bazarloader | zen[.]win-specific[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

zen.win-specific.zip
Size

94.7MB
MD5

a9afb97d7b2380c20ed78b126a63688a
SHA1

528383dd994d2c8f32f0718c054a85394c5ff687
SHA256

3db2c1f543f255d87c37c3faa0dc3c4e20e0e939a20c58db4efad1bab9b55e9a
SHA512

f9fbcab4df9d9254f59ef8fc148369e4a66242f92acd4941ab7aab5db5183b4dc213fce05dab4f736c9e149232c0fb1dec56dd264b1f1739e1934af3c3f1ff00
SSDEEP

1572864:mWtIJ7vnXtdMGUpsGRNGQN1x0ZzJaJdPB661R+7cqP/Z+yi9+/k3OIkZ:mWu1XtGGUpLNN1IlqE6T6nZLiY/k3qZ

Score

10^/10

bazarloader

Malware Config

Signatures

Bazar/Team9 Loader payload 1 IoCs

resource	yara_rule
static1/unpack001/zen.win-specific\zen\xul.dll	BazarLoaderVar5

Bazarloader family
bazarloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/PinToTaskbar.dll

Files

zen.win-specific.zip
.zip
zen.win-specific\zen\AccessibleMarshal.dll
.dll regsvr32 windows:10 windows x64 arch:x64

c0caa654a8ff511450dc30146e927410

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

91:2d:d0:73:e3:3f:38:fa:cf:fc:e0:6e:1c:9e:59:36:b3:f8:57:34:c5:c3:2b:d0:14:90:1b:23:98:4e:9f:05
Signer

Actual PE Digest

91:2d:d0:73:e3:3f:38:fa:cf:fc:e0:6e:1c:9e:59:36:b3:f8:57:34:c5:c3:2b:d0:14:90:1b:23:98:4e:9f:05

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleAllocate
NdrOleFree

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\application.ini
zen.win-specific\zen\browser\VisualElements\PrivateBrowsing_150.png
.png
zen.win-specific\zen\browser\VisualElements\PrivateBrowsing_70.png
.png
zen.win-specific\zen\browser\VisualElements\VisualElements_150.png
.png
zen.win-specific\zen\browser\VisualElements\VisualElements_70.png
.png
zen.win-specific\zen\browser\features\[email protected]
.js
zen.win-specific\zen\browser\features\[email protected]
.zip .js polyglot
zen.win-specific\zen\browser\features\[email protected]
.zip .js polyglot
zen.win-specific\zen\browser\features\[email protected]
.zip .js polyglot
zen.win-specific\zen\browser\features\[email protected]
.js
zen.win-specific\zen\browser\omni.ja
zen.win-specific\zen\defaults\pref\channel-prefs.js
zen.win-specific\zen\dependentlibs.list
zen.win-specific\zen\firefox.VisualElementsManifest.xml
zen.win-specific\zen\fonts\TwemojiMozilla.ttf
zen.win-specific\zen\freebl3.dll
.dll windows:10 windows x64 arch:x64

a2535afe3971a088ec9e65d2f3a58099

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:35:1e:ff:61:ae:bf:8c:fe:d4:59:c2:db:20:41:25:c4:ba:93:cb:fe:e0:c3:f8:bc:bd:bc:58:83:7f:bc:04
Signer

Actual PE Digest

2c:35:1e:ff:61:ae:bf:8c:fe:d4:59:c2:db:20:41:25:c4:ba:93:cb:fe:e0:c3:f8:bc:bd:bc:58:83:7f:bc:04

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

nss3

NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SecureSelect
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_SetError_Util
PORT_ZAllocAlignedOffset_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
PR_CallOnce
PR_DestroyCondVar
PR_DestroyLock
PR_GetEnvSecure
PR_Lock
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Unlock
PR_WaitCondVar
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_FreeItem_Util
SECITEM_ZfreeItem_Util
SECOID_FindOIDTag_Util

advapi32

SystemFunction036

kernel32

DisableThreadLibraryCalls
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetLogicalDrives
GetSystemTimeAsFileTime
GetTickCount
GetVolumeInformationA
GlobalMemoryStatus
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcmp
memcpy
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
abort
exit

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-string-l1-1-0

strlen

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 695KB - Virtual size: 694KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\gkcodecs.dll
.dll windows:10 windows x64 arch:x64

5a51063a046bbfdf4186e63cd6768c32

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:4d:cd:fd:b8:4d:e7:c2:18:5e:04:cd:30:b3:bb:d0:8c:8f:2c:ef:71:bb:36:54:05:e3:a0:e6:1c:ab:9f:e2
Signer

Actual PE Digest

7e:4d:cd:fd:b8:4d:e7:c2:18:5e:04:cd:30:b3:bb:d0:8c:8f:2c:ef:71:bb:36:54:05:e3:a0:e6:1c:ab:9f:e2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

calloc
free
malloc
realloc

kernel32

CloseHandle
CreateSemaphoreA
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetNativeSystemInfo
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableCS
TerminateProcess
TryEnterCriticalSection
UnhandledExceptionFilter
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable

vcruntime140

__C_specific_handler
__intrinsic_setjmp
__std_type_info_destroy_list
longjmp
memchr
memcmp
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vsprintf
fclose
feof
fopen
fputc
fread
fseek
fwrite

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_set_abort_behavior
abort
exit

api-ms-win-crt-math-l1-1-0

atan
cos
exp
exp2
expf
ldexp
log
log10
log1p
log1pf
log2
logf
lrint
pow
sin
sqrt
sqrtf
tanh

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-string-l1-1-0

strcat
strcmp
strcpy
strlen
strncmp

api-ms-win-crt-convert-l1-1-0

strtol
strtoul

Exports

Exports

aom_codec_av1_cx
aom_codec_av1_dx
aom_codec_build_config
aom_codec_control
aom_codec_dec_init_ver
aom_codec_decode
aom_codec_destroy
aom_codec_enc_config_default
aom_codec_enc_init_ver
aom_codec_encode
aom_codec_err_to_string
aom_codec_error
aom_codec_error_detail
aom_codec_get_caps
aom_codec_get_cx_data
aom_codec_get_frame
aom_codec_peek_stream_info
aom_codec_set_option
aom_codec_version
aom_codec_version_str
aom_img_free
aom_img_plane_height
aom_img_plane_width
aom_img_wrap
av1_apply_encoding_flags
av1_change_config
av1_convert_sect5obus_to_annexb
av1_copy_new_frame_enc
av1_copy_reference_enc
av1_create_compressor
av1_get_active_map
av1_get_compressed_data
av1_get_global_headers
av1_get_last_show_frame
av1_get_preview_raw_frame
av1_get_quantizer
av1_initialize_enc
av1_qindex_to_quantizer
av1_quantizer_to_qindex
av1_receive_raw_frame
av1_remove_compressor
av1_set_active_map
av1_set_internal_size
av1_set_reference_enc
av1_use_as_reference
ogg_calloc_func
ogg_free_func
ogg_malloc_func
ogg_page_bos
ogg_page_granulepos
ogg_page_serialno
ogg_realloc_func
ogg_set_mem_functions
ogg_stream_check
ogg_stream_clear
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_sync_buffer
ogg_sync_clear
ogg_sync_init
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
opus_decode
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_get_version_string
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_encode
opus_multistream_encode_float
opus_multistream_encoder_create
opus_multistream_encoder_ctl
opus_multistream_encoder_destroy
opus_multistream_surround_encoder_create
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_samples_per_frame
opus_packet_parse
opus_strerror
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_dsp_clear
vorbis_encode_ctl
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_restart
vpx_codec_build_config
vpx_codec_control_
vpx_codec_dec_init_ver
vpx_codec_decode
vpx_codec_destroy
vpx_codec_enc_config_default
vpx_codec_enc_config_set
vpx_codec_enc_init_multi_ver
vpx_codec_enc_init_ver
vpx_codec_encode
vpx_codec_err_to_string
vpx_codec_error
vpx_codec_error_detail
vpx_codec_get_caps
vpx_codec_get_cx_data
vpx_codec_get_frame
vpx_codec_set_frame_buffer_functions
vpx_codec_version
vpx_codec_version_str
vpx_codec_vp8_cx
vpx_codec_vp8_dx
vpx_codec_vp9_cx
vpx_codec_vp9_dx
vpx_img_alloc
vpx_img_free
vpx_img_wrap

