbsnlen

_mbsnlen_l

_mbsnset

_mbsnset_l

_mbsnset_s

_mbsnset_s_l

_mbspbrk

_mbspbrk_l

_mbsrchr

_mbsrchr_l

_mbsrev

_mbsrev_l

_mbsset

_mbsset_l

_mbsset_s

_mbsset_s_l

_mbsspn

_mbsspn_l

_mbsspnp

_mbsspnp_l

_mbsstr

_mbsstr_l

_mbstok

_mbstok_l

_mbstok_s

_mbstok_s_l

_mbstowcs_l

_mbstowcs_s_l

_mbstrlen

_mbstrlen_l

_mbstrnlen

_mbstrnlen_l

_mbsupr

_mbsupr_l

_mbsupr_s

_mbsupr_s_l

_mbtowc_l

Sections

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-private-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

fb:85:e7:d6:1e:c4:e0:be:98:97:dd:b0:01:72:13:17:02:da:f0:cf:97:ee:ff:e9:9c:1c:2c:d3:60:b5:3c:f6
Signer

Actual PE Digest

fb:85:e7:d6:1e:c4:e0:be:98:97:dd:b0:01:72:13:17:02:da:f0:cf:97:ee:ff:e9:9c:1c:2c:d3:60:b5:3c:f6

Digest Algorithm

sha256

PE Digest Matches

true

67:eb:2c:65:69:1a:7b:65:ba:14:ec:a7:5e:aa:32:4a:55:0f:eb:a9
Signer

Actual PE Digest

67:eb:2c:65:69:1a:7b:65:ba:14:ec:a7:5e:aa:32:4a:55:0f:eb:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-private-l1-1-0.pdb

Exports

_CreateFrameInfo

_CxxThrowException

_FindAndUnlinkFrame

_GetImageBase

_GetThrowImageBase

_IsExceptionObjectToBeDestroyed

_SetImageBase

_SetThrowImageBase

_SetWinRTOutOfMemoryExceptionCallback

__AdjustPointer

__BuildCatchObject

__BuildCatchObjectHelper

__C_specific_handler

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxFrameHandler2

__CxxFrameHandler3

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__FrameUnwindFilter

__GetPlatformExceptionInfo

__NLG_Dispatch2

__NLG_Return2

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__TypeMatch

__current_exception

__current_exception_context

__dcrt_get_wide_environment_from_os

__dcrt_initial_narrow_environment

__intrinsic_setjmp

__intrinsic_setjmpex

__processing_throw

__report_gsfailure

__std_exception_copy

__std_exception_destroy

__std_type_info_compare

__std_type_info_destroy_list

__std_type_info_hash

__std_type_info_name

__unDName

__unDNameEx

__uncaught_exception

_get_purecall_handler

_get_unexpected

_is_exception_typeof

_local_unwind

_o__Getdays

_o__Getmonths

_o__Gettnames

_o__Strftime

_o__W_Getdays

_o__W_Getmonths

_o__W_Gettnames

_o__Wcsftime

_o____lc_codepage_func

_o____lc_collate_cp_func

_o____lc_locale_name_func

_o____mb_cur_max_func

_o___acrt_iob_func

_o___conio_common_vcprintf

_o___conio_common_vcprintf_p

_o___conio_common_vcprintf_s

_o___conio_common_vcscanf

_o___conio_common_vcwprintf

_o___conio_common_vcwprintf_p

_o___conio_common_vcwprintf_s

_o___conio_common_vcwscanf

_o___daylight

_o___dstbias

_o___fpe_flt_rounds

_o___p___argc

_o___p___argv

_o___p___wargv

_o___p__acmdln

_o___p__commode

_o___p__environ

_o___p__fmode

_o___p__mbcasemap

_o___p__mbctype

_o___p__pgmptr

_o___p__wcmdln

_o___p__wenviron

_o___p__wpgmptr

_o___pctype_func

_o___pwctype_func

_o___std_exception_copy

_o___std_exception_destroy

_o___std_type_info_destroy_list

_o___std_type_info_name

_o___stdio_common_vfprintf

_o___stdio_common_vfprintf_p

_o___stdio_common_vfprintf_s

_o___stdio_common_vfscanf

_o___stdio_common_vfwprintf

_o___stdio_common_vfwprintf_p

_o___stdio_common_vfwprintf_s

_o___stdio_common_vfwscanf

_o___stdio_common_vsnprintf_s

_o___stdio_common_vsnwprintf_s

_o___stdio_common_vsprintf

_o___stdio_common_vsprintf_p

_o___stdio_common_vsprintf_s

_o___stdio_common_vsscanf

_o___stdio_common_vswprintf

_o___stdio_common_vswprintf_p

_o___stdio_common_vswprintf_s

_o___stdio_common_vswscanf

_o___timezone

_o___tzname

_o___wcserror

_o__access

_o__access_s

_o__aligned_free

_o__aligned_malloc

_o__aligned_msize

_o__aligned_offset_malloc

_o__aligned_offset_realloc

_o__aligned_offset_recalloc

_o__aligned_realloc

_o__aligned_recalloc

_o__atodbl

_o__atodbl_l

_o__atof_l

_o__atoflt

_o__atoflt_l

_o__atoi64

_o__atoi64_l

_o__atoi_l

_o__atol_l

_o__atoldbl

_o__atoldbl_l

_o__atoll_l

_o__beep

_o__beginthread

_o__beginthreadex

_o__cabs

_o__callnewh

_o__calloc_base

_o__cexit

_o__cgets

_o__cgets_s

_o__cgetws

_o__cgetws_s

_o__chdir

_o__chdrive

_o__chmod

_o__chsize

_o__chsize_s

_o__close

_o__commit

_o__configthreadlocale

_o__configure_narrow_argv

_o__configure_wide_argv

_o__controlfp_s

_o__cputs

_o__cputws

_o__creat

_o__create_locale

_o__crt_atexit

_o__ctime32_s

_o__ctime64_s

_o__cwait

_o__d_int

_o__dclass

_o__difftime32

_o__difftime64

_o__dlog

_o__dnorm

_o__dpcomp

_o__dpoly

_o__dscale

_o__dsign

_o__dsin

_o__dtest

_o__dunscale

_o__dup

_o__dup2

_o__dupenv_s

_o__ecvt

_o__ecvt_s

_o__endthread

_o__endthreadex

_o__eof

_o__errno

_o__except1

_o__execute_onexit_table

_o__execv

_o__execve

_o__execvp

_o__execvpe

_o__exit

_o__expand

_o__fclose_nolock

_o__fcloseall

_o__fcvt

_o__fcvt_s

_o__fd_int

_o__fdclass

_o__fdexp

_o__fdlog

_o__fdopen

_o__fdpcomp

_o__fdpoly

_o__fdscale

_o__fdsign

_o__fdsin

_o__fflush_nolock

_o__fgetc_nolock

_o__fgetchar

_o__fgetwc_nolock

_o__fgetwchar

_o__filelength

_o__filelengthi64

_o__fileno

_o__findclose

_o__findfirst32

_o__findfirst32i64

_o__findfirst64

_o__findfirst64i32

_o__findnext32

_o__findnext32i64

_o__findnext64

_o__findnext64i32

_o__flushall

_o__fpclass

_o__fpclassf

_o__fputc_nolock

_o__fputchar

_o__fputwc_nolock

_o__fputwchar

_o__fread_nolock

_o__fread_nolock_s

_o__free_base

_o__free_locale

_o__fseek_nolock

_o__fseeki64

_o__fseeki64_nolock

_o__fsopen

_o__fstat32

_o__fstat32i64

_o__fstat64

_o__fstat64i32

_o__ftell_nolock

_o__ftelli64

_o__ftelli64_nolock

_o__ftime32

_o__ftime32_s

_o__ftime64

_o__ftime64_s

_o__fullpath

_o__futime32

_o__futime64

_o__fwrite_nolock

_o__gcvt

_o__gcvt_s

_o__get_daylight

_o__get_doserrno

_o__get_dstbias

_o__get_errno

_o__get_fmode

_o__get_heap_handle

_o__get_initial_narrow_environment

_o__get_initial_wide_environment

_o__get_invalid_parameter_handler

_o__get_narrow_winmain_command_line

_o__get_osfhandle

_o__get_pgmptr

_o__get_stream_buffer_pointers

_o__get_terminate

_o__get_thread_local_invalid_parameter_handler

_o__get_timezone

_o__get_tzname

_o__get_wide_winmain_command_line

_o__get_wpgmptr

_o__getc_nolock

_o__getch

_o__getch_nolock

_o__getche

_o__getche_nolock

_o__getcwd

_o__getdcwd

_o__getdiskfree

_o__getdllprocaddr

_o__getdrive

_o__getdrives

_o__getmbcp

_o__getsystime

_o__getw

_o__getwc_nolock

_o__getwch

_o__getwch_nolock

_o__getwche

_o__getwche_nolock

_o__getws

_o__getws_s

_o__gmtime32

_o__gmtime32_s

_o__gmtime64

_o__gmtime64_s

_o__heapchk

_o__heapmin

_o__hypot

_o__hypotf

_o__i64toa

_o__i64toa_s

_o__i64tow

_o__i64tow_s

_o__initialize_narrow_environment

_o__initialize_onexit_table

_o__initialize_wide_environment

_o__invalid_parameter_noinfo

_o__invalid_parameter_noinfo_noreturn

_o__isatty

_o__isctype

_o__isctype_l

_o__isleadbyte_l

_o__ismbbalnum

_o__ismbbalnum_l

_o__ismbbalpha

_o__ismbbalpha_l

_o__ismbbblank

_o__ismbbblank_l

_o__ismbbgraph

_o__ismbbgraph_l

_o__ismbbkalnum

_o__ismbbkalnum_l

_o__ismbbkana

_o__ismbbkana_l

_o__ismbbkprint

_o__ismbbkprint_l

_o__ismbbkpunct

_o__ismbbkpunct_l

_o__ismbblead

_o__ismbblead_l

_o__ismbbprint

_o__ismbbprint_l

_o__ismbbpunct

_o__ismbbpunct_l

_o__ismbbtrail

_o__ismbbtrail_l

_o__ismbcalnum

_o__ismbcalnum_l

_o__ismbcalpha

_o__ismbcalpha_l

_o__ismbcblank

_o__ismbcblank_l

_o__ismbcdigit

_o__ismbcdigit_l

_o__ismbcgraph

_o__ismbcgraph_l

_o__ismbchira

_o__ismbchira_l

_o__ismbckata

_o__ismbckata_l

_o__ismbcl0

_o__ismbcl0_l

_o__ismbcl1

_o__ismbcl1_l

_o__ismbcl2

_o__ismbcl2_l

_o__ismbclegal

_o__ismbclegal_l

_o__ismbclower

_o__ismbclower_l

_o__ismbcprint

_o__ismbcprint_l

_o__ismbcpunct

_o__ismbcpunct_l

_o__ismbcspace

_o__ismbcspace_l

_o__ismbcsymbol

_o__ismbcsymbol_l

_o__ismbcupper

_o__ismbcupper_l

_o__ismbslead

_o__ismbslead_l

_o__ismbstrail

_o__ismbstrail_l

_o__iswctype_l

_o__itoa

_o__itoa_s

_o__itow

_o__itow_s

_o__j0

_o__j1

_o__jn

_o__kbhit

_o__ld_int

_o__ldclass

_o__ldexp

_o__ldlog

_o__ldpcomp

_o__ldpoly

_o__ldscale

_o__ldsign

_o__ldsin

_o__ldtest

_o__ldunscale

_o__lfind

_o__lfind_s

_o__loaddll

_o__localtime32

_o__localtime32_s

_o__localtime64

_o__localtime64_s

_o__lock_file

_o__locking

_o__logb

_o__logbf

_o__lsearch

_o__lsearch_s

_o__lseek

_o__lseeki64

_o__ltoa

_o__ltoa_s

_o__ltow

_o__ltow_s

_o__makepath

_o__makepath_s

_o__malloc_base

_o__mbbtombc

_o__mbbtombc_l

_o__mbbtype

_o__mbbtype_l

_o__mbccpy

_o__mbccpy_l

_o__mbccpy_s

_o__mbccpy_s_l

_o__mbcjistojms

_o__mbcjistojms_l

_o__mbcjmstojis

_o__mbcjmstojis_l

_o__mbclen

_o__mbclen_l

_o__mbctohira

_o__mbctohira_l

_o__mbctokata

_o__mbctokata_l

_o__mbctolower

_o__mbctolower_l

_o__mbctombb

_o__mbctombb_l

_o__mbctoupper

_o__mbctoupper_l

_o__mblen_l

_o__mbsbtype

_o__mbsbtype_l

_o__mbscat_s

_o__mbscat_s_l

_o__mbschr

_o__mbschr_l

_o__mbscmp

_o__mbscmp_l

_o__mbscoll

_o__mbscoll_l

_o__mbscpy_s

_o__mbscpy_s_l

_o__mbscspn

_o__mbscspn_l

_o__mbsdec

_o__mbsdec_l

_o__mbsicmp

_o__mbsicmp_l

_o__mbsicoll

_o__mbsicoll_l

_o__mbsinc

_o__mbsinc_l

_o__mbslen

_o__mbslen_l

_o__mbslwr

_o__mbslwr_l

_o__mbslwr_s

_o__mbslwr_s_l

_o__mbsnbcat

_o__mbsnbcat_l

_o__mbsnbcat_s

_o__mbsnbcat_s_l

_o__mbsnbcmp

_o__mbsnbcmp_l

_o__mbsnbcnt

_o__mbsnbcnt_l

_o__mbsnbcoll

_o__mbsnbcoll_l

_o__mbsnbcpy

_o__mbsnbcpy_l

_o__mbsnbcpy_s

_o__mbsnbcpy_s_l

_o__mbsnbicmp

_o__mbsnbicmp_l

_o__mbsnbicoll

_o__mbsnbicoll_l

_o__mbsnbset

_o__mbsnbset_l

_o__mbsnbset_s

_o__mbsnbset_s_l

Sections

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-process-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

54:47:81:a5:a3:07:9b:8f:e0:dc:50:9c:e6:b3:f5:5a:8d:53:07:a7:16:f4:6e:5b:bf:e7:0d:ec:65:86:11:fb
Signer

Actual PE Digest

54:47:81:a5:a3:07:9b:8f:e0:dc:50:9c:e6:b3:f5:5a:8d:53:07:a7:16:f4:6e:5b:bf:e7:0d:ec:65:86:11:fb

Digest Algorithm

sha256

PE Digest Matches

true

39:88:58:5c:ad:8e:65:6e:e6:02:5d:e2:f5:bd:f8:07:3c:b4:19:65
Signer

Actual PE Digest

39:88:58:5c:ad:8e:65:6e:e6:02:5d:e2:f5:bd:f8:07:3c:b4:19:65

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

_beep

_cwait

_execl

_execle

_execlp

_execlpe

_execv

_execve

_execvp

_execvpe

_loaddll

_spawnl

_spawnle

_spawnlp

_spawnlpe

_spawnv

_spawnve

_spawnvp

_spawnvpe

_unloaddll

_wexecl

_wexecle

_wexeclp

_wexeclpe

_wexecv

_wexecve

_wexecvp

_wexecvpe

_wspawnl

_wspawnle

_wspawnlp

_wspawnlpe

_wspawnv

_wspawnve

_wspawnvp

_wspawnvpe

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-runtime-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

46:33:4b:cb:70:14:60:93:45:10:06:ca:af:ca:58:26:74:d0:78:df:67:42:a4:5f:d5:35:8c:3a:92:bf:81:34
Signer

Actual PE Digest

46:33:4b:cb:70:14:60:93:45:10:06:ca:af:ca:58:26:74:d0:78:df:67:42:a4:5f:d5:35:8c:3a:92:bf:81:34

Digest Algorithm

sha256

PE Digest Matches

true

a3:9f:bb:fc:24:ab:d1:0a:6f:2e:78:cd:34:a6:4e:c8:df:26:35:c0
Signer

Actual PE Digest

a3:9f:bb:fc:24:ab:d1:0a:6f:2e:78:cd:34:a6:4e:c8:df:26:35:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

_Exit

__doserrno

__fpe_flt_rounds

__fpecode

__p___argc

__p___argv

__p___wargv

__p__acmdln

__p__pgmptr

__p__wcmdln

__p__wpgmptr

__pxcptinfoptrs

__sys_errlist

__sys_nerr

__threadhandle

__threadid

__wcserror

__wcserror_s

_assert

_beginthread

_beginthreadex

_c_exit

_cexit

_clearfp

_configure_narrow_argv

_configure_wide_argv

_control87

_controlfp

_controlfp_s

_crt_at_quick_exit

_crt_atexit

_endthread

_endthreadex

_errno

_execute_onexit_table

_exit

_fpieee_flt

_fpreset

_get_doserrno

_get_errno

_get_initial_narrow_environment

_get_initial_wide_environment

_get_invalid_parameter_handler

_get_narrow_winmain_command_line

_get_pgmptr

_get_terminate

_get_thread_local_invalid_parameter_handler

_get_wide_winmain_command_line

_get_wpgmptr

_getdllprocaddr

_getpid

_initialize_narrow_environment

_initialize_onexit_table

_initialize_wide_environment

_initterm

_initterm_e

_invalid_parameter_noinfo

_invalid_parameter_noinfo_noreturn

_invoke_watson

_query_app_type

_register_onexit_function

_register_thread_local_exe_atexit_callback

_resetstkoflw

_seh_filter_dll

_seh_filter_exe

_set_abort_behavior

_set_app_type

_set_controlfp

_set_doserrno

_set_errno

_set_error_mode

_set_invalid_parameter_handler

_set_new_handler

_set_thread_local_invalid_parameter_handler

_seterrormode

_sleep

_statusfp

_strerror

_strerror_s

_wassert

_wcserror

_wcserror_s

_wperror

_wsystem

abort

exit

feclearexcept

fegetenv

fegetexceptflag

fegetround

feholdexcept

fesetenv

fesetexceptflag

fesetround

fetestexcept

perror

quick_exit

raise

set_terminate

signal

strerror

strerror_s

system

terminate

Sections

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-stdio-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

7d:ee:05:7a:10:cb:b5:6a:6a:1e:c4:44:25:ad:88:7b:11:45:13:98:ec:70:f2:b9:ab:2c:11:fb:63:6f:15:c3
Signer

Actual PE Digest

7d:ee:05:7a:10:cb:b5:6a:6a:1e:c4:44:25:ad:88:7b:11:45:13:98:ec:70:f2:b9:ab:2c:11:fb:63:6f:15:c3

Digest Algorithm

sha256

PE Digest Matches

true

dc:6f:64:c1:d0:32:97:4d:7d:c7:0f:86:f9:ff:c0:60:5f:4f:97:c3
Signer

Actual PE Digest

dc:6f:64:c1:d0:32:97:4d:7d:c7:0f:86:f9:ff:c0:60:5f:4f:97:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

__acrt_iob_func

__p__commode

__p__fmode

__stdio_common_vfprintf

__stdio_common_vfprintf_p

__stdio_common_vfprintf_s

__stdio_common_vfscanf

__stdio_common_vfwprintf

__stdio_common_vfwprintf_p

__stdio_common_vfwprintf_s

__stdio_common_vfwscanf

__stdio_common_vsnprintf_s

__stdio_common_vsnwprintf_s

__stdio_common_vsprintf

__stdio_common_vsprintf_p

__stdio_common_vsprintf_s

__stdio_common_vsscanf

__stdio_common_vswprintf

__stdio_common_vswprintf_p

__stdio_common_vswprintf_s

__stdio_common_vswscanf

_chsize

_chsize_s

_close

_commit

_creat

_dup

_dup2

_eof

_fclose_nolock

_fcloseall

_fflush_nolock

_fgetc_nolock

_fgetchar

_fgetwc_nolock

_fgetwchar

_filelength

_filelengthi64

_fileno

_flushall

_fputc_nolock

_fputchar

_fputwc_nolock

_fputwchar

_fread_nolock

_fread_nolock_s

_fseek_nolock

_fseeki64

_fseeki64_nolock

_fsopen

_ftell_nolock

_ftelli64

_ftelli64_nolock

_fwrite_nolock

_get_fmode

_get_osfhandle

_get_printf_count_output

_get_stream_buffer_pointers

_getc_nolock

_getcwd

_getdcwd

_getmaxstdio

_getw

_getwc_nolock

_getws

_getws_s

_isatty

_kbhit

_locking

_lseek

_lseeki64

_mktemp

_mktemp_s

_open

_open_osfhandle

_pclose

_pipe

_popen

_putc_nolock

_putw

_putwc_nolock

_putws

_read

_rmtmp

_set_fmode

_set_printf_count_output

_setmaxstdio

_setmode

_sopen

_sopen_dispatch

_sopen_s

_tell

_telli64

_tempnam

_ungetc_nolock

_ungetwc_nolock

_wcreat

_wfdopen

_wfopen

_wfopen_s

_wfreopen

_wfreopen_s

_wfsopen

_wmktemp

_wmktemp_s

_wopen

_wpopen

_write

_wsopen

_wsopen_dispatch

_wsopen_s

_wtempnam

_wtmpnam

_wtmpnam_s

clearerr

clearerr_s

fclose

feof

ferror

fflush

fgetc

fgetpos

fgets

fgetwc

fgetws

fopen

fopen_s

fputc

fputs

fputwc

fputws

fread

fread_s

freopen

freopen_s

fseek

fsetpos

ftell

fwrite

getc

getchar

gets

gets_s

getwc

getwchar

putc

putchar

puts

putwc

putwchar

rewind

setbuf

setvbuf

tmpfile

tmpfile_s

tmpnam

tmpnam_s

ungetc

ungetwc

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-string-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

17:3f:43:ff:ad:8d:17:4e:7e:df:64:10:d5:09:13:fb:0a:3d:fb:da:df:5e:64:b9:38:e9:a1:a7:de:6b:3f:0b
Signer

Actual PE Digest

17:3f:43:ff:ad:8d:17:4e:7e:df:64:10:d5:09:13:fb:0a:3d:fb:da:df:5e:64:b9:38:e9:a1:a7:de:6b:3f:0b

Digest Algorithm

sha256

PE Digest Matches

true

d8:9a:14:9d:14:91:12:dc:db:38:89:3b:fd:43:0b:be:23:0a:dc:17
Signer

Actual PE Digest

d8:9a:14:9d:14:91:12:dc:db:38:89:3b:fd:43:0b:be:23:0a:dc:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

__isascii

__iscsym

__iscsymf

__iswcsym

__iswcsymf

__strncnt

__wcsncnt

_isalnum_l

_isalpha_l

_isblank_l

_iscntrl_l

_isctype

_isctype_l

_isdigit_l

_isgraph_l

_isleadbyte_l

_islower_l

_isprint_l

_ispunct_l

_isspace_l

_isupper_l

_iswalnum_l

_iswalpha_l

_iswblank_l

_iswcntrl_l

_iswcsym_l

_iswcsymf_l

_iswctype_l

_iswdigit_l

_iswgraph_l

_iswlower_l

_iswprint_l

_iswpunct_l

_iswspace_l

_iswupper_l

_iswxdigit_l

_isxdigit_l

_memccpy

_memicmp

_memicmp_l

_strcoll_l

_strdup

_stricmp

_stricmp_l

_stricoll

_stricoll_l

_strlwr

_strlwr_l

_strlwr_s

_strlwr_s_l

_strncoll

_strncoll_l

_strnicmp

_strnicmp_l

_strnicoll

_strnicoll_l

_strnset

_strnset_s

_strrev

_strset

_strset_s

_strupr

_strupr_l

_strupr_s

_strupr_s_l

_strxfrm_l

_tolower

_tolower_l

_toupper

_toupper_l

_towlower_l

_towupper_l

_wcscoll_l

_wcsdup

_wcsicmp

_wcsicmp_l

_wcsicoll

_wcsicoll_l

_wcslwr

_wcslwr_l

_wcslwr_s

_wcslwr_s_l

_wcsncoll

_wcsncoll_l

_wcsnicmp

_wcsnicmp_l

_wcsnicoll

_wcsnicoll_l

_wcsnset

_wcsnset_s

_wcsrev

_wcsset

_wcsset_s

_wcsupr

_wcsupr_l

_wcsupr_s

_wcsupr_s_l

_wcsxfrm_l

_wctype

is_wctype

isalnum

isalpha

isblank

iscntrl

isdigit

isgraph

isleadbyte

islower

isprint

ispunct

isspace

isupper

iswalnum

iswalpha

iswascii

iswblank

iswcntrl

iswctype

iswdigit

iswgraph

iswlower

iswprint

iswpunct

iswspace

iswupper

iswxdigit

isxdigit

mblen

mbrlen

memcpy_s

memmove_s

memset

strcat

strcat_s

strcmp

strcoll

strcpy

strcpy_s

strcspn

strlen

strncat

strncat_s

strncmp

strncpy

strncpy_s

strnlen

strpbrk

strspn

strtok

strtok_s

strxfrm

tolower

toupper

towctrans

towlower

towupper

wcscat

wcscat_s

wcscmp

wcscoll

wcscpy

wcscpy_s

wcscspn

wcslen

wcsncat

wcsncat_s

wcsncmp

wcsncpy

wcsncpy_s

wcsnlen

wcspbrk

wcsspn

wcstok

wcstok_s

wcsxfrm

wctype

wmemcpy_s

wmemmove_s

Sections

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-time-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

38:56:04:42:cd:70:26:0f:14:73:d0:c5:f1:e0:c0:47:89:71:3c:02:a6:af:5e:1f:26:69:74:04:32:a8:30:ef
Signer