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\gmp-clearkey\0.1\clearkey.dll
.dll windows:10 windows x64 arch:x64

9b98340b7b68c511a9f1a5ff234e15a8

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a2:49:de:3a:06:f2:2e:f8:0c:21:27:f4:e8:48:f0:7a:f6:80:d1:09:68:08:ba:98:b0:dc:bf:57:ad:41:4f:b5
Signer

Actual PE Digest

a2:49:de:3a:06:f2:2e:f8:0c:21:27:f4:e8:48:f0:7a:f6:80:d1:09:68:08:ba:98:b0:dc:bf:57:ad:41:4f:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

??2@YAPEAX_K@Z
??3@YAXPEAX@Z
??3@YAXPEAX_K@Z
??GTimeStampValue@mozilla@@QEBA_KAEBV01@@Z
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z
?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z
free
moz_xmalloc

nss3

NSS_NoDB_Init
PK11_CipherOp
PK11_CreateContextBySymKey
PK11_Decrypt
PK11_DestroyContext
PK11_FreeSlot
PK11_FreeSymKey
PK11_GetInternalKeySlot
PK11_ImportSymKey

msvcp140

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1ios_base@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??Bid@locale@std@@QEAA_KXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
?id@?$ctype@D@std@@2V0locale@2@A
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
_Thrd_hardware_concurrency

kernel32

AcquireSRWLockExclusive
CloseHandle
DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
ReadFile
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WakeAllConditionVariable

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
abort

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-string-l1-1-0

isalnum
isspace
strlen
strncmp
wcslen

Exports

Exports

CreateCdmInstance
InitializeCdmModule_4
VerifyCdmHost_0

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 12B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\gmp-clearkey\0.1\manifest.json
zen.win-specific\zen\ipcclientcerts.dll
.dll windows:10 windows x64 arch:x64

2baf987589a7f30ffb84acde997c813f

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:d9:23:90:3a:3d:cb:5a:61:91:37:4a:d2:4d:b1:15:26:cc:40:73:29:74:6e:43:48:20:f9:57:ca:a1:6e:f9
Signer

Actual PE Digest

60:d9:23:90:3a:3d:cb:5a:61:91:37:4a:d2:4d:b1:15:26:cc:40:73:29:74:6e:43:48:20:f9:57:ca:a1:6e:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

ntdll

NtWriteFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlVirtualUnwind

kernel32

CloseHandle
CreateMutexA
DisableThreadLibraryCalls
FormatMessageW
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObject
WaitForSingleObjectEx
WriteConsoleW
lstrlenW

vcruntime140

__C_specific_handler
__CxxFrameHandler3
__std_type_info_destroy_list
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strlen

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\lgpllibs.dll
.dll windows:10 windows x64 arch:x64

30edc8330dd98982d6b215902e324f38

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ba:11:4f:e4:f8:f5:f3:6f:7c:7f:b0:17:20:03:39:f6:15:14:f4:9a:db:74:f8:f2:1b:8c:98:e8:0e:c1:5f:cb
Signer

Actual PE Digest

ba:11:4f:e4:f8:f5:f3:6f:7c:7f:b0:17:20:03:39:f6:15:14:f4:9a:db:74:f8:f2:1b:8c:98:e8:0e:c1:5f:cb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

?mozalloc_handle_oom@@YAX_K@Z
MOZ_CrashPrintf
calloc
free
gMozCrashReason
malloc
moz_xmalloc

msvcp140

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_Cpp_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
_Cnd_broadcast
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Cnd_wait
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
_Mtx_unlock

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetNativeSystemInfo
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
QueryPerformanceFrequency
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
fwrite

api-ms-win-crt-math-l1-1-0

_dclass
_fdclass
sqrt

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_errno
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
abort

Exports

Exports

??0RLBoxSoundTouch@mozilla@@QEAA@XZ
??1RLBoxSoundTouch@mozilla@@QEAA@XZ
?Init@RLBoxSoundTouch@mozilla@@QEAA_NXZ
?flush@RLBoxSoundTouch@mozilla@@QEAAXXZ
?numChannels@RLBoxSoundTouch@mozilla@@QEAAIXZ
?numSamples@RLBoxSoundTouch@mozilla@@QEAA?AV?$tainted@IVrlbox_wasm2c_sandbox@rlbox@@@rlbox@@XZ
?numUnprocessedSamples@RLBoxSoundTouch@mozilla@@QEAA?AV?$tainted@IVrlbox_wasm2c_sandbox@rlbox@@@rlbox@@XZ
?putSamples@RLBoxSoundTouch@mozilla@@QEAAXPEBMI@Z
?receiveSamples@RLBoxSoundTouch@mozilla@@QEAAIPEAMI@Z
?resizeSampleBuffer@RLBoxSoundTouch@mozilla@@AEAAXI@Z
?setChannels@RLBoxSoundTouch@mozilla@@QEAAXI@Z
?setPitch@RLBoxSoundTouch@mozilla@@QEAAXN@Z
?setRate@RLBoxSoundTouch@mozilla@@QEAAXN@Z
?setSampleRate@RLBoxSoundTouch@mozilla@@QEAAXI@Z
?setSetting@RLBoxSoundTouch@mozilla@@QEAAXHH@Z
?setTempo@RLBoxSoundTouch@mozilla@@QEAAXN@Z

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\libEGL.dll
.dll windows:10 windows x64 arch:x64

8ffe10dac57f92c85190369d82287d93

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:75:fb:ae:5c:2d:e2:e0:9e:39:11:4c:74:5c:8e:c4:b5:da:12:ac:b8:df:bd:33:19:62:c2:7d:9d:f6:a6:6a
Signer

Actual PE Digest

4b:75:fb:ae:5c:2d:e2:e0:9e:39:11:4c:74:5c:8e:c4:b5:da:12:ac:b8:df:bd:33:19:62:c2:7d:9d:f6:a6:6a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

??3@YAXPEAX_K@Z
calloc
free
moz_xmalloc

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WideCharToMultiByte

msvcp140

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memchr
memcmp
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
fwrite