Actual PE Digest

38:56:04:42:cd:70:26:0f:14:73:d0:c5:f1:e0:c0:47:89:71:3c:02:a6:af:5e:1f:26:69:74:04:32:a8:30:ef

Digest Algorithm

sha256

PE Digest Matches

true

32:48:e7:a5:5e:1b:c0:21:29:0b:cf:34:e7:db:b9:7d:73:2f:6c:ac
Signer

Actual PE Digest

32:48:e7:a5:5e:1b:c0:21:29:0b:cf:34:e7:db:b9:7d:73:2f:6c:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

_Getdays

_Getmonths

_Gettnames

_Strftime

_W_Getdays

_W_Getmonths

_W_Gettnames

_Wcsftime

__daylight

__dstbias

__timezone

__tzname

_ctime32

_ctime32_s

_ctime64

_ctime64_s

_difftime32

_difftime64

_ftime32

_ftime32_s

_ftime64

_ftime64_s

_futime32

_futime64

_get_daylight

_get_dstbias

_get_timezone

_get_tzname

_getsystime

_gmtime32

_gmtime32_s

_gmtime64

_gmtime64_s

_localtime32

_localtime32_s

_localtime64

_localtime64_s

_mkgmtime32

_mkgmtime64

_mktime32

_mktime64

_setsystime

_strdate

_strdate_s

_strftime_l

_strtime

_strtime_s

_time32

_time64

_timespec32_get

_timespec64_get

_tzset

_utime32

_utime64

_wasctime

_wasctime_s

_wcsftime_l

_wctime32

_wctime32_s

_wctime64

_wctime64_s

_wstrdate

_wstrdate_s

_wstrtime

_wstrtime_s

_wutime32

_wutime64

asctime

asctime_s

clock

strftime

wcsftime

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

api-ms-win-crt-utility-l1-1-0.dll

.dll windows:10 windows x64 arch:x64

Code Sign

33:00:00:00:6f:65:2d:58:6d:07:11:46:28:00:00:00:00:00:6f
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20/03/2015, 17:32

Not After

20/06/2016, 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:7b:a2:81:0b:87:11:ab:e7:fc:00:00:00:00:00:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/10/2014, 18:06

Not After

01/01/2016, 18:06

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ce:aa:d7:23:19:44:46:34:53:fd:19:40:d4:20:8c:fe:85:e9:6b:69:e4:5d:c2:80:61:cf:cc:ff:f8:4e:b1:a8
Signer

Actual PE Digest

ce:aa:d7:23:19:44:46:34:53:fd:19:40:d4:20:8c:fe:85:e9:6b:69:e4:5d:c2:80:61:cf:cc:ff:f8:4e:b1:a8

Digest Algorithm

sha256

PE Digest Matches

true

99:11:ff:bf:e0:5e:e4:ad:eb:30:b1:f1:ec:6d:27:9d:a7:f1:8d:14
Signer

Actual PE Digest

99:11:ff:bf:e0:5e:e4:ad:eb:30:b1:f1:ec:6d:27:9d:a7:f1:8d:14

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

_abs64

_byteswap_uint64

_byteswap_ulong

_byteswap_ushort

_lfind

_lfind_s

_lrotl

_lrotr

_lsearch

_lsearch_s

_rotl

_rotl64

_rotr

_rotr64

_swab

abs

bsearch

bsearch_s

div

imaxabs

imaxdiv

labs

ldiv

llabs

lldiv

qsort

qsort_s

rand

rand_s

srand

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

concrt140.dll

.dll windows:6 windows x64 arch:x64

0e53a682f1331df9628488b9ca56f28b

Code Sign

33:00:00:00:f5:82:36:5b:4e:30:d5:29:7a:00:00:00:00:00:f5
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:31C5-30BA-7C91,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

f2:6a:14:30:91:a7:b5:2a:57:8f:75:24:4f:66:45:c6:72:58:12:0e:a3:fb:25:7d:39:6a:68:2c:fc:4f:7e:2e
Signer

Actual PE Digest

f2:6a:14:30:91:a7:b5:2a:57:8f:75:24:4f:66:45:c6:72:58:12:0e:a3:fb:25:7d:39:6a:68:2c:fc:4f:7e:2e

Digest Algorithm

sha256

PE Digest Matches

true

16:7e:8c:3b:6d:6d:29:da:55:aa:e5:10:3e:eb:fc:c6:16:27:80:48
Signer

Actual PE Digest

16:7e:8c:3b:6d:6d:29:da:55:aa:e5:10:3e:eb:fc:c6:16:27:80:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\\concrt140.amd64.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

_Mtx_init_in_situ

_Mtx_destroy_in_situ

_Mtx_lock

_Mtx_unlock

_Cnd_init_in_situ

_Cnd_destroy_in_situ

_Cnd_wait

_Cnd_broadcast

?_Throw_C_error@std@@YAXH@Z

__crtInitializeCriticalSectionEx

__crtCreateEventExW

__crtGetTickCount64

__crtFlushProcessWriteBuffers

__crtGetCurrentProcessorNumber

__crtCreateSemaphoreExW

__crtSetThreadpoolTimer

?__ExceptionPtrDestroy@@YAXPEAX@Z

?__ExceptionPtrCreate@@YAXPEAX@Z

?__ExceptionPtrCopy@@YAXPEAXPEBX@Z

?__ExceptionPtrCurrentException@@YAXPEAX@Z

?__ExceptionPtrRethrow@@YAXPEBX@Z

__crtCreateThreadpoolTimer

__crtWaitForThreadpoolTimerCallbacks

__crtCloseThreadpoolTimer

__crtCreateThreadpoolWait

__crtSetThreadpoolWait

__crtCloseThreadpoolWait

__crtFreeLibraryWhenCallbackReturns

vcruntime140

__C_specific_handler

memcpy

__uncaught_exception

memset

__RTDynamicCast

_CxxThrowException

__std_exception_destroy

__std_exception_copy

__std_terminate

_purecall

__CxxFrameHandler3

__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm_e

_initterm

_cexit

terminate

_invalid_parameter_noinfo_noreturn

_seh_filter_dll

_configure_narrow_argv

_initialize_narrow_environment

_initialize_onexit_table

_register_onexit_function

_execute_onexit_table

_crt_atexit

api-ms-win-crt-heap-l1-1-0

_callnewh

free

malloc

api-ms-win-crt-math-l1-1-0

sqrt

exp

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf

__stdio_common_vswprintf_s

__acrt_iob_func

fflush

kernel32

InterlockedPopEntrySList

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

IsDebuggerPresent

IsProcessorFeaturePresent

TerminateProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetModuleHandleA

GetModuleFileNameW

FreeLibraryAndExitThread

FreeLibrary

GetThreadTimes

OutputDebugStringW

LoadLibraryW

LoadLibraryExW

SetLastError

EncodePointer

UnregisterWaitEx

ReleaseSemaphore

InitializeSListHead

SetProcessAffinityMask

VirtualFree

VirtualProtect

VirtualAlloc

GetVersionExW

DeleteCriticalSection

TryEnterCriticalSection

LeaveCriticalSection

EnterCriticalSection

UnregisterWait

RegisterWaitForSingleObject

SetThreadAffinityMask

GetProcessAffinityMask

GetNumaHighestNodeNumber

GetProcAddress

GetModuleHandleW

DeleteTimerQueueTimer

ChangeTimerQueueTimer

CreateTimerQueueTimer

GetLogicalProcessorInformation

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

GetThreadPriority

SetThreadPriority

CreateThread

SwitchToThread

SignalObjectAndWait

Sleep

GetCurrentThreadId

GetCurrentProcess

WaitForSingleObjectEx

SetEvent

GetLastError

DuplicateHandle

CloseHandle

GetCurrentThread

CreateTimerQueue

QueryDepthSList

InterlockedFlushSList

InterlockedPushEntrySList

Exports

??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z

??0?$_SpinWait@$0A@@details@Concurrency@@QEAA@P6AXXZ@Z

??0SchedulerPolicy@Concurrency@@QEAA@AEBV01@@Z

??0SchedulerPolicy@Concurrency@@QEAA@XZ

??0SchedulerPolicy@Concurrency@@QEAA@_KZZ

??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ

??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z

??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@AEBV_Concurrent_queue_base_v4@12@@Z

??0_Condition_variable@details@Concurrency@@QEAA@XZ

??0_Context@details@Concurrency@@QEAA@PEAVContext@2@@Z

??0_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ

??0_ReaderWriterLock@details@Concurrency@@QEAA@XZ

??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??0_ReentrantLock@details@Concurrency@@QEAA@XZ

??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ

??0_Runtime_object@details@Concurrency@@QEAA@H@Z

??0_Runtime_object@details@Concurrency@@QEAA@XZ

??0_Scheduler@details@Concurrency@@QEAA@PEAVScheduler@2@@Z

??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z

??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z

??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z

??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QEAA@XZ

??0_Timer@details@Concurrency@@IEAA@I_N@Z

??0agent@Concurrency@@QEAA@AEAVScheduleGroup@1@@Z

??0agent@Concurrency@@QEAA@AEAVScheduler@1@@Z

??0agent@Concurrency@@QEAA@XZ

??0bad_target@Concurrency@@QEAA@PEBD@Z

??0bad_target@Concurrency@@QEAA@XZ

??0context_self_unblock@Concurrency@@QEAA@PEBD@Z

??0context_self_unblock@Concurrency@@QEAA@XZ

??0context_unblock_unbalanced@Concurrency@@QEAA@PEBD@Z

??0context_unblock_unbalanced@Concurrency@@QEAA@XZ

??0critical_section@Concurrency@@QEAA@XZ

??0default_scheduler_exists@Concurrency@@QEAA@PEBD@Z

??0default_scheduler_exists@Concurrency@@QEAA@XZ

??0event@Concurrency@@QEAA@XZ

??0improper_lock@Concurrency@@QEAA@PEBD@Z

??0improper_lock@Concurrency@@QEAA@XZ

??0improper_scheduler_attach@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_attach@Concurrency@@QEAA@XZ

??0improper_scheduler_detach@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_detach@Concurrency@@QEAA@XZ

??0improper_scheduler_reference@Concurrency@@QEAA@PEBD@Z

??0improper_scheduler_reference@Concurrency@@QEAA@XZ

??0invalid_link_target@Concurrency@@QEAA@PEBD@Z

??0invalid_link_target@Concurrency@@QEAA@XZ

??0invalid_multiple_scheduling@Concurrency@@QEAA@PEBD@Z

??0invalid_multiple_scheduling@Concurrency@@QEAA@XZ

??0invalid_oversubscribe_operation@Concurrency@@QEAA@PEBD@Z

??0invalid_oversubscribe_operation@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_key@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_key@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_thread_specification@Concurrency@@QEAA@XZ