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll

api-ms-win-crt-math-l1-1-0

cosf
exp2f
logf
sinf
sqrtf

api-ms-win-crt-string-l1-1-0

strlen
wcslen

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCopyMetalSharedEventANGLE
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreateNativeClientBufferANDROID
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglExportVkImageANGLE
eglForceGPUSwitchANGLE
eglGetCompositorTimingANDROID
eglGetCompositorTimingSupportedANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetFrameTimestampSupportedANDROID
eglGetFrameTimestampsANDROID
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetNextFrameIdANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglHandleGPUSwitchANGLE
eglInitialize
eglLabelObjectKHR
eglLockSurfaceKHR
eglMakeCurrent
eglPostSubBufferNV
eglPrepareSwapBuffersANGLE
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryDmaBufFormatsEXT
eglQueryDmaBufModifiersEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurface64KHR
eglQuerySurfacePointerANGLE
eglReacquireHighPowerGPUANGLE
eglReleaseDeviceANGLE
eglReleaseHighPowerGPUANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglSetDamageRegionKHR
eglSignalSyncKHR
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapBuffersWithFrameTokenANGLE
eglSwapInterval
eglTerminate
eglUnlockSurfaceKHR
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\libGLESv2.dll
.dll windows:10 windows x64 arch:x64

b721b8d0cbe957870ab3b11b5756909b

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d5:62:cf:1b:16:25:9f:a2:18:5c:87:c6:fa:29:3f:4f:70:5f:24:ea:3b:b7:c1:88:4e:50:94:25:26:b7:9a:80
Signer

Actual PE Digest

d5:62:cf:1b:16:25:9f:a2:18:5c:87:c6:fa:29:3f:4f:70:5f:24:ea:3b:b7:c1:88:4e:50:94:25:26:b7:9a:80

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

??3@YAXPEAX_K@Z
calloc
free
malloc
moz_xmalloc
realloc

dxgi

CreateDXGIFactory1

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

kernel32

AcquireSRWLockExclusive
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
WakeAllConditionVariable
WideCharToMultiByte

user32

CreateWindowExW
DestroyWindow
GetClientRect
InvalidateRect
IsIconic
IsWindow
WindowFromDC

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1ios_base@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?classic@locale@std@@SAAEBV12@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?good@ios_base@std@@QEBA_NXZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
_Cnd_broadcast
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Cnd_register_at_thread_exit
_Cnd_timedwait
_Cnd_unregister_at_thread_exit
_Cnd_wait
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
_Mtx_unlock
_Query_perf_counter
_Query_perf_frequency
_Thrd_hardware_concurrency
_Xtime_get_ticks

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memchr
memcmp
memcpy
memmove
memset
strrchr
strstr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
fwrite

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_errno
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
abort
exit

api-ms-win-crt-math-l1-1-0

_fdsign
acosf
acoshf
asinf
asinhf
atan2f
atanf
atanhf
ceilf
cosf
coshf
exp2f
expf
floorf
ldexp
logf
modff
pow
powf
roundf
sinf
sinhf
sqrtf
tanf
tanhf
truncf