??0invalid_scheduler_policy_value@Concurrency@@QEAA@PEBD@Z

??0invalid_scheduler_policy_value@Concurrency@@QEAA@XZ

??0message_not_found@Concurrency@@QEAA@PEBD@Z

??0message_not_found@Concurrency@@QEAA@XZ

??0missing_wait@Concurrency@@QEAA@PEBD@Z

??0missing_wait@Concurrency@@QEAA@XZ

??0nested_scheduler_missing_detach@Concurrency@@QEAA@PEBD@Z

??0nested_scheduler_missing_detach@Concurrency@@QEAA@XZ

??0operation_timed_out@Concurrency@@QEAA@PEBD@Z

??0operation_timed_out@Concurrency@@QEAA@XZ

??0reader_writer_lock@Concurrency@@QEAA@XZ

??0scheduler_not_attached@Concurrency@@QEAA@PEBD@Z

??0scheduler_not_attached@Concurrency@@QEAA@XZ

??0scheduler_resource_allocation_error@Concurrency@@QEAA@J@Z

??0scheduler_resource_allocation_error@Concurrency@@QEAA@PEBDJ@Z

??0scheduler_worker_creation_error@Concurrency@@QEAA@J@Z

??0scheduler_worker_creation_error@Concurrency@@QEAA@PEBDJ@Z

??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z

??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z

??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z

??0unsupported_os@Concurrency@@QEAA@PEBD@Z

??0unsupported_os@Concurrency@@QEAA@XZ

??1SchedulerPolicy@Concurrency@@QEAA@XZ

??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ

??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ

??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAA@XZ

??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ

??1_Condition_variable@details@Concurrency@@QEAA@XZ

??1_NonReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ

??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ

??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ

??1_SpinLock@details@Concurrency@@QEAA@XZ

??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ

??1_TaskCollection@details@Concurrency@@QEAA@XZ

??1_Timer@details@Concurrency@@MEAA@XZ

??1agent@Concurrency@@UEAA@XZ

??1critical_section@Concurrency@@QEAA@XZ

??1event@Concurrency@@QEAA@XZ

??1reader_writer_lock@Concurrency@@QEAA@XZ

??1scoped_lock@critical_section@Concurrency@@QEAA@XZ

??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ

??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ

??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z

??4?$_SpinWait@$00@details@Concurrency@@QEAAAEAV012@AEBV012@@Z

??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@$$QEAV012@@Z

??4?$_SpinWait@$0A@@details@Concurrency@@QEAAAEAV012@AEBV012@@Z

??4SchedulerPolicy@Concurrency@@QEAAAEAV01@AEBV01@@Z

??_F?$_SpinWait@$00@details@Concurrency@@QEAAXXZ

??_F?$_SpinWait@$0A@@details@Concurrency@@QEAAXXZ

??_F_Context@details@Concurrency@@QEAAXXZ

??_F_Scheduler@details@Concurrency@@QEAAXXZ

?AgentEventGuid@Concurrency@@3U_GUID@@B

?Alloc@Concurrency@@YAPEAX_K@Z

?Block@Context@Concurrency@@SAXXZ

?ChoreEventGuid@Concurrency@@3U_GUID@@B

?ConcRTEventGuid@Concurrency@@3U_GUID@@B

?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B

?ContextEventGuid@Concurrency@@3U_GUID@@B

?Create@CurrentScheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z

?Create@Scheduler@Concurrency@@SAPEAV12@AEBVSchedulerPolicy@2@@Z

?CreateResourceManager@Concurrency@@YAPEAUIResourceManager@1@XZ

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@AEAVlocation@2@@Z

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPEAVScheduleGroup@2@XZ

?CurrentContext@Context@Concurrency@@SAPEAV12@XZ

?Detach@CurrentScheduler@Concurrency@@SAXXZ

?DisableTracing@Concurrency@@YAJXZ

?EnableTracing@Concurrency@@YAJXZ

?Free@Concurrency@@YAXPEAX@Z

?Get@CurrentScheduler@Concurrency@@SAPEAVScheduler@2@XZ

?GetExecutionContextId@Concurrency@@YAIXZ

?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ

?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ

?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ

?GetPolicyValue@SchedulerPolicy@Concurrency@@QEBAIW4PolicyElementKey@2@@Z

?GetProcessorCount@Concurrency@@YAIXZ

?GetProcessorNodeCount@Concurrency@@YAIXZ

?GetSchedulerId@Concurrency@@YAIXZ

?GetSharedTimerQueue@details@Concurrency@@YAPEAXXZ

?Id@Context@Concurrency@@SAIXZ

?Id@CurrentScheduler@Concurrency@@SAIXZ

?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NAEBVlocation@2@@Z

?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ

?LockEventGuid@Concurrency@@3U_GUID@@B

?Log2@details@Concurrency@@YAK_K@Z

?NFS_Allocate@details@Concurrency@@YAPEAX_K0PEAX@Z

?NFS_Free@details@Concurrency@@YAXPEAX@Z

?NFS_GetLineSize@details@Concurrency@@YA_KXZ

?Oversubscribe@Context@Concurrency@@SAX_N@Z

?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B

?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B

?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B

?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPEAX@Z

?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ

?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B

?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B

?ScheduleGroupId@Context@Concurrency@@SAIXZ

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0AEAVlocation@2@@Z

?SchedulerEventGuid@Concurrency@@3U_GUID@@B

?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QEAAXII@Z

?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXAEBVSchedulerPolicy@2@@Z

?SetPolicyValue@SchedulerPolicy@Concurrency@@QEAAIW4PolicyElementKey@2@I@Z

?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B

?VirtualProcessorId@Context@Concurrency@@SAIXZ

?Yield@Context@Concurrency@@SAXXZ

?_Abort@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ

?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z

?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Acquire@_ReentrantLock@details@Concurrency@@QEAAXXZ

?_Acquire@_ReentrantPPLLock@details@Concurrency@@QEAAXPEAX@Z

?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXXZ

?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IEAAXAEBV123@@Z

?_Byte_reverse_table@details@Concurrency@@3QBEB

?_Cancel@_StructuredTaskCollection@details@Concurrency@@QEAAXXZ

?_Cancel@_TaskCollection@details@Concurrency@@QEAAXXZ

?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ

?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AEAAXXZ

?_ConcRT_CoreAssert@details@Concurrency@@YAXPEBD0H@Z

?_ConcRT_Trace@details@Concurrency@@YAXHPEB_WZZ

?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ

?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ

?_Current_node@location@Concurrency@@SA?AV12@XZ

?_Destroy@_AsyncTaskCollection@details@Concurrency@@EEAAXXZ

?_DoYield@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ

?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ

?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ

?_GetCombinableSize@details@Concurrency@@YA_KXZ

?_GetConcRTTraceInfo@Concurrency@@YAPEBU_CONCRT_TRACE_INFO@details@1@XZ

?_GetConcurrency@details@Concurrency@@YAIXZ

?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAEA_KXZ

?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ

?_GetScheduler@_Scheduler@details@Concurrency@@QEAAPEAVScheduler@3@XZ

?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ

?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAX1@ZP6AX2PEBX1@Z5@Z

?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ

?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z

?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KPEAXP6AX10@ZP6AX1PEBX0@Z@Z

?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEBV123@_KP6AXPEAXPEBX1@Z@Z

?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ

?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ

?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z

?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_K_K0P6AXPEAXPEBX0@Z2@Z

?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEAX@Z

?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z

?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z

?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z

?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00@Z

?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IEAAX_K00P6AXPEAX0@ZP6AX1PEBX0@Z3@Z

?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_KXZ

?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXAEAV123@@Z

?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IEAAXAEAV123@@Z

?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ

?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IEBAX_K@Z

?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QEAA_NXZ

?_IsCanceling@_TaskCollection@details@Concurrency@@QEAA_NXZ

?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ

?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPEAV123@PEAV_CancellationTokenState@23@@Z

?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IEAAKXZ

?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IEAAKXZ

?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z

?_Reference@_Scheduler@details@Concurrency@@QEAAIXZ

?_Release@_NonReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Release@_NonReentrantPPLLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantLock@details@Concurrency@@QEAAXXZ

?_Release@_ReentrantPPLLock@details@Concurrency@@QEAAXXZ

?_Release@_Scheduler@details@Concurrency@@QEAAIXZ

?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QEAAXXZ

?_Reset@?$_SpinWait@$00@details@Concurrency@@IEAAXXZ

?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IEAAXXZ

?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z

?_RunAndWait@_TaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@PEAVlocation@3@@Z

?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z

?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z

?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QEAAXI@Z

?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QEAAXI@Z

?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IEAA_NXZ

?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IEAA_NXZ

?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ

?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QEAA_NXZ

?_SpinYield@Context@Concurrency@@SAXXZ

?_Start@_Timer@details@Concurrency@@IEAAXXZ

?_Stop@_Timer@details@Concurrency@@IEAAXXZ

?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ

?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z

?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QEAA_NXZ

?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QEAA_NXZ

?_TryAcquire@_ReentrantLock@details@Concurrency@@QEAA_NXZ

?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QEAA_NXZ

?_UnderlyingYield@details@Concurrency@@YAXXZ

?_Value@_SpinCount@details@Concurrency@@SAIXZ

?_Yield@_Context@details@Concurrency@@SAXXZ

?cancel@agent@Concurrency@@QEAA_NXZ

?current@location@Concurrency@@SA?AV12@XZ

?done@agent@Concurrency@@IEAA_NXZ

?from_numa_node@location@Concurrency@@SA?AV12@G@Z

?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ

?is_current_task_group_canceling@Concurrency@@YA_NXZ

?lock@critical_section@Concurrency@@QEAAXXZ

?lock@reader_writer_lock@Concurrency@@QEAAXXZ

?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ

?native_handle@critical_section@Concurrency@@QEAAAEAV12@XZ

?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ

?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ

?reset@event@Concurrency@@QEAAXXZ

?set@event@Concurrency@@QEAAXXZ

?set_task_execution_resources@Concurrency@@YAXGPEAU_GROUP_AFFINITY@@@Z

?set_task_execution_resources@Concurrency@@YAX_K@Z

?start@agent@Concurrency@@QEAA_NXZ

?status@agent@Concurrency@@QEAA?AW4agent_status@2@XZ

?status_port@agent@Concurrency@@QEAAPEAV?$ISource@W4agent_status@Concurrency@@@2@XZ

?try_lock@critical_section@Concurrency@@QEAA_NXZ

?try_lock@reader_writer_lock@Concurrency@@QEAA_NXZ

?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z

?try_lock_read@reader_writer_lock@Concurrency@@QEAA_NXZ

?unlock@critical_section@Concurrency@@QEAAXXZ

?unlock@reader_writer_lock@Concurrency@@QEAAXXZ

?wait@Concurrency@@YAXI@Z

?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z

?wait@agent@Concurrency@@SA?AW4agent_status@2@PEAV12@I@Z

?wait@event@Concurrency@@QEAA_KI@Z

?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z

?wait_for_all@agent@Concurrency@@SAX_KPEAPEAV12@PEAW4agent_status@2@I@Z

?wait_for_multiple@event@Concurrency@@SA_KPEAPEAV12@_K_NI@Z

?wait_for_one@agent@Concurrency@@SAX_KPEAPEAV12@AEAW4agent_status@2@AEA_KI@Z

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

msvcp140.dll

.dll windows:6 windows x64 arch:x64

adf99b9ea3a1f76c33522f96772bc4dd

Code Sign

33:00:00:00:fa:fe:5e:7b:76:00:e8:42:86:00:00:00:00:00:fa
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

75:d1:f0:68:a9:c9:8f:3a:b7:32:1c:05:a3:70:8f:85:cd:58:65:f2:91:b3:a3:25:ba:0c:76:56:eb:c0:70:9c
Signer

Actual PE Digest

75:d1:f0:68:a9:c9:8f:3a:b7:32:1c:05:a3:70:8f:85:cd:58:65:f2:91:b3:a3:25:ba:0c:76:56:eb:c0:70:9c

Digest Algorithm

sha256

PE Digest Matches

true

1d:56:91:ca:bc:94:cb:08:f4:e6:76:01:08:ee:50:34:61:d5:be:f3
Signer

Actual PE Digest

1d:56:91:ca:bc:94:cb:08:f4:e6:76:01:08:ee:50:34:61:d5:be:f3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__C_specific_handler

__uncaught_exceptions

__uncaught_exception

memmove

__std_terminate

_purecall

__CxxFrameHandler3

_CxxThrowException

__AdjustPointer

__processing_throw

__current_exception

__std_exception_destroy

__std_exception_copy

memset

memcmp

memchr

__std_type_info_destroy_list

memcpy

api-ms-win-crt-heap-l1-1-0

malloc

calloc

free

realloc

_callnewh

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func

___lc_collate_cp_func

localeconv

___lc_codepage_func

___lc_locale_name_func

__pctype_func

_unlock_locales

_lock_locales

setlocale

api-ms-win-crt-string-l1-1-0

wcsnlen

tolower

isalnum

__strncnt

isspace

wcscpy_s

isdigit

islower

isxdigit

_wcsdup

isupper

strcspn

iswctype

api-ms-win-crt-runtime-l1-1-0

_beginthreadex

_set_new_handler

_initterm_e

terminate

_crt_atexit

_execute_onexit_table

_invalid_parameter_noinfo_noreturn

_seh_filter_dll

_endthreadex

_errno

_initterm

_configure_narrow_argv

_initialize_narrow_environment

_initialize_onexit_table

_register_onexit_function

abort

_cexit

api-ms-win-crt-stdio-l1-1-0

fputc

ungetc

setvbuf

fwrite

_fseeki64

fsetpos

fread

fgetpos

fgetc

fflush

fclose

_get_stream_buffer_pointers

ungetwc

_wfsopen

_fsopen

fseek

fputwc

fgetwc

__acrt_iob_func

__stdio_common_vsprintf_s

fputs

api-ms-win-crt-math-l1-1-0

ldexp

log

powf

pow

logf

frexp

api-ms-win-crt-convert-l1-1-0

btowc

strtod

strtof

api-ms-win-crt-filesystem-l1-1-0

_wrmdir

_wrename

_wremove

_wchdir

_unlock_file

_lock_file

api-ms-win-crt-time-l1-1-0

_Getdays

_Getmonths

_Gettnames

_W_Getmonths

_W_Gettnames

_W_Getdays

_Strftime

_Wcsftime

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

IsProcessorFeaturePresent

DuplicateHandle

WaitForSingleObjectEx

Sleep

GetCurrentProcess

SwitchToThread

GetCurrentThread

GetCurrentThreadId

GetExitCodeThread

GetNativeSystemInfo

QueryPerformanceCounter

QueryPerformanceFrequency

GetStringTypeW

MultiByteToWideChar

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

WideCharToMultiByte

LoadLibraryExA

FreeLibrary

VirtualQuery

VirtualProtect

GetSystemInfo

InitializeSListHead

GetCurrentProcessId

IsDebuggerPresent

TerminateProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetProcAddress

GetModuleHandleW

GetTickCount

GetSystemTimeAsFileTime

CreateEventW

InitializeCriticalSectionAndSpinCount

SetLastError

GetModuleHandleExW

QueueUserWorkItem

CloseHandle

RtlCaptureStackBackTrace

TryEnterCriticalSection

FormatMessageW

CreateHardLinkW

CopyFileW

GetLastError

AreFileApisANSI

GetTempPathW

SetFileTime

SetFilePointerEx

SetFileAttributesW

SetEndOfFile

GetFileInformationByHandle

GetFileAttributesExW

GetDiskFreeSpaceExW

FindNextFileW

FindFirstFileExW

FindClose

CreateFileW

CreateDirectoryW

GetLocaleInfoW

LCMapStringW

CompareStringW

GetCPInfo

RaiseException

DecodePointer

EncodePointer

RtlPcToFileHeader

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

??0?$_Yarn@D@std@@QEAA@AEBV01@@Z

??0?$_Yarn@D@std@@QEAA@PEBD@Z

??0?$_Yarn@D@std@@QEAA@XZ

??0?$_Yarn@G@std@@QEAA@AEBV01@@Z

??0?$_Yarn@G@std@@QEAA@PEBG@Z

??0?$_Yarn@G@std@@QEAA@XZ

??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z

??0?$_Yarn@_W@std@@QEAA@PEB_W@Z

??0?$_Yarn@_W@std@@QEAA@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ

??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@D@std@@QEAA@PEBF_N_K@Z

??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@G@std@@QEAA@_K@Z

??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$ctype@_W@std@@QEAA@_K@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