api-ms-win-crt-convert-l1-1-0

atoi
mbsrtowcs
strtoul
wcstombs

api-ms-win-crt-string-l1-1-0

strcmp
strlen
strncmp
tolower
wcslen

Exports

Exports

??0PlatformMethods@angle@@QEAA@XZ
??4PlatformMethods@angle@@QEAAAEAU01@$$QEAU01@@Z
??4PlatformMethods@angle@@QEAAAEAU01@AEBU01@@Z
ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
EGL_BindAPI
EGL_BindTexImage
EGL_ChooseConfig
EGL_ClientWaitSync
EGL_ClientWaitSyncKHR
EGL_CopyBuffers
EGL_CopyMetalSharedEventANGLE
EGL_CreateContext
EGL_CreateDeviceANGLE
EGL_CreateImage
EGL_CreateImageKHR
EGL_CreateNativeClientBufferANDROID
EGL_CreatePbufferFromClientBuffer
EGL_CreatePbufferSurface
EGL_CreatePixmapSurface
EGL_CreatePlatformPixmapSurface
EGL_CreatePlatformPixmapSurfaceEXT
EGL_CreatePlatformWindowSurface
EGL_CreatePlatformWindowSurfaceEXT
EGL_CreateStreamKHR
EGL_CreateStreamProducerD3DTextureANGLE
EGL_CreateSync
EGL_CreateSyncKHR
EGL_CreateWindowSurface
EGL_DebugMessageControlKHR
EGL_DestroyContext
EGL_DestroyImage
EGL_DestroyImageKHR
EGL_DestroyStreamKHR
EGL_DestroySurface
EGL_DestroySync
EGL_DestroySyncKHR
EGL_DupNativeFenceFDANDROID
EGL_ExportVkImageANGLE
EGL_ForceGPUSwitchANGLE
EGL_GetCompositorTimingANDROID
EGL_GetCompositorTimingSupportedANDROID
EGL_GetConfigAttrib
EGL_GetConfigs
EGL_GetCurrentContext
EGL_GetCurrentDisplay
EGL_GetCurrentSurface
EGL_GetDisplay
EGL_GetError
EGL_GetFrameTimestampSupportedANDROID
EGL_GetFrameTimestampsANDROID
EGL_GetMscRateANGLE
EGL_GetNativeClientBufferANDROID
EGL_GetNextFrameIdANDROID
EGL_GetPlatformDisplay
EGL_GetPlatformDisplayEXT
EGL_GetProcAddress
EGL_GetSyncAttrib
EGL_GetSyncAttribKHR
EGL_GetSyncValuesCHROMIUM
EGL_HandleGPUSwitchANGLE
EGL_Initialize
EGL_LabelObjectKHR
EGL_LockSurfaceKHR
EGL_MakeCurrent
EGL_PostSubBufferNV
EGL_PrepareSwapBuffersANGLE
EGL_PresentationTimeANDROID
EGL_ProgramCacheGetAttribANGLE
EGL_ProgramCachePopulateANGLE
EGL_ProgramCacheQueryANGLE
EGL_ProgramCacheResizeANGLE
EGL_QueryAPI
EGL_QueryContext
EGL_QueryDebugKHR
EGL_QueryDeviceAttribEXT
EGL_QueryDeviceStringEXT
EGL_QueryDisplayAttribANGLE
EGL_QueryDisplayAttribEXT
EGL_QueryDmaBufFormatsEXT
EGL_QueryDmaBufModifiersEXT
EGL_QueryStreamKHR
EGL_QueryStreamu64KHR
EGL_QueryString
EGL_QueryStringiANGLE
EGL_QuerySurface
EGL_QuerySurface64KHR
EGL_QuerySurfacePointerANGLE
EGL_ReacquireHighPowerGPUANGLE
EGL_ReleaseDeviceANGLE
EGL_ReleaseHighPowerGPUANGLE
EGL_ReleaseTexImage
EGL_ReleaseThread
EGL_SetBlobCacheFuncsANDROID
EGL_SetDamageRegionKHR
EGL_SignalSyncKHR
EGL_StreamAttribKHR
EGL_StreamConsumerAcquireKHR
EGL_StreamConsumerGLTextureExternalAttribsNV
EGL_StreamConsumerGLTextureExternalKHR
EGL_StreamConsumerReleaseKHR
EGL_StreamPostD3DTextureANGLE
EGL_SurfaceAttrib
EGL_SwapBuffers
EGL_SwapBuffersWithDamageKHR
EGL_SwapBuffersWithFrameTokenANGLE
EGL_SwapInterval
EGL_Terminate
EGL_UnlockSurfaceKHR
EGL_WaitClient
EGL_WaitGL
EGL_WaitNative
EGL_WaitSync
EGL_WaitSyncKHR
GL_AcquireTexturesANGLE
GL_ActiveShaderProgram
GL_ActiveShaderProgramEXT
GL_ActiveTexture
GL_AlphaFunc
GL_AlphaFuncx
GL_AttachShader
GL_BeginPerfMonitorAMD
GL_BeginPixelLocalStorageANGLE
GL_BeginQuery
GL_BeginQueryEXT
GL_BeginTransformFeedback
GL_BindAttribLocation
GL_BindBuffer
GL_BindBufferBase
GL_BindBufferRange
GL_BindFragDataLocationEXT
GL_BindFragDataLocationIndexedEXT
GL_BindFramebuffer
GL_BindFramebufferOES
GL_BindImageTexture
GL_BindProgramPipeline
GL_BindProgramPipelineEXT
GL_BindRenderbuffer
GL_BindRenderbufferOES
GL_BindSampler
GL_BindTexture
GL_BindTransformFeedback
GL_BindUniformLocationCHROMIUM
GL_BindVertexArray
GL_BindVertexArrayOES
GL_BindVertexBuffer
GL_BlendBarrier
GL_BlendBarrierKHR
GL_BlendColor
GL_BlendEquation
GL_BlendEquationSeparate
GL_BlendEquationSeparatei
GL_BlendEquationSeparateiEXT
GL_BlendEquationSeparateiOES
GL_BlendEquationi
GL_BlendEquationiEXT
GL_BlendEquationiOES
GL_BlendFunc
GL_BlendFuncSeparate
GL_BlendFuncSeparatei
GL_BlendFuncSeparateiEXT
GL_BlendFuncSeparateiOES
GL_BlendFunci
GL_BlendFunciEXT
GL_BlendFunciOES
GL_BlitFramebuffer
GL_BlitFramebufferANGLE
GL_BlitFramebufferNV
GL_BufferData
GL_BufferStorageEXT
GL_BufferStorageExternalEXT
GL_BufferStorageMemEXT
GL_BufferSubData
GL_CheckFramebufferStatus
GL_CheckFramebufferStatusOES
GL_Clear
GL_ClearBufferfi
GL_ClearBufferfv
GL_ClearBufferiv
GL_ClearBufferuiv
GL_ClearColor
GL_ClearColorx
GL_ClearDepthf
GL_ClearDepthx
GL_ClearStencil
GL_ClientActiveTexture
GL_ClientWaitSync
GL_ClipControlEXT
GL_ClipPlanef
GL_ClipPlanex
GL_Color4f
GL_Color4ub
GL_Color4x
GL_ColorMask
GL_ColorMaski
GL_ColorMaskiEXT
GL_ColorMaskiOES
GL_ColorPointer
GL_CompileShader
GL_CompressedCopyTextureCHROMIUM
GL_CompressedTexImage2D
GL_CompressedTexImage2DRobustANGLE
GL_CompressedTexImage3D
GL_CompressedTexImage3DOES
GL_CompressedTexImage3DRobustANGLE
GL_CompressedTexSubImage2D
GL_CompressedTexSubImage2DRobustANGLE
GL_CompressedTexSubImage3D
GL_CompressedTexSubImage3DOES
GL_CompressedTexSubImage3DRobustANGLE
GL_CopyBufferSubData
GL_CopyImageSubData
GL_CopyImageSubDataEXT
GL_CopyImageSubDataOES
GL_CopySubTexture3DANGLE
GL_CopySubTextureCHROMIUM
GL_CopyTexImage2D
GL_CopyTexSubImage2D
GL_CopyTexSubImage3D
GL_CopyTexSubImage3DOES
GL_CopyTexture3DANGLE
GL_CopyTextureCHROMIUM
GL_CoverageModulationCHROMIUM
GL_CreateMemoryObjectsEXT
GL_CreateProgram
GL_CreateShader
GL_CreateShaderProgramv
GL_CreateShaderProgramvEXT
GL_CullFace
GL_CurrentPaletteMatrixOES
GL_DebugMessageCallback
GL_DebugMessageCallbackKHR
GL_DebugMessageControl
GL_DebugMessageControlKHR
GL_DebugMessageInsert
GL_DebugMessageInsertKHR
GL_DeleteBuffers
GL_DeleteFencesNV
GL_DeleteFramebuffers
GL_DeleteFramebuffersOES
GL_DeleteMemoryObjectsEXT
GL_DeletePerfMonitorsAMD
GL_DeleteProgram
GL_DeleteProgramPipelines
GL_DeleteProgramPipelinesEXT
GL_DeleteQueries
GL_DeleteQueriesEXT
GL_DeleteRenderbuffers
GL_DeleteRenderbuffersOES
GL_DeleteSamplers
GL_DeleteSemaphoresEXT
GL_DeleteShader
GL_DeleteSync
GL_DeleteTextures
GL_DeleteTransformFeedbacks
GL_DeleteVertexArrays