??0Init@ios_base@std@@QEAA@XZ

??0_Facet_base@std@@QEAA@AEBV01@@Z

??0_Facet_base@std@@QEAA@XZ

??0_Init_locks@std@@QEAA@XZ

??0_Locimp@locale@std@@AEAA@AEBV012@@Z

??0_Locimp@locale@std@@AEAA@_N@Z

??0_Locinfo@std@@QEAA@HPEBD@Z

??0_Locinfo@std@@QEAA@PEBD@Z

??0_Lockit@std@@QEAA@H@Z

??0_Lockit@std@@QEAA@XZ

??0_Timevec@std@@QEAA@AEBV01@@Z

??0_Timevec@std@@QEAA@PEAX@Z

??0_UShinit@std@@QEAA@XZ

??0_Winit@std@@QEAA@XZ

??0codecvt_base@std@@QEAA@_K@Z

??0ctype_base@std@@QEAA@_K@Z

??0facet@locale@std@@IEAA@_K@Z

??0id@locale@std@@QEAA@_K@Z

??0ios_base@std@@IEAA@XZ

??0task_continuation_context@Concurrency@@AEAA@XZ

??0time_base@std@@QEAA@_K@Z

??1?$_Yarn@D@std@@QEAA@XZ

??1?$_Yarn@G@std@@QEAA@XZ

??1?$_Yarn@_W@std@@QEAA@XZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ

??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

??1?$ctype@D@std@@MEAA@XZ

??1?$ctype@G@std@@MEAA@XZ

??1?$ctype@_W@std@@MEAA@XZ

??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

??1Init@ios_base@std@@QEAA@XZ

??1_Facet_base@std@@UEAA@XZ

??1_Init_locks@std@@QEAA@XZ

??1_Locimp@locale@std@@MEAA@XZ

??1_Locinfo@std@@QEAA@XZ

??1_Lockit@std@@QEAA@XZ

??1_Timevec@std@@QEAA@XZ

??1_UShinit@std@@QEAA@XZ

??1_Winit@std@@QEAA@XZ

??1codecvt_base@std@@UEAA@XZ

??1ctype_base@std@@UEAA@XZ

??1facet@locale@std@@MEAA@XZ

??1ios_base@std@@UEAA@XZ

??1time_base@std@@UEAA@XZ

??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z

??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z

??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z

??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z

??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z

??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z

??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z

??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z

??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z

??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z

??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z

??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z

??4_Winit@std@@QEAAAEAV01@AEBV01@@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z

??7ios_base@std@@QEBA_NXZ

??Bid@locale@std@@QEAA_KXZ

??Bios_base@std@@QEBA_NXZ

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

??_7?$ctype@D@std@@6B@

??_7?$ctype@G@std@@6B@

??_7?$ctype@_W@std@@6B@

??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7_Facet_base@std@@6B@

??_7_Locimp@locale@std@@6B@

??_7codecvt_base@std@@6B@

??_7ctype_base@std@@6B@

??_7facet@locale@std@@6B@

??_7ios_base@std@@6B@

??_7time_base@std@@6B@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ

??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ

??_F?$ctype@D@std@@QEAAXXZ

??_F?$ctype@G@std@@QEAAXXZ

??_F?$ctype@_W@std@@QEAAXXZ

??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

??_F_Locinfo@std@@QEAAXXZ

??_F_Timevec@std@@QEAAXXZ

??_Fcodecvt_base@std@@QEAAXXZ

??_Fctype_base@std@@QEAAXXZ

??_Ffacet@locale@std@@QEAAXXZ

??_Fid@locale@std@@QEAAXXZ

??_Ftime_base@std@@QEAAXXZ

?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ

?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z

?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z

?_Addstd@ios_base@std@@SAXPEAV12@@Z

?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z

?_Atexit@@YAXP6AXXZ@Z

?_BADOFF@std@@3_JB

?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ

?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ

?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ

?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z

?_Callfns@ios_base@std@@AEAAXW4event@12@@Z

?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ

?_Clocptr@_Locimp@locale@std@@0PEAV123@EA

?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

?_Donarrow@?$ctype@G@std@@IEBADGD@Z

?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z

?_Dowiden@?$ctype@G@std@@IEBAGD@Z

?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z

?_Empty@?$_Yarn@D@std@@QEBA_NXZ

?_Empty@?$_Yarn@G@std@@QEBA_NXZ

?_Empty@?$_Yarn@_W@std@@QEBA_NXZ

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z

?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z

?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z

?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z

?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z

?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z

?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z

?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ

?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ

?_Getdateorder@_Locinfo@std@@QEBAHXZ

?_Getdays@_Locinfo@std@@QEBAPEBDXZ

?_Getfalse@_Locinfo@std@@QEBAPEBDXZ

?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z

?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z

?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z

?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z

?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z

?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z

?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ

?_Getmonths@_Locinfo@std@@QEBAPEBDXZ

?_Getname@_Locinfo@std@@QEBAPEBDXZ

?_Getptr@_Timevec@std@@QEBAPEAXXZ

?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ

?_Gettrue@_Locinfo@std@@QEBAPEBDXZ

?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ

?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

?_Id_cnt@id@locale@std@@0HA

?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

?_Incref@facet@locale@std@@UEAAXXZ

?_Index@ios_base@std@@0HA

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

msvcp140_1.dll

.dll windows:6 windows x64 arch:x64

1c5fbe0b22e55c37d4d82cd54085dd74

Code Sign

33:00:00:00:fb:1b:61:8d:d4:5f:96:36:01:00:00:00:00:00:fb
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:B1B7-F67F-FEC2,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

d8:bc:32:ca:8a:6f:77:5a:f6:07:0b:36:ee:1f:14:87:be:2d:ee:08:2d:39:30:a0:be:7e:b5:ca:c2:1d:af:38
Signer

Actual PE Digest

d8:bc:32:ca:8a:6f:77:5a:f6:07:0b:36:ee:1f:14:87:be:2d:ee:08:2d:39:30:a0:be:7e:b5:ca:c2:1d:af:38

Digest Algorithm

sha256

PE Digest Matches

true

2e:af:ec:7f:56:25:e0:d3:24:0f:2c:a4:19:70:9d:cb:fc:74:76:dc
Signer

Actual PE Digest

2e:af:ec:7f:56:25:e0:d3:24:0f:2c:a4:19:70:9d:cb:fc:74:76:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\\msvcp140_1.amd64.pdb

Imports

msvcp140

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z

?_Xbad_alloc@std@@YAXXZ

vcruntime140

memset

__C_specific_handler

__std_exception_copy

_CxxThrowException

__std_exception_destroy

__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm_e

_initterm

terminate

_seh_filter_dll

_cexit

_execute_onexit_table

_initialize_onexit_table

_initialize_narrow_environment

_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free

_aligned_free

_callnewh

malloc

_aligned_malloc

kernel32

RtlVirtualUnwind

GetCurrentProcessId

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

QueryPerformanceCounter

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

GetCurrentThreadId

Exports

_Aligned_get_default_resource

_Aligned_new_delete_resource

_Aligned_set_default_resource

_Unaligned_get_default_resource

_Unaligned_new_delete_resource

_Unaligned_set_default_resource

null_memory_resource

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

msvcp140_2.dll

.dll windows:6 windows x64 arch:x64

5d93a2574eb8877a42caab89867eae50

Code Sign

33:00:00:00:f8:97:e7:60:fb:03:a3:90:c1:00:00:00:00:00:f8
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

05:99:68:54:ec:11:80:7e:26:9b:06:1c:ed:1a:de:39:51:2d:fa:e2:b4:73:5c:f1:27:85:f4:32:d3:65:ff:d1
Signer

Actual PE Digest

05:99:68:54:ec:11:80:7e:26:9b:06:1c:ed:1a:de:39:51:2d:fa:e2:b4:73:5c:f1:27:85:f4:32:d3:65:ff:d1

Digest Algorithm

sha256

PE Digest Matches

true

e5:cd:18:c3:11:fd:a7:8a:c4:f1:9a:09:cf:2d:af:03:13:b1:3c:ad
Signer

Actual PE Digest

e5:cd:18:c3:11:fd:a7:8a:c4:f1:9a:09:cf:2d:af:03:13:b1:3c:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\\msvcp140_2.amd64.pdb

Imports

msvcp140

?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

?clear@ios_base@std@@QEAAXH_N@Z

?getloc@ios_base@std@@QEBA?AVlocale@2@XZ

??1ios_base@std@@UEAA@XZ

?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z

?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z

?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

?_Incref@facet@locale@std@@UEAAXXZ

?id@?$ctype@D@std@@2V0locale@2@A

?id@?$numpunct@D@std@@2V0locale@2@A

?widen@?$ctype@D@std@@QEBADD@Z

?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

??1facet@locale@std@@MEAA@XZ

??0facet@locale@std@@IEAA@_K@Z

??Bid@locale@std@@QEAA_KXZ

?_Gettrue@_Locinfo@std@@QEBAPEBDXZ

?_Getfalse@_Locinfo@std@@QEBAPEBDXZ

?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ

??1_Locinfo@std@@QEAA@XZ

??0_Locinfo@std@@QEAA@PEBD@Z

?_Xout_of_range@std@@YAXPEBD@Z

?_Xlength_error@std@@YAXPEBD@Z

?_Xbad_alloc@std@@YAXXZ

?uncaught_exception@std@@YA_NXZ

??1_Lockit@std@@QEAA@XZ

?_Init@ios_base@std@@IEAAXXZ

??0_Lockit@std@@QEAA@H@Z

vcruntime140

_CxxThrowException

__CxxFrameHandler3

memchr

memcmp

memcpy

memmove

__std_terminate

__std_exception_destroy

memset

__C_specific_handler

__std_type_info_destroy_list

__std_exception_copy

_purecall

api-ms-win-crt-runtime-l1-1-0

_errno

_invalid_parameter_noinfo_noreturn

_cexit

_crt_atexit

_execute_onexit_table

_register_onexit_function

_initialize_onexit_table

_initialize_narrow_environment

_configure_narrow_argv

_initterm_e

_initterm

_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

calloc

free

malloc

_callnewh

api-ms-win-crt-math-l1-1-0

sqrtf

tan

pow

log

_dtest

_fdtest

sqrt

expm1

frexp

ldexp

log1p

sinh

atan

ceil

cos

fmod

floor

sin

cosh

exp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

strcspn

api-ms-win-crt-locale-l1-1-0

localeconv

kernel32

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

IsProcessorFeaturePresent

QueryPerformanceCounter

GetCurrentProcessId

GetCurrentThreadId

GetSystemTimeAsFileTime

DisableThreadLibraryCalls

InitializeSListHead

IsDebuggerPresent

Exports

__std_smf_assoc_laguerre

__std_smf_assoc_laguerref

__std_smf_assoc_legendre

__std_smf_assoc_legendref

__std_smf_beta

__std_smf_betaf

__std_smf_comp_ellint_1

__std_smf_comp_ellint_1f

__std_smf_comp_ellint_2

__std_smf_comp_ellint_2f

__std_smf_comp_ellint_3

__std_smf_comp_ellint_3f

__std_smf_cyl_bessel_i

__std_smf_cyl_bessel_if

__std_smf_cyl_bessel_j

__std_smf_cyl_bessel_jf

__std_smf_cyl_bessel_k

__std_smf_cyl_bessel_kf

__std_smf_cyl_neumann

__std_smf_cyl_neumannf

__std_smf_ellint_1

__std_smf_ellint_1f

__std_smf_ellint_2

__std_smf_ellint_2f

__std_smf_ellint_3

__std_smf_ellint_3f

__std_smf_expint

__std_smf_expintf

__std_smf_hermite

__std_smf_hermitef

__std_smf_hypot3

__std_smf_hypot3f

__std_smf_laguerre

__std_smf_laguerref

__std_smf_legendre

__std_smf_legendref

__std_smf_riemann_zeta

__std_smf_riemann_zetaf

__std_smf_sph_bessel

__std_smf_sph_besself

__std_smf_sph_legendre

__std_smf_sph_legendref

__std_smf_sph_neumann

__std_smf_sph_neumannf

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

ucrtbase.dll

.dll windows:10 windows x64 arch:x64

57abd1fde351971a01e912069e11b44c

Code Sign

33:00:00:00:c8:47:22:9d:a3:0d:ca:c0:58:00:00:00:00:00:c8
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:4f:e7:c6:62:c9:46:f4:a9:7f:00:00:00:00:01:4f
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