GL_DeleteVertexArraysOES
GL_DepthFunc
GL_DepthMask
GL_DepthRangef
GL_DepthRangex
GL_DetachShader
GL_Disable
GL_DisableClientState
GL_DisableExtensionANGLE
GL_DisableVertexAttribArray
GL_Disablei
GL_DisableiEXT
GL_DisableiOES
GL_DiscardFramebufferEXT
GL_DispatchCompute
GL_DispatchComputeIndirect
GL_DrawArrays
GL_DrawArraysIndirect
GL_DrawArraysInstanced
GL_DrawArraysInstancedANGLE
GL_DrawArraysInstancedBaseInstanceANGLE
GL_DrawArraysInstancedBaseInstanceEXT
GL_DrawArraysInstancedEXT
GL_DrawBuffers
GL_DrawBuffersEXT
GL_DrawElements
GL_DrawElementsBaseVertex
GL_DrawElementsBaseVertexEXT
GL_DrawElementsBaseVertexOES
GL_DrawElementsIndirect
GL_DrawElementsInstanced
GL_DrawElementsInstancedANGLE
GL_DrawElementsInstancedBaseInstanceEXT
GL_DrawElementsInstancedBaseVertex
GL_DrawElementsInstancedBaseVertexBaseInstanceANGLE
GL_DrawElementsInstancedBaseVertexBaseInstanceEXT
GL_DrawElementsInstancedBaseVertexEXT
GL_DrawElementsInstancedBaseVertexOES
GL_DrawElementsInstancedEXT
GL_DrawRangeElements
GL_DrawRangeElementsBaseVertex
GL_DrawRangeElementsBaseVertexEXT
GL_DrawRangeElementsBaseVertexOES
GL_DrawTexfOES
GL_DrawTexfvOES
GL_DrawTexiOES
GL_DrawTexivOES
GL_DrawTexsOES
GL_DrawTexsvOES
GL_DrawTexxOES
GL_DrawTexxvOES
GL_EGLImageTargetRenderbufferStorageOES
GL_EGLImageTargetTexStorageEXT
GL_EGLImageTargetTexture2DOES
GL_EGLImageTargetTextureStorageEXT
GL_Enable
GL_EnableClientState
GL_EnableVertexAttribArray
GL_Enablei
GL_EnableiEXT
GL_EnableiOES
GL_EndPerfMonitorAMD
GL_EndPixelLocalStorageANGLE
GL_EndQuery
GL_EndQueryEXT
GL_EndTransformFeedback
GL_FenceSync
GL_Finish
GL_FinishFenceNV
GL_Flush
GL_FlushMappedBufferRange
GL_FlushMappedBufferRangeEXT
GL_Fogf
GL_Fogfv
GL_Fogx
GL_Fogxv
GL_FramebufferFetchBarrierEXT
GL_FramebufferMemorylessPixelLocalStorageANGLE
GL_FramebufferParameteri
GL_FramebufferParameteriMESA
GL_FramebufferRenderbuffer
GL_FramebufferRenderbufferOES
GL_FramebufferTexture
GL_FramebufferTexture2D
GL_FramebufferTexture2DMultisampleEXT
GL_FramebufferTexture2DOES
GL_FramebufferTexture3DOES
GL_FramebufferTextureEXT
GL_FramebufferTextureLayer
GL_FramebufferTextureMultiviewOVR
GL_FramebufferTextureOES
GL_FramebufferTexturePixelLocalStorageANGLE
GL_FrontFace
GL_Frustumf
GL_Frustumx
GL_GenBuffers
GL_GenFencesNV
GL_GenFramebuffers
GL_GenFramebuffersOES
GL_GenPerfMonitorsAMD
GL_GenProgramPipelines
GL_GenProgramPipelinesEXT
GL_GenQueries
GL_GenQueriesEXT
GL_GenRenderbuffers
GL_GenRenderbuffersOES
GL_GenSamplers
GL_GenSemaphoresEXT
GL_GenTextures
GL_GenTransformFeedbacks
GL_GenVertexArrays
GL_GenVertexArraysOES
GL_GenerateMipmap
GL_GenerateMipmapOES
GL_GetActiveAttrib
GL_GetActiveUniform
GL_GetActiveUniformBlockName
GL_GetActiveUniformBlockiv
GL_GetActiveUniformBlockivRobustANGLE
GL_GetActiveUniformsiv
GL_GetAttachedShaders
GL_GetAttribLocation
GL_GetBooleani_v
GL_GetBooleani_vRobustANGLE
GL_GetBooleanv
GL_GetBooleanvRobustANGLE
GL_GetBufferParameteri64v
GL_GetBufferParameteri64vRobustANGLE
GL_GetBufferParameteriv
GL_GetBufferParameterivRobustANGLE
GL_GetBufferPointerv
GL_GetBufferPointervOES
GL_GetBufferPointervRobustANGLE
GL_GetClipPlanef
GL_GetClipPlanex
GL_GetCompressedTexImageANGLE
GL_GetDebugMessageLog
GL_GetDebugMessageLogKHR
GL_GetError
GL_GetFenceivNV
GL_GetFixedv
GL_GetFloatv
GL_GetFloatvRobustANGLE
GL_GetFragDataIndexEXT
GL_GetFragDataLocation
GL_GetFramebufferAttachmentParameteriv
GL_GetFramebufferAttachmentParameterivOES
GL_GetFramebufferAttachmentParameterivRobustANGLE
GL_GetFramebufferParameteriv
GL_GetFramebufferParameterivMESA
GL_GetFramebufferParameterivRobustANGLE
GL_GetGraphicsResetStatus
GL_GetGraphicsResetStatusEXT
GL_GetInteger64i_v
GL_GetInteger64i_vRobustANGLE
GL_GetInteger64v
GL_GetInteger64vEXT
GL_GetInteger64vRobustANGLE
GL_GetIntegeri_v
GL_GetIntegeri_vRobustANGLE
GL_GetIntegerv
GL_GetIntegervRobustANGLE
GL_GetInternalformativ
GL_GetInternalformativRobustANGLE
GL_GetLightfv
GL_GetLightxv
GL_GetMaterialfv
GL_GetMaterialxv
GL_GetMemoryObjectParameterivEXT
GL_GetMultisamplefv
GL_GetMultisamplefvANGLE
GL_GetMultisamplefvRobustANGLE
GL_GetObjectLabel
GL_GetObjectLabelEXT
GL_GetObjectLabelKHR
GL_GetObjectPtrLabel
GL_GetObjectPtrLabelKHR
GL_GetPerfMonitorCounterDataAMD
GL_GetPerfMonitorCounterInfoAMD
GL_GetPerfMonitorCounterStringAMD
GL_GetPerfMonitorCountersAMD
GL_GetPerfMonitorGroupStringAMD
GL_GetPerfMonitorGroupsAMD
GL_GetPointerv
GL_GetPointervKHR
GL_GetPointervRobustANGLERobustANGLE
GL_GetProgramBinary
GL_GetProgramBinaryOES
GL_GetProgramInfoLog
GL_GetProgramInterfaceiv
GL_GetProgramInterfaceivRobustANGLE
GL_GetProgramPipelineInfoLog
GL_GetProgramPipelineInfoLogEXT
GL_GetProgramPipelineiv
GL_GetProgramPipelineivEXT
GL_GetProgramResourceIndex
GL_GetProgramResourceLocation
GL_GetProgramResourceLocationIndexEXT
GL_GetProgramResourceName
GL_GetProgramResourceiv
GL_GetProgramiv
GL_GetProgramivRobustANGLE
GL_GetQueryObjecti64vEXT
GL_GetQueryObjecti64vRobustANGLE
GL_GetQueryObjectivEXT
GL_GetQueryObjectivRobustANGLE
GL_GetQueryObjectui64vEXT
GL_GetQueryObjectui64vRobustANGLE
GL_GetQueryObjectuiv
GL_GetQueryObjectuivEXT
GL_GetQueryObjectuivRobustANGLE
GL_GetQueryiv
GL_GetQueryivEXT
GL_GetQueryivRobustANGLE
GL_GetRenderbufferImageANGLE
GL_GetRenderbufferParameteriv
GL_GetRenderbufferParameterivOES
GL_GetRenderbufferParameterivRobustANGLE
GL_GetSamplerParameterIiv
GL_GetSamplerParameterIivEXT
GL_GetSamplerParameterIivOES
GL_GetSamplerParameterIivRobustANGLE
GL_GetSamplerParameterIuiv
GL_GetSamplerParameterIuivEXT
GL_GetSamplerParameterIuivOES
GL_GetSamplerParameterIuivRobustANGLE
GL_GetSamplerParameterfv
GL_GetSamplerParameterfvRobustANGLE
GL_GetSamplerParameteriv
GL_GetSamplerParameterivRobustANGLE
GL_GetSemaphoreParameterui64vEXT
GL_GetShaderInfoLog
GL_GetShaderPrecisionFormat
GL_GetShaderSource
GL_GetShaderiv
GL_GetShaderivRobustANGLE
GL_GetString
GL_GetStringi
GL_GetSynciv
GL_GetTexEnvfv
GL_GetTexEnviv
GL_GetTexEnvxv
GL_GetTexGenfvOES
GL_GetTexGenivOES

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 851KB - Virtual size: 850KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\mozavcodec.dll
.dll windows:10 windows x64 arch:x64

c0d21cd7cd8f19c77c1dcb7487c279b3

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:82:4f:13:ed:52:41:b8:d0:94:55:08:12:6e:b5:ca:43:e3:03:09:bb:06:d8:0c:92:37:58:1e:41:aa:6b:b8
Signer

Actual PE Digest

1a:82:4f:13:ed:52:41:b8:d0:94:55:08:12:6e:b5:ca:43:e3:03:09:bb:06:d8:0c:92:37:58:1e:41:aa:6b:b8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

gkcodecs

aom_codec_av1_cx
aom_codec_build_config
aom_codec_control
aom_codec_destroy
aom_codec_enc_config_default
aom_codec_enc_init_ver
aom_codec_encode
aom_codec_err_to_string
aom_codec_error
aom_codec_error_detail
aom_codec_get_caps
aom_codec_get_cx_data
aom_codec_set_option
aom_codec_version
aom_codec_version_str
aom_img_wrap
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_encode
opus_multistream_encode_float
opus_multistream_encoder_create
opus_multistream_encoder_ctl
opus_multistream_encoder_destroy
opus_multistream_surround_encoder_create
opus_strerror
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_dsp_clear
vorbis_encode_ctl
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_info_clear
vorbis_info_init
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_pcmout
vorbis_synthesis_read
vpx_codec_build_config
vpx_codec_control_
vpx_codec_dec_init_ver
vpx_codec_decode
vpx_codec_destroy
vpx_codec_enc_config_default
vpx_codec_enc_config_set
vpx_codec_enc_init_ver
vpx_codec_encode
vpx_codec_err_to_string
vpx_codec_error
vpx_codec_error_detail
vpx_codec_get_caps
vpx_codec_get_cx_data
vpx_codec_get_frame
vpx_codec_set_frame_buffer_functions
vpx_codec_version
vpx_codec_version_str
vpx_codec_vp8_cx
vpx_codec_vp8_dx
vpx_codec_vp9_cx
vpx_codec_vp9_dx
vpx_img_wrap

mozavutil

av_base64_decode
av_base64_encode
av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprint_init_for_buffer
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_uninit
av_chroma_location_name
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_content_light_metadata_create_side_data
av_cpu_count
av_crc
av_crc_get_table
av_default_item_name
av_dict_get
av_dict_iterate
av_dict_set
av_dynamic_hdr_plus_create_side_data
av_dynamic_hdr_plus_from_t35
av_dynarray_add_nofree
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc2
av_fifo_can_write
av_fifo_drain2
av_fifo_freep2
av_fifo_peek
av_fifo_read
av_fifo_write
av_film_grain_params_create_side_data
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_side_data
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_side_data_free
av_frame_side_data_get_c
av_frame_unref
av_free
av_freep
av_gcd
av_get_bytes_per_sample
av_get_cpu_flags
av_get_media_type_string
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_get_token
av_hwframe_get_buffer
av_image_check_sar
av_image_check_size2
av_image_copy
av_image_fill_linesizes
av_image_fill_plane_sizes
av_log
av_log_get_level
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_create_side_data
av_match_list
av_memdup
av_opt_copy
av_opt_free
av_opt_next
av_opt_set
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_from_string
av_opt_set_int
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale_q
av_rescale_rnd
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_strerror
av_strtok
av_video_enc_params_create_side_data
avpriv_emms_asm
avpriv_float_dsp_alloc
avpriv_request_sample
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free

kernel32

AcquireSRWLockExclusive
CloseHandle
DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeSListHead
InitializeSRWLock
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
abort
fegetenv
fesetenv

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-math-l1-1-0

frexp
llrint
lrint
lrintf
sqrt
sqrtf

api-ms-win-crt-string-l1-1-0

strcmp
strlen
strspn

api-ms-win-crt-convert-l1-1-0

strtoul
strtoull

api-ms-win-crt-heap-l1-1-0

calloc

Exports

Exports

av_codec_ffversion
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_fast_padded_malloc
av_fast_padded_mallocz
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_init_packet
av_packet_alloc
av_packet_free
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_close
avcodec_configuration
avcodec_decode_subtitle2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_fill_audio_frame
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_hw_config
avcodec_get_name
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_receive_frame
avcodec_receive_packet
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avsubtitle_free
ff_mpa_bitrate_tab
ff_mpa_freq_tab

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\mozavutil.dll
.dll windows:10 windows x64 arch:x64

f70a8571ed16bf88ae81e65650ec98ed

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:49:e4:e0:5e:ea:63:87:65:9c:64:da:04:69:0c:4e:8f:99:0d:b4:d4:5e:1c:45:5b:72:c5:6a:8e:9b:5b:82
Signer

Actual PE Digest

18:49:e4:e0:5e:ea:63:87:65:9c:64:da:04:69:0c:4e:8f:99:0d:b4:d4:5e:1c:45:5b:72:c5:6a:8e:9b:5b:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
DisableThreadLibraryCalls
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetProcessAffinityMask
GetStdHandle
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeSListHead
InitializeSRWLock
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleTextAttribute
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeConditionVariable
WriteConsoleW

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memchr
memcmp
memcpy
memmove
memset
strchr
strrchr
strstr

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
_isatty
fputs

api-ms-win-crt-heap-l1-1-0

_aligned_free
_aligned_malloc
_aligned_realloc

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_errno
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
abort

api-ms-win-crt-math-l1-1-0

_dclass
acos
asin
atan
atan2
cos
cosh
exp
exp2
fabs
fmod
frexp
hypot
llrint
llrintf
log
pow
scalbn
sin
sinh
sqrt
tan
tanh

api-ms-win-crt-time-l1-1-0

_gmtime64
_localtime64
_mktime64
strftime

api-ms-win-crt-utility-l1-1-0

bsearch

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

strcmp
strcpy
strcspn
strlen
strncmp
strspn

api-ms-win-crt-convert-l1-1-0

strtod
strtol
strtoll
strtoul
strtoull

Exports

Exports

av_add_q
av_add_stable
av_append_path_component
av_asprintf
av_base64_decode
av_base64_encode
av_basename
av_bprint_append_data
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_default
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_from_mask
av_channel_layout_uninit
av_chroma_location_enum_to_pos
av_chroma_location_name
av_chroma_location_pos_to_enum
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_create_side_data
av_cpu_count
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_default_get_category
av_default_item_name
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_iterate
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_div_q
av_dynamic_hdr_plus_create_side_data
av_dynamic_hdr_plus_from_t35
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_escape
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc2
av_fifo_can_read
av_fifo_can_write
av_fifo_drain2
av_fifo_freep2
av_fifo_peek
av_fifo_read
av_fifo_write
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_plane_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_replace
av_frame_side_data_free
av_frame_side_data_get_c
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_cpu_flags
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_init
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_transfer_get_formats
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int_list_length_for_size
av_log
av_log2
av_log2_16bit
av_log_default_callback
av_log_format_line
av_log_get_flags
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_memcpy_backptr
av_memdup
av_mul_q
av_nearer_q
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_q2intfloat
av_read_image_line
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_small_strptime
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod
av_strtok
av_sub_q
av_timegm
av_tx_init
av_tx_uninit
av_usleep
av_utf8_decode
av_vbprintf
av_video_enc_params_create_side_data
av_vlog
av_write_image_line
avpriv_alloc_fixed_dsp
avpriv_emms_asm
avpriv_float_dsp_alloc
avpriv_report_missing_feature
avpriv_request_sample
avpriv_scalarproduct_float_c
avpriv_set_systematic_pal2
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free