17/11/2016, 21:59

Not After

17/02/2018, 21:59

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

90:d9:f3:3b:f5:0f:52:e6:71:01:20:a5:66:4e:00:26:e2:70:a6:ba:af:0f:ee:50:cf:f7:34:75:64:b8:f1:c8
Signer

Actual PE Digest

90:d9:f3:3b:f5:0f:52:e6:71:01:20:a5:66:4e:00:26:e2:70:a6:ba:af:0f:ee:50:cf:f7:34:75:64:b8:f1:c8

Digest Algorithm

sha256

PE Digest Matches

true

ad:da:c7:90:42:2a:c7:e0:2b:0a:e7:e2:c6:33:19:31:79:60:f1:4f
Signer

Actual PE Digest

ad:da:c7:90:42:2a:c7:e0:2b:0a:e7:e2:c6:33:19:31:79:60:f1:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

ucrtbase.pdb

Imports

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

MultiByteToWideChar

CompareStringW

GetStringTypeW

api-ms-win-core-errorhandling-l1-1-0

SetLastError

SetUnhandledExceptionFilter

SetErrorMode

RaiseException

GetLastError

UnhandledExceptionFilter

api-ms-win-core-file-l1-1-0

GetFileAttributesExW

GetDriveTypeW

GetFileType

GetLogicalDrives

FindClose

LockFileEx

GetFileInformationByHandle

GetFullPathNameW

SetFileAttributesW

FindNextFileW

CreateFileW

UnlockFileEx

FindFirstFileExW

DeleteFileW

RemoveDirectoryW

WriteFile

GetFullPathNameA

SetFileTime

CreateDirectoryW

GetDiskFreeSpaceW

FlushFileBuffers

FindFirstFileExA

SetFilePointerEx

SetEndOfFile

FindNextFileA

ReadFile

api-ms-win-core-timezone-l1-1-0

SystemTimeToTzSpecificLocalTime

SystemTimeToFileTime

FileTimeToSystemTime

TzSpecificLocalTimeToSystemTime

GetTimeZoneInformation

api-ms-win-core-namedpipe-l1-1-0

CreatePipe

PeekNamedPipe

api-ms-win-core-handle-l1-1-0

DuplicateHandle

CloseHandle

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-heap-l1-1-0

HeapWalk

HeapCompact

HeapSize

HeapAlloc

HeapValidate

HeapQueryInformation

HeapFree

GetProcessHeap

HeapReAlloc

api-ms-win-core-libraryloader-l1-1-0

FreeLibraryAndExitThread

FreeLibrary

GetModuleHandleExW

GetModuleFileNameW

GetModuleHandleW

GetProcAddress

LoadLibraryExA

LoadLibraryExW

GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection

EnterCriticalSection

WaitForSingleObject

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

api-ms-win-core-processthreads-l1-1-0

TlsFree

TerminateProcess

GetCurrentThreadId

CreateProcessW

CreateProcessA

GetCurrentThread

GetStartupInfoW

TlsGetValue

TlsSetValue

GetCurrentProcessId

GetCurrentProcess

GetExitCodeProcess

TlsAlloc

CreateThread

ExitThread

ResumeThread

ExitProcess

api-ms-win-core-processenvironment-l1-1-0

SetCurrentDirectoryA

GetCurrentDirectoryA

GetCommandLineA

GetCommandLineW

GetCurrentDirectoryW

SetCurrentDirectoryW

SetEnvironmentVariableW

GetEnvironmentStringsW

GetStdHandle

FreeEnvironmentStringsW

SetStdHandle

SetEnvironmentVariableA

api-ms-win-core-localization-l1-2-0

GetACP

GetLocaleInfoW

IsValidCodePage

GetOEMCP

LCMapStringW

EnumSystemLocalesW

GetUserDefaultLCID

GetCPInfo

IsValidLocale

api-ms-win-core-datetime-l1-1-0

GetDateFormatW

GetTimeFormatW

api-ms-win-core-sysinfo-l1-1-0

SetLocalTime

GetSystemInfo

GetLocalTime

GetTickCount

GetSystemTimeAsFileTime

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-console-l1-1-0

ReadConsoleInputA

SetConsoleCtrlHandler

SetConsoleMode

GetConsoleMode

PeekConsoleInputA

GetNumberOfConsoleInputEvents

ReadConsoleInputW

WriteConsoleW

GetConsoleCP

ReadConsoleW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

OutputDebugStringW

OutputDebugStringA

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry

RtlVirtualUnwind

RtlPcToFileHeader

RtlUnwindEx

RtlCaptureContext

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency

QueryPerformanceCounter

api-ms-win-core-memory-l1-1-0

VirtualAlloc

VirtualQuery

VirtualProtect

api-ms-win-core-util-l1-1-0

EncodePointer

Beep

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList

InterlockedPushEntrySList

Exports

_Cbuild

_Cmulcc

_Cmulcr

_CreateFrameInfo

_CxxThrowException

_Exit

_FCbuild

_FCmulcc

_FCmulcr

_FindAndUnlinkFrame

_GetImageBase

_GetThrowImageBase

_Getdays

_Getmonths

_Gettnames

_IsExceptionObjectToBeDestroyed

_LCbuild

_LCmulcc

_LCmulcr

_SetImageBase

_SetThrowImageBase

_SetWinRTOutOfMemoryExceptionCallback

_Strftime

_W_Getdays

_W_Getmonths

_W_Gettnames

_Wcsftime

__AdjustPointer

__BuildCatchObject

__BuildCatchObjectHelper

__C_specific_handler

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxFrameHandler2

__CxxFrameHandler3

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__FrameUnwindFilter

__GetPlatformExceptionInfo

__NLG_Dispatch2

__NLG_Return2

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__TypeMatch

___lc_codepage_func

___lc_collate_cp_func

___lc_locale_name_func

___mb_cur_max_func

___mb_cur_max_l_func

__acrt_iob_func

__conio_common_vcprintf

__conio_common_vcprintf_p

__conio_common_vcprintf_s

__conio_common_vcscanf

__conio_common_vcwprintf

__conio_common_vcwprintf_p

__conio_common_vcwprintf_s

__conio_common_vcwscanf

__current_exception

__current_exception_context

__daylight

__dcrt_get_wide_environment_from_os

__dcrt_initial_narrow_environment

__doserrno

__dstbias

__fpe_flt_rounds

__fpecode

__initialize_lconv_for_unsigned_char

__intrinsic_setjmp

__intrinsic_setjmpex

__isascii

__iscsym

__iscsymf

__iswcsym

__iswcsymf

__p___argc

__p___argv

__p___wargv

__p__acmdln

__p__commode

__p__environ

__p__fmode

__p__mbcasemap

__p__mbctype

__p__pgmptr

__p__wcmdln

__p__wenviron

__p__wpgmptr

__pctype_func

__processing_throw

__pwctype_func

__pxcptinfoptrs

__report_gsfailure

__setusermatherr

__std_exception_copy

__std_exception_destroy

__std_terminate

__std_type_info_compare

__std_type_info_destroy_list

__std_type_info_hash

__std_type_info_name

__stdio_common_vfprintf

__stdio_common_vfprintf_p

__stdio_common_vfprintf_s

__stdio_common_vfscanf

__stdio_common_vfwprintf

__stdio_common_vfwprintf_p

__stdio_common_vfwprintf_s

__stdio_common_vfwscanf

__stdio_common_vsnprintf_s

__stdio_common_vsnwprintf_s

__stdio_common_vsprintf

__stdio_common_vsprintf_p

__stdio_common_vsprintf_s

__stdio_common_vsscanf

__stdio_common_vswprintf

__stdio_common_vswprintf_p

__stdio_common_vswprintf_s

__stdio_common_vswscanf

__strncnt

__sys_errlist

__sys_nerr

__threadhandle

__threadid

__timezone

__toascii

__tzname

__unDName

__unDNameEx

__uncaught_exception

__uncaught_exceptions

__wcserror

__wcserror_s

__wcsncnt

_abs64

_access

_access_s

_aligned_free

_aligned_malloc

_aligned_msize

_aligned_offset_malloc

_aligned_offset_realloc

_aligned_offset_recalloc

_aligned_realloc

_aligned_recalloc

_assert

_atodbl

_atodbl_l

_atof_l

_atoflt

_atoflt_l

_atoi64

_atoi64_l

_atoi_l

_atol_l

_atoldbl

_atoldbl_l

_atoll_l

_beep

_beginthread

_beginthreadex

_byteswap_uint64

_byteswap_ulong

_byteswap_ushort

_c_exit

_cabs

_callnewh

_calloc_base

_cexit

_cgets

_cgets_s

_cgetws

_cgetws_s

_chdir

_chdrive

_chgsign

_chgsignf

_chmod

_chsize

_chsize_s

_clearfp

_close

_commit

_configthreadlocale

_configure_narrow_argv

_configure_wide_argv

_control87

_controlfp

_controlfp_s

_copysign

_copysignf

_cputs

_cputws

_creat

_create_locale

_crt_at_quick_exit

_crt_atexit

_ctime32

_ctime32_s

_ctime64

_ctime64_s

_cwait

_d_int

_dclass

_dexp

_difftime32

_difftime64

_dlog

_dnorm

_dpcomp

_dpoly

_dscale

_dsign

_dsin

_dtest

_dunscale

_dup

_dup2

_dupenv_s

_ecvt

_ecvt_s

_endthread

_endthreadex

_eof

_errno

_except1

_execl

_execle

_execlp

_execlpe

_execute_onexit_table

_execv

_execve

_execvp

_execvpe

_exit

_expand

_fclose_nolock

_fcloseall

_fcvt

_fcvt_s

_fd_int

_fdclass

_fdexp

_fdlog

_fdnorm

_fdopen

_fdpcomp

_fdpoly

_fdscale

_fdsign

_fdsin

_fdtest

_fdunscale

_fflush_nolock

_fgetc_nolock

_fgetchar

_fgetwc_nolock

_fgetwchar

_filelength

_filelengthi64

_fileno

_findclose

_findfirst32

_findfirst32i64

_findfirst64

_findfirst64i32

_findnext32

_findnext32i64

_findnext64

_findnext64i32

_finite

_finitef

_flushall

_fpclass

_fpclassf

_fpieee_flt

_fpreset

_fputc_nolock

_fputchar

_fputwc_nolock

_fputwchar

_fread_nolock

_fread_nolock_s

_free_base

_free_locale

_fseek_nolock

_fseeki64

_fseeki64_nolock

_fsopen

_fstat32

_fstat32i64

_fstat64

_fstat64i32

_ftell_nolock

_ftelli64

_ftelli64_nolock

_ftime32

_ftime32_s

_ftime64

_ftime64_s

_fullpath

_futime32

_futime64

_fwrite_nolock

_gcvt

_gcvt_s

_get_FMA3_enable

_get_current_locale

_get_daylight

_get_doserrno

_get_dstbias

_get_errno

_get_fmode

_get_heap_handle

_get_initial_narrow_environment

_get_initial_wide_environment

_get_invalid_parameter_handler

_get_narrow_winmain_command_line

_get_osfhandle

_get_pgmptr

_get_printf_count_output

_get_purecall_handler

_get_stream_buffer_pointers

_get_terminate

_get_thread_local_invalid_parameter_handler

_get_timezone

_get_tzname

_get_unexpected

_get_wide_winmain_command_line

_get_wpgmptr

_getc_nolock

_getch

_getch_nolock

_getche

_getche_nolock

_getcwd

_getdcwd

_getdiskfree

_getdllprocaddr

_getdrive

_getdrives

_getmaxstdio

_getmbcp

_getpid

_getsystime

_getw

_getwc_nolock

_getwch

_getwch_nolock

_getwche

_getwche_nolock

_getws

_getws_s

_gmtime32

_gmtime32_s

_gmtime64

_gmtime64_s

_heapchk

_heapmin

_heapwalk

_hypot

_hypotf

_i64toa

_i64toa_s

_i64tow

_i64tow_s

_initialize_narrow_environment

_initialize_onexit_table

_initialize_wide_environment

_initterm

_initterm_e

_invalid_parameter_noinfo

_invalid_parameter_noinfo_noreturn

_invoke_watson

_is_exception_typeof

_isalnum_l

_isalpha_l

_isatty

_isblank_l

_iscntrl_l

_isctype

_isctype_l

_isdigit_l

_isgraph_l

_isleadbyte_l

_islower_l

_ismbbalnum

_ismbbalnum_l

_ismbbalpha

_ismbbalpha_l

_ismbbblank

_ismbbblank_l

_ismbbgraph

_ismbbgraph_l

_ismbbkalnum

_ismbbkalnum_l

_ismbbkana

_ismbbkana_l

_ismbbkprint

_ismbbkprint_l

_ismbbkpunct

_ismbbkpunct_l

_ismbblead

_ismbblead_l

_ismbbprint

_ismbbprint_l

_ismbbpunct

_ismbbpunct_l

_ismbbtrail

_ismbbtrail_l

_ismbcalnum

_ismbcalnum_l

_ismbcalpha

_ismbcalpha_l

_ismbcblank

_ismbcblank_l

_ismbcdigit

_ismbcdigit_l

_ismbcgraph

_ismbcgraph_l

_ismbchira

_ismbchira_l

_ismbckata

_ismbckata_l

_ismbcl0

_ismbcl0_l

_ismbcl1

_ismbcl1_l

_ismbcl2

_ismbcl2_l

_ismbclegal

_ismbclegal_l

_ismbclower

_ismbclower_l

_ismbcprint

_ismbcprint_l

_ismbcpunct

_ismbcpunct_l

_ismbcspace

_ismbcspace_l

_ismbcsymbol

_ismbcsymbol_l

_ismbcupper

_ismbcupper_l

_ismbslead

_ismbslead_l

_ismbstrail

_ismbstrail_l

_isnan

_isnanf

_isprint_l

_ispunct_l

_isspace_l

_isupper_l

_iswalnum_l

_iswalpha_l

_iswblank_l

_iswcntrl_l

_iswcsym_l

_iswcsymf_l

_iswctype_l

_iswdigit_l

_iswgraph_l

_iswlower_l

_iswprint_l

_iswpunct_l

_iswspace_l

_iswupper_l

_iswxdigit_l

_isxdigit_l

_itoa

_itoa_s

_itow

_itow_s

_j0

_j1

_jn

_kbhit

_ld_int

_ldclass

_ldexp

_ldlog

_ldpcomp

_ldpoly

_ldscale

_ldsign

_ldsin

_ldtest

_ldunscale

_lfind

_lfind_s

_loaddll

_local_unwind

_localtime32

_localtime32_s

Sections

.text
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

vccorlib140.dll

.dll windows:6 windows x64 arch:x64

22d5f5a59536f7b488c92896a4d858ec

Code Sign

33:00:00:00:fd:c7:f0:c9:6a:69:a1:c8:4c:00:00:00:00:00:fd
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:5847-F761-4F70,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

4d:9e:04:38:19:b0:49:7b:4e:62:e9:27:39:1d:94:0e:63:a9:c6:d1:45:47:a2:6a:5f:c3:46:f4:ef:94:db:e8
Signer

Actual PE Digest

4d:9e:04:38:19:b0:49:7b:4e:62:e9:27:39:1d:94:0e:63:a9:c6:d1:45:47:a2:6a:5f:c3:46:f4:ef:94:db:e8

Digest Algorithm

sha256

PE Digest Matches

true

12:1a:a8:70:b7:9b:4e:8f:17:f8:12:5c:72:dc:79:9e:30:b7:e9:01
Signer

Actual PE Digest

12:1a:a8:70:b7:9b:4e:8f:17:f8:12:5c:72:dc:79:9e:30:b7:e9:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\vccorlib140.amd64.pdb

Imports

kernel32

RaiseException

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

ReleaseSRWLockShared

AcquireSRWLockShared

FormatMessageW

GetProcAddress

LoadLibraryExW

HeapFree

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionEx

GetLastError

OutputDebugStringW

HeapAlloc

DeleteCriticalSection

GetProcessHeap

CreateEventExW

WaitForMultipleObjectsEx

SetEvent

CloseHandle

DecodePointer

InitializeSRWLock

TryAcquireSRWLockShared

GetCurrentProcessId

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

GetCurrentThreadId

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

IsProcessorFeaturePresent

IsDebuggerPresent

InitializeSListHead

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

QueryPerformanceCounter

vcruntime140

__std_exception_destroy

__std_exception_copy

__C_specific_handler

memset

__std_terminate

_purecall

__CxxFrameHandler3

_CxxThrowException

__std_type_info_destroy_list

__GetPlatformExceptionInfo

memcpy

_SetWinRTOutOfMemoryExceptionCallback

memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf

__acrt_iob_func

__stdio_common_vswprintf_s

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function

_execute_onexit_table

_initterm_e

_invalid_parameter_noinfo_noreturn

_cexit

_invoke_watson

__p___wargv

__p___argc

_configure_wide_argv

_initialize_onexit_table

terminate

_seh_filter_dll

_configure_narrow_argv

_crt_atexit

_initialize_narrow_environment

_initterm

api-ms-win-crt-heap-l1-1-0

_callnewh

_aligned_offset_malloc

_aligned_free

malloc

free

api-ms-win-crt-string-l1-1-0

wcscpy_s

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

ole32

CoGetApartmentType

CoReleaseServerProcess

CoAddRefServerProcess

CoGetContextToken

CoGetInterfaceAndReleaseStream

CoGetObjectContext

CoTaskMemFree

CoTaskMemAlloc

CoCreateFreeThreadedMarshaler

CoMarshalInterThreadInterfaceInStream

oleaut32

SysFreeString

SysAllocStringLen

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen

WindowsDeleteString

WindowsIsStringEmpty

WindowsCompareStringOrdinal

WindowsCreateString

WindowsGetStringRawBuffer

WindowsCreateStringReference

WindowsDuplicateString

WindowsStringHasEmbeddedNull

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo

RoOriginateError

RoTransformError

SetRestrictedErrorInfo

api-ms-win-core-winrt-l1-1-0

RoUninitialize

RoRegisterActivationFactories

RoInitialize

RoUnregisterForApartmentShutdown

RoGetActivationFactory

RoRegisterForApartmentShutdown

RoGetApartmentIdentifier

RoRevokeActivationFactories

Exports

?<Dispose>@Exception@Platform@@UE$AAAXXZ

?<Dispose>@String@Platform@@UE$AAAXXZ

?<Dispose>@Type@Platform@@UE$AAAXXZ

??0AccessDeniedException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0AccessDeniedException@Platform@@QE$AAA@XZ

??0Attribute@Metadata@Platform@@QE$AAA@XZ

??0Boolean@Platform@@QEAA@_N@Z

??0COMException@Platform@@QE$AAA@H@Z

??0COMException@Platform@@QE$AAA@HPE$AAVString@1@@Z

??0ChangedStateException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0ChangedStateException@Platform@@QE$AAA@XZ

??0ClassNotRegisteredException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0ClassNotRegisteredException@Platform@@QE$AAA@XZ

??0Delegate@Platform@@QE$AAA@XZ

??0DisconnectedException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0DisconnectedException@Platform@@QE$AAA@XZ

??0Enum@Platform@@QE$AAA@XZ

??0Exception@Platform@@QE$AAA@H@Z

??0Exception@Platform@@QE$AAA@HPE$AAVString@1@@Z

??0FailureException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0FailureException@Platform@@QE$AAA@XZ

??0GridLength@Xaml@UI@Windows@@QEAA@NW4GridUnitType@123@@Z

??0IntPtr@Platform@@QEAA@H@Z

??0IntPtr@Platform@@QEAA@PEAX@Z

??0InvalidArgumentException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0InvalidArgumentException@Platform@@QE$AAA@XZ

??0InvalidCastException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0InvalidCastException@Platform@@QE$AAA@XZ

??0MTAThreadAttribute@Platform@@QE$AAA@XZ

??0NotImplementedException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0NotImplementedException@Platform@@QE$AAA@XZ

??0NullReferenceException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0NullReferenceException@Platform@@QE$AAA@XZ

??0Object@Platform@@QE$AAA@XZ

??0ObjectDisposedException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0ObjectDisposedException@Platform@@QE$AAA@XZ

??0OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAA@XZ

??0OperationCanceledException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0OperationCanceledException@Platform@@QE$AAA@XZ

??0OutOfBoundsException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0OutOfBoundsException@Platform@@QE$AAA@XZ

??0OutOfMemoryException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0OutOfMemoryException@Platform@@QE$AAA@XZ

??0Rect@Foundation@Windows@@QEAA@VPoint@12@0@Z

??0Rect@Foundation@Windows@@QEAA@VPoint@12@VSize@12@@Z

??0RepeatBehavior@Animation@Media@Xaml@UI@Windows@@QEAA@N@Z

??0STAThreadAttribute@Platform@@QE$AAA@XZ

??0SizeT@Platform@@QEAA@H@Z

??0SizeT@Platform@@QEAA@PEAX@Z

??0Type@Platform@@QE$AAA@PE$AAVObject@1@@Z

??0Type@Platform@@QE$AAA@VIntPtr@1@@Z

??0Type@Platform@@QE$AAA@VTypeName@Interop@Xaml@UI@Windows@@@Z

??0ValueType@Platform@@QE$AAA@XZ

??0WrongThreadException@Platform@@QE$AAA@PE$AAVString@1@@Z

??0WrongThreadException@Platform@@QE$AAA@XZ

??0char16@default@@QEAA@_W@Z

??0float32@default@@QEAA@M@Z

??0float64@default@@QEAA@N@Z

??0int16@default@@QEAA@F@Z

??0int32@default@@QEAA@H@Z

??0int64@default@@QEAA@_J@Z

??0int8@default@@QEAA@C@Z

??0uint16@default@@QEAA@G@Z

??0uint32@default@@QEAA@I@Z

??0uint64@default@@QEAA@_K@Z

??0uint8@default@@QEAA@E@Z

??BIntPtr@Platform@@SA?AV01@H@Z

??BIntPtr@Platform@@SA?AV01@PEAX@Z

??BIntPtr@Platform@@SAPEAXV01@@Z

??BType@Platform@@SA?AVTypeName@Interop@Xaml@UI@Windows@@PE$AAV01@@Z

??BType@Platform@@SAPE$AAV01@VTypeName@Interop@Xaml@UI@Windows@@@Z

??DMatrix3D@Media3D@Media@Xaml@UI@Windows@@SA?AV012345@V012345@0@Z

??GDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z

??HDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z

??MDuration@Xaml@UI@Windows@@SA_NV0123@0@Z

??NDuration@Xaml@UI@Windows@@SA_NV0123@0@Z

??ODuration@Xaml@UI@Windows@@SA_NV0123@0@Z

??PDuration@Xaml@UI@Windows@@SA_NV0123@0@Z

?AlignedAllocate@Heap@Details@Platform@@SAPEAX_K00@Z

?AlignedAllocate@Heap@Details@Platform@@SAPEAX_K0@Z

?AlignedAllocateException@Heap@Details@Platform@@SAPEAX_K00@Z

?AlignedAllocateException@Heap@Details@Platform@@SAPEAX_K0@Z

?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z

?AlignedFreeException@Heap@Details@Platform@@SAXPEAX@Z

?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z

?Allocate@Heap@Details@Platform@@SAPEAX_K@Z

?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z

?AllocateException@Heap@Details@Platform@@SAPEAX_K@Z

?Compare@Duration@Xaml@UI@Windows@@SAHV1234@0@Z

?Contains@Rect@Foundation@Windows@@QEAA_NVPoint@23@@Z

?CreateException@Exception@Platform@@SAPE$AAV12@H@Z

?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z

?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z

?EnableFactoryCache@@YAXXZ

?EnumerateAllocatedObjects@Heap@Details@Platform@@SAXPE$AAVHeapEntryHandler@23@@Z

?Equals@Attribute@Metadata@Platform@@QE$AAA_NPE$AAVObject@3@@Z

?Equals@Boolean@Platform@@QEAA_NPE$AAVObject@2@@Z

?Equals@Delegate@Platform@@QE$AAA_NPE$AAVObject@2@@Z

?Equals@Enum@Platform@@QE$AAA_NPE$AAVObject@2@@Z

?Equals@Exception@Platform@@UE$AAA_NPE$AAVObject@2@@Z

?Equals@MTAThreadAttribute@Platform@@QE$AAA_NPE$AAVObject@2@@Z

?Equals@Object@Platform@@QE$AAA_NPE$AAV12@@Z

?Equals@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAA_NPE$AAVObject@4@@Z

?Equals@STAThreadAttribute@Platform@@QE$AAA_NPE$AAVObject@2@@Z

?Equals@Type@Platform@@UE$AAA_NPE$AAVObject@2@@Z

?Equals@ValueType@Platform@@QE$AAA_NPE$AAVObject@2@@Z

?Equals@char16@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@float32@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@float64@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@int16@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@int32@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@int64@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@int8@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@uint16@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@uint32@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@uint64@default@@QEAA_NPE$AAVObject@Platform@@@Z