Sections

.text
Size: 425KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\mozglue.dll
.dll windows:10 windows x64 arch:x64

274210545facb74c4339f55c52f1e575

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dc:be:22:13:92:d7:d4:5a:d5:da:7f:a6:07:66:d0:c6:cc:9f:a8:d3:89:53:2e:5a:98:69:2c:dd:a0:58:4c:6a
Signer

Actual PE Digest

dc:be:22:13:92:d7:d4:5a:d5:da:7f:a6:07:66:d0:c6:cc:9f:a8:d3:89:53:2e:5a:98:69:2c:dd:a0:58:4c:6a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CertOpenStore
CryptBinaryToStringW
CryptMsgClose
CryptMsgGetParam
CryptMsgOpenToDecode
CryptMsgUpdate
CryptQueryObject

ntdll

NtQueryVirtualMemory
RtlAddFunctionTable
RtlAllocateHeap
RtlCaptureContext
RtlCaptureStackBackTrace
RtlCompareMemory
RtlDuplicateUnicodeString
RtlFreeHeap
RtlFreeUnicodeString
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlReAllocateHeap
RtlSetLastWin32Error
RtlVirtualUnwind
VerSetConditionMask

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1ios_base@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??Bid@locale@std@@QEAA_KXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?classic@locale@std@@SAAEBV12@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

bcrypt

BCryptGenRandom

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CreateFileMappingW
CreateFileW
CreateThread
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EncodePointer
EnterCriticalSection
FlushInstructionCache
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessTimes
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadId
GetTickCount64
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
IsBadReadPtr
IsDebuggerPresent
IsProcessorFeaturePresent
K32EnumProcessModules
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
QueryUnbiasedInterruptTime
RaiseException
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResumeThread
SearchPathW
SetEnvironmentVariableW
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SuspendThread
SystemTimeToFileTime
TerminateProcess
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WakeAllConditionVariable
WakeConditionVariable
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
WideCharToMultiByte

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memchr
memcmp
memcpy
memmove
memset
strchr
wcsrchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vswprintf
_fileno
_fseeki64
_get_stream_buffer_pointers
_write
fclose
fflush
fgetc
fgetpos
fputc
fputs
fread
fsetpos
fwrite
setvbuf
ungetc

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_crt_atexit
_errno
_execute_onexit_table
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
abort
exit

api-ms-win-crt-math-l1-1-0

_dsign
_dtest
log10
pow

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-convert-l1-1-0

_ltoa_s
_strtoui64
strtol

api-ms-win-crt-string-l1-1-0

_stricmp
_strnicmp
_wcsupr_s
islower
isxdigit
strcmp
strlen
strncmp
strncpy
tolower
wcscat_s
wcscmp
wcscpy_s
wcslen
wcsncpy
wcsncpy_s