?Equals@uint8@default@@QEAA_NPE$AAVObject@Platform@@@Z

?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z

?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z

?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z

?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z

?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z

?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z

?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z

?FlushFactoryCache@@YAXXZ

?Free@Heap@Details@Platform@@SAXPEAX@Z

?FreeException@Heap@Details@Platform@@SAXPEAX@Z

?GetActivationFactory@Details@Platform@@YAJPEAVModuleBase@1WRL@Microsoft@@PEAUHSTRING__@@PEAPEAUIActivationFactory@@@Z

?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z

?GetCmdArguments@Details@Platform@@YAPEAPEA_WPEAH@Z

?GetHashCode@Attribute@Metadata@Platform@@QE$AAAHXZ

?GetHashCode@Boolean@Platform@@QEAAHXZ

?GetHashCode@Delegate@Platform@@QE$AAAHXZ

?GetHashCode@Enum@Platform@@QE$AAAHXZ

?GetHashCode@Exception@Platform@@UE$AAAHXZ

?GetHashCode@Guid@Platform@@QEAAHXZ

?GetHashCode@MTAThreadAttribute@Platform@@QE$AAAHXZ

?GetHashCode@Object@Platform@@QE$AAAHXZ

?GetHashCode@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAAHXZ

?GetHashCode@STAThreadAttribute@Platform@@QE$AAAHXZ

?GetHashCode@Type@Platform@@UE$AAAHXZ

?GetHashCode@ValueType@Platform@@QE$AAAHXZ

?GetHashCode@char16@default@@QEAAHXZ

?GetHashCode@float32@default@@QEAAHXZ

?GetHashCode@float64@default@@QEAAHXZ

?GetHashCode@int16@default@@QEAAHXZ

?GetHashCode@int32@default@@QEAAHXZ

?GetHashCode@int64@default@@QEAAHXZ

?GetHashCode@int8@default@@QEAAHXZ

?GetHashCode@uint16@default@@QEAAHXZ

?GetHashCode@uint32@default@@QEAAHXZ

?GetHashCode@uint64@default@@QEAAHXZ

?GetHashCode@uint8@default@@QEAAHXZ

?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z

?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z

?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z

?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ

?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z

?GetType@Boolean@Platform@@QEAAPE$AAVType@2@XZ

?GetType@Guid@Platform@@QEAAPE$AAVType@2@XZ

?GetType@Object@Platform@@QE$AAAPE$AAVType@2@XZ

?GetType@char16@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@float32@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@float64@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@int16@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@int32@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@int64@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@int8@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@uint16@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@uint32@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@uint64@default@@QEAAPE$AAVType@Platform@@XZ

?GetType@uint8@default@@QEAAPE$AAVType@Platform@@XZ

?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z

?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z

?InitControlBlock@ControlBlock@Details@Platform@@AEAAXPEAX_N11@Z

?InitializeData@Details@Platform@@YAJH@Z

?Intersect@Rect@Foundation@Windows@@QEAAXV123@@Z

?IntersectsWith@Rect@Foundation@Windows@@QEAA_NV123@@Z

?Invert@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QEAAXXZ

?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z

?ReferenceEquals@Object@Platform@@SA_NPE$AAV12@0@Z

?ReferenceEquals@Object@Platform@@SA_NPE$AAVString@2@0@Z

?RegisterFactories@Details@Platform@@YAPE$AAVObject@2@PEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@P6AXXZ@Z

?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z

?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ

?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z

?RunApplicationServer@Details@Platform@@YAXPEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@PEB_W@Z

?RunServer@Details@Platform@@YAXPEAPEAVModuleBase@1WRL@Microsoft@@PEAPEAU__abi_Module@@PEB_W@Z

?TerminateModule@Details@Platform@@YA_NPEAVModuleBase@1WRL@Microsoft@@@Z

?ToInt32@IntPtr@Platform@@QEAAHXZ

?ToString@Attribute@Metadata@Platform@@QE$AAAPE$AAVString@3@XZ

?ToString@Boolean@Platform@@QEAAPE$AAVString@2@XZ

?ToString@Delegate@Platform@@QE$AAAPE$AAVString@2@XZ

?ToString@Enum@Platform@@QE$AAAPE$AAVString@2@XZ

?ToString@Exception@Platform@@UE$AAAPE$AAVString@2@XZ

?ToString@Guid@Platform@@QEAAPE$AAVString@2@XZ

?ToString@MTAThreadAttribute@Platform@@QE$AAAPE$AAVString@2@XZ

?ToString@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@QE$AAAPE$AAVString@4@XZ

?ToString@STAThreadAttribute@Platform@@QE$AAAPE$AAVString@2@XZ

?ToString@Type@Platform@@UE$AAAPE$AAVString@2@XZ

?ToString@ValueType@Platform@@QE$AAAPE$AAVString@2@XZ

?ToString@char16@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@float32@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@float64@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@int16@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@int32@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@int64@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@int8@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@uint16@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@uint32@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@uint64@default@@QEAAPE$AAVString@Platform@@XZ

?ToString@uint8@default@@QEAAPE$AAVString@Platform@@XZ

?UninitializeData@Details@Platform@@YAXH@Z

?Union@Rect@Foundation@Windows@@QEAAXV123@@Z

?Union@Rect@Foundation@Windows@@QEAAXVPoint@23@@Z

?WriteLine@Console@Details@Platform@@SAXPE$AAVObject@3@@Z

?WriteLine@Console@Details@Platform@@SAXPE$AAVString@3@@Z

?WriteLine@Console@Details@Platform@@SAXXZ

?__abi_FailFast@@YAXXZ

?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z

?__abi_Resolve@ControlBlock@Details@Platform@@UEAAJAEAVGuid@3@PEAPEAU__abi_IInspectable@@@Z

?__abi_WinRTraiseAccessDeniedException@@YAXXZ

?__abi_WinRTraiseCOMException@@YAXJ@Z

?__abi_WinRTraiseChangedStateException@@YAXXZ

?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ

?__abi_WinRTraiseDisconnectedException@@YAXXZ

?__abi_WinRTraiseFailureException@@YAXXZ

?__abi_WinRTraiseInvalidArgumentException@@YAXXZ

?__abi_WinRTraiseInvalidCastException@@YAXXZ

?__abi_WinRTraiseNotImplementedException@@YAXXZ

?__abi_WinRTraiseNullReferenceException@@YAXXZ

?__abi_WinRTraiseObjectDisposedException@@YAXXZ

?__abi_WinRTraiseOperationCanceledException@@YAXXZ

?__abi_WinRTraiseOutOfBoundsException@@YAXXZ

?__abi_WinRTraiseOutOfMemoryException@@YAXXZ

?__abi_WinRTraiseWrongThreadException@@YAXXZ

?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z

?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z

?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z

?__abi_translateCurrentException@@YAJ_N@Z

?__getActivationFactoryByHSTRING@@YAJPEAUHSTRING__@@AEAVGuid@Platform@@PEAPEAX@Z

?get@Bottom@Rect@Foundation@Windows@@QEAAMXZ

?get@BreakOnAllocationId@Heap@Details@Platform@@SAHXZ

?get@BreakOnFreeId@Heap@Details@Platform@@SAHXZ

?get@CurrentAllocationId@Heap@Details@Platform@@SAHXZ

?get@Empty@Rect@Foundation@Windows@@SA?AV234@XZ

?get@Empty@Size@Foundation@Windows@@SA?AV234@XZ

?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ

?get@HasInverse@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QEAA_NXZ

?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ

?get@ObjectCount@Heap@Details@Platform@@SAHXZ

?get@Right@Rect@Foundation@Windows@@QEAAMXZ

?get@TrackingLevel@Heap@Details@Platform@@SA?AW4HeapAllocationTrackingLevel@34@XZ

?set@BreakOnAllocationId@Heap@Details@Platform@@SAXH@Z

?set@BreakOnFreeId@Heap@Details@Platform@@SAXH@Z

?set@TrackingLevel@Heap@Details@Platform@@SAXW4HeapAllocationTrackingLevel@34@@Z

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

vcruntime140.dll

.dll windows:6 windows x64 arch:x64

2cb5da5225e972a08f32d04b8085dc7e

Code Sign

33:00:00:00:fc:a0:e2:4f:d0:dc:19:5a:3a:00:00:00:00:00:fc
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:728D-C45F-F9EB,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

31:88:b0:6c:7e:d2:15:11:e7:3c:97:3d:2d:dd:84:ac:df:d0:e7:43:df:ba:d3:d5:52:d4:af:65:15:5f:47:e7
Signer

Actual PE Digest

31:88:b0:6c:7e:d2:15:11:e7:3c:97:3d:2d:dd:84:ac:df:d0:e7:43:df:ba:d3:d5:52:d4:af:65:15:5f:47:e7

Digest Algorithm

sha256

PE Digest Matches

true

99:e2:68:a3:53:32:b1:eb:68:bc:1e:d5:72:55:74:ad:95:59:c7:1b
Signer

Actual PE Digest

99:e2:68:a3:53:32:b1:eb:68:bc:1e:d5:72:55:74:ad:95:59:c7:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

abort

terminate

api-ms-win-crt-heap-l1-1-0

calloc

malloc

free

api-ms-win-crt-string-l1-1-0

strcpy_s

wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError

IsProcessorFeaturePresent

TerminateProcess

GetCurrentProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlCaptureContext

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

RtlLookupFunctionEntry

GetModuleHandleW

GetModuleFileNameW

RtlUnwindEx

RtlUnwind

EncodePointer

RaiseException

RtlPcToFileHeader

InterlockedPushEntrySList

InterlockedFlushSList

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

GetProcAddress

SetLastError

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

FreeLibrary

LoadLibraryExW

Exports

_CreateFrameInfo

_CxxThrowException

_FindAndUnlinkFrame

_IsExceptionObjectToBeDestroyed

_SetWinRTOutOfMemoryExceptionCallback

__AdjustPointer

__BuildCatchObject

__BuildCatchObjectHelper

__C_specific_handler

__C_specific_handler_noexcept

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxFrameHandler2

__CxxFrameHandler3

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__FrameUnwindFilter

__GetPlatformExceptionInfo

__NLG_Dispatch2

__NLG_Return2

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__TypeMatch

__current_exception

__current_exception_context

__intrinsic_setjmp

__intrinsic_setjmpex

__processing_throw

__report_gsfailure

__std_exception_copy

__std_exception_destroy

__std_terminate

__std_type_info_compare

__std_type_info_destroy_list

__std_type_info_hash

__std_type_info_name

__telemetry_main_invoke_trigger

__telemetry_main_return_trigger

__unDName

__unDNameEx

__uncaught_exception

__uncaught_exceptions

__vcrt_GetModuleFileNameW

__vcrt_GetModuleHandleW

__vcrt_InitializeCriticalSectionEx

__vcrt_LoadLibraryExW

_get_purecall_handler

_get_unexpected

_is_exception_typeof

_local_unwind

_purecall

_set_purecall_handler

_set_se_translator

longjmp

memchr

memcmp

memcpy

memmove

memset

set_unexpected

strchr

strrchr

strstr

unexpected

wcschr

wcsrchr

wcsstr

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

54:2a:ed:fd:25:c8:8b:ef:5b:f3:db:da:9b:8c:b2:79:89:07:1d:ec:29:9c:3a:2e:75:43:80:d4:62:7c:da:87Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 452KB

.ndata Size: - Virtual size: 564KB

.rsrc Size: 364KB - Virtual size: 364KB

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

87:13:19:50:39:ed:20:24:6e:3d:17:a7:d0:e0:ca:4f:af:a9:23:51:af:ec:93:f2:bf:b2:81:92:8c:ed:19:cfSigner

c2:78:ec:62:c2:95:a6:65:b2:6f:29:f4:9c:35:55:a9:47:e7:01:7dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

54:2a:ed:fd:25:c8:8b:ef:5b:f3:db:da:9b:8c:b2:79:89:07:1d:ec:29:9c:3a:2e:75:43:80:d4:62:7c:da:87
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 452KB

.ndata
Size: - Virtual size: 564KB

.rsrc
Size: 364KB - Virtual size: 364KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:d3:35:cb:e6:40:e5:c7:fe:ca:77:60:39:01:e5:56
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

87:13:19:50:39:ed:20:24:6e:3d:17:a7:d0:e0:ca:4f:af:a9:23:51:af:ec:93:f2:bf:b2:81:92:8c:ed:19:cf
Signer

c2:78:ec:62:c2:95:a6:65:b2:6f:29:f4:9c:35:55:a9:47:e7:01:7d
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 996KB

.rsrc
Size: 368KB - Virtual size: 367KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 268B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 274B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 972B

.data
Size: 512B - Virtual size: 844B

.CRT
Size: 512B - Virtual size: 4B