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
realloc

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

rand_s

Exports

Exports

??$AddMarker@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@AEBV?$ProfilerStringView@D@1@AEBVMarkerCategory@1@$$QEAVMarkerOptions@1@UTextMarker@markers@01@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$AddMarkerToBuffer@UNoPayload@markers@baseprofiler@mozilla@@$$V@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@AEAVProfileChunkedBuffer@1@AEBV?$ProfilerStringView@D@1@AEBVMarkerCategory@1@$$QEAVMarkerOptions@1@UNoPayload@markers@01@@Z
??$AddMarkerToBuffer@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@AEAVProfileChunkedBuffer@1@AEBV?$ProfilerStringView@D@1@AEBVMarkerCategory@1@$$QEAVMarkerOptions@1@UTextMarker@markers@01@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0AutoSuppressStackWalking@@QEAA@XZ
??0AwakeTimeDuration@mozilla@@QEAA@XZ
??0ConditionVariableImpl@detail@mozilla@@QEAA@XZ
??0Decimal@blink@@QEAA@AEBV01@@Z
??0Decimal@blink@@QEAA@H@Z
??0Decimal@blink@@QEAA@W4Sign@01@H_K@Z
??0LZ4FrameCompressionContext@Compression@mozilla@@QEAA@H_K_N1@Z
??0LZ4FrameDecompressionContext@Compression@mozilla@@QEAA@_N@Z
??0LockedMarkerTypeFunctionsList@Streaming@base_profiler_markers_detail@mozilla@@QEAA@XZ
??0MutexImpl@detail@mozilla@@QEAA@XZ
??0PrintfTarget@mozilla@@IEAA@XZ
??0RWLockImpl@detail@mozilla@@QEAA@XZ
??0SHA1Sum@mozilla@@QEAA@XZ
??0TimeStampValue@mozilla@@AEAA@_K0_N@Z
??0TimeStampValue@mozilla@@AEAA@_K@Z
??0UniqueJSONStrings@baseprofiler@mozilla@@QEAA@AEAVFailureLatch@2@@Z
??0UniqueJSONStrings@baseprofiler@mozilla@@QEAA@AEAVFailureLatch@2@AEBV012@VProgressLogger@2@@Z
??1AutoSuppressStackWalking@@QEAA@XZ
??1ConditionVariableImpl@detail@mozilla@@QEAA@XZ
??1LZ4FrameCompressionContext@Compression@mozilla@@QEAA@XZ
??1LZ4FrameDecompressionContext@Compression@mozilla@@QEAA@XZ
??1LockedMarkerTypeFunctionsList@Streaming@base_profiler_markers_detail@mozilla@@QEAA@XZ
??1MutexImpl@detail@mozilla@@QEAA@XZ
??1ProfilingStack@baseprofiler@mozilla@@QEAA@XZ
??1RWLockImpl@detail@mozilla@@QEAA@XZ
??1UniqueJSONStrings@baseprofiler@mozilla@@UEAA@XZ
??2@YAPEAX_K@Z
??2@YAPEAX_KAEBUnothrow_t@std@@@Z
??3@YAXPEAX@Z
??3@YAXPEAXAEBUnothrow_t@std@@@Z
??3@YAXPEAX_K@Z
??4Decimal@blink@@QEAAAEAV01@AEBV01@@Z
??8AwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??8AwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??8Decimal@blink@@QEBA_NAEBV01@@Z
??9AwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??9AwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??9Decimal@blink@@QEBA_NAEBV01@@Z
??DDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GAwakeTimeDuration@mozilla@@QEBA?AV01@AEBV01@@Z
??GAwakeTimeStamp@mozilla@@QEBA?AVAwakeTimeDuration@1@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@XZ
??GTimeStampValue@mozilla@@QEBA_KAEBV01@@Z
??HAwakeTimeDuration@mozilla@@QEBA?AV01@AEBV01@@Z
??HAwakeTimeStamp@mozilla@@QEBA?AV01@AEBVAwakeTimeDuration@1@@Z
??HDecimal@blink@@QEBA?AV01@AEBV01@@Z
??KDecimal@blink@@QEBA?AV01@AEBV01@@Z
??MAwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??MAwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??MDecimal@blink@@QEBA_NAEBV01@@Z
??NAwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??NAwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??NDecimal@blink@@QEBA_NAEBV01@@Z
??OAwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??OAwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??ODecimal@blink@@QEBA_NAEBV01@@Z
??PAwakeTimeDuration@mozilla@@QEBA_NAEBV01@@Z
??PAwakeTimeStamp@mozilla@@QEBA_NAEBV01@@Z
??PDecimal@blink@@QEBA_NAEBV01@@Z
??RFileHandleDeleter@detail@mozilla@@QEAAXUFileHandleHelper@12@@Z
??RProfilerBacktraceDestructor@baseprofiler@mozilla@@QEAAXPEAVProfilerBacktrace@12@@Z
??XDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??YAwakeTimeDuration@mozilla@@QEAAXAEBV01@@Z
??YAwakeTimeStamp@mozilla@@QEAAXAEBVAwakeTimeDuration@1@@Z
??YDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??YTimeStampValue@mozilla@@QEAAAEAV01@_J@Z
??ZAwakeTimeDuration@mozilla@@QEAAXAEBV01@@Z
??ZAwakeTimeStamp@mozilla@@QEAAXAEBVAwakeTimeDuration@1@@Z
??ZDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??ZTimeStampValue@mozilla@@QEAAAEAV01@_J@Z
??_0Decimal@blink@@QEAAAEAV01@AEBV01@@Z
??_FDecimal@blink@@QEAAXXZ
??_FLZ4FrameDecompressionContext@Compression@mozilla@@QEAAXXZ
??_U@YAPEAX_K@Z
??_U@YAPEAX_KAEBUnothrow_t@std@@@Z
??_V@YAXPEAX@Z
??_V@YAXPEAXAEBUnothrow_t@std@@@Z
??_V@YAXPEAX_K@Z
?AddRef@PageInformation@baseprofiler@mozilla@@QEBAXXZ
?AddRef@ThreadInfo@baseprofiler@mozilla@@QEBAXXZ
?BeginCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@V?$Span@D$0?0@3@@Z
?BeginProcessRuntimeInit@detail@mscom@mozilla@@YAAEAW4ProcessInitState@123@XZ
?CacheNtDllThunk@mozilla@@YAXXZ
?CheckQPC@TimeStampValue@mozilla@@AEBA_KAEBV12@@Z
?CleanupProcessRuntime@mozilla@@YAXXZ
?ClearAndSetFailure@UniqueJSONStrings@baseprofiler@mozilla@@AEAAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ
?ConsumePreXULSkeletonUIHandle@mozilla@@YAPEAUHWND__@@XZ
?ContinueCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@V?$Span@$$CBD$0?0@3@@Z
?CreateAndStorePreXULSkeletonUI@mozilla@@YAXPEAUHINSTANCE__@@HPEAPEAD@Z
?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@AEBAXPEBDHHHPEAVStringBuilder@2@@Z
?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@AEBAXPEBDHHPEAVStringBuilder@2@@Z
?Decompress@LZ4FrameDecompressionContext@Compression@mozilla@@QEAA?AV?$Result@ULZ4FrameDecompressionResult@Compression@mozilla@@_K@3@V?$Span@D$0?0@3@V?$Span@$$CBD$0?0@3@@Z
?DeserializerForTag@Streaming@base_profiler_markers_detail@mozilla@@SAP6AXAEAVProfileBufferEntryReader@3@AEAVSpliceableJSONWriter@baseprofiler@3@@ZE@Z
?DllBlocklist_CheckStatus@@YA_NXZ
?DllBlocklist_GetBlocklistInitFailedPointer@@YAPEA_NXZ
?DllBlocklist_GetBlocklistWriterData@@YAPEBDXZ
?DllBlocklist_GetUser32BeforeBlocklistPointer@@YAPEA_NXZ
?DllBlocklist_Initialize@@YAXI@Z
?DllBlocklist_SetBasicDllServices@@YAXPEAVDllServicesBase@detail@glue@mozilla@@@Z
?DllBlocklist_SetFullDllServices@@YAXPEAVDllServicesBase@detail@glue@mozilla@@@Z
?DllBlocklist_WriteNotes@@YAXXZ
?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPEADHPEA_NPEAH3@Z
?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAAEBV12@XZ
?EndCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@XZ
?EndProcessRuntimeInit@detail@mscom@mozilla@@YAXXZ
?EnsureBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ
?ExtractBaseProfilerChunkManager@detail@baseprofiler@mozilla@@YA?AV?$UniquePtr@VProfileBufferChunkManagerWithLocalLimit@mozilla@@V?$DefaultDelete@VProfileBufferChunkManagerWithLocalLimit@mozilla@@@2@@3@XZ
?FeaturesIfActive@RacyFeatures@detail@baseprofiler@mozilla@@SA?AV?$Maybe@I@4@XZ
?FilterHasPid@detail@profiler@mozilla@@YA_NPEBDVBaseProfilerProcessId@baseprofiler@3@@Z
?FiltersExcludePid@detail@profiler@mozilla@@YA_NV?$Span@QEBD$0?0@3@VBaseProfilerProcessId@baseprofiler@3@@Z
?FirstTimeStamp@TimeStamp@mozilla@@SA?AV12@XZ
?FormatToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0?0@2@W4Format@12@@Z
?FramePointerStackWalk@mozilla@@YAXP6AXIPEAX00@ZI0PEAPEAX0@Z
?GenerateRandomBytesFromOS@mozilla@@YA_NPEAX_K@Z
?GetCachedNtDllThunk@mozilla@@YAPEAV?$Buffer@U_IMAGE_THUNK_DATA64@@@1@XZ
?GetClearedBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAPEAVProfileChunkedBuffer@2@XZ
?GetOrAddIndex@UniqueJSONStrings@baseprofiler@mozilla@@AEAA?AV?$Maybe@I@3@AEBV?$Span@$$CBD$0?0@3@@Z
?GetPreXULSkeletonUIEnabled@mozilla@@YA_NXZ
?GetPreXULSkeletonUIErrorReason@mozilla@@YA?AV?$Maybe@W4PreXULSkeletonUIError@mozilla@@@1@XZ
?GetPreXULSkeletonUIWasShown@mozilla@@YA_NXZ
?GetProfilerEnvVarsForChildProcess@baseprofiler@mozilla@@YAX$$QEAV?$function@$$A6AXPEBD0@Z@std@@@Z
?GetProfilingCategoryPairInfo@baseprofiler@mozilla@@YAAEBUProfilingCategoryPairInfo@12@W4ProfilingCategoryPair@12@@Z
?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPEAVProfilingStack@23@XZ
?GetProfilingStartTime@detail@baseprofiler@mozilla@@YA?AVTimeStamp@3@XZ
?GetQueryPerformanceFrequencyPerSec@mozilla@@YA_KXZ
?GetThreadRegistrationTime@detail@baseprofiler@mozilla@@YA?AVTimeStamp@3@XZ
?GraphColorToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0?0@2@W4GraphColor@12@@Z
?GraphTypeToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0?0@2@W4GraphType@12@@Z
?HandleSpecialValues@DoubleToStringConverter@double_conversion@@AEBA_NNPEAVStringBuilder@2@@Z
?HashBytes@mozilla@@YAIPEBX_K@Z
?InitializeUptime@mozilla@@YAXXZ
?InvalidArrayIndex_CRASH@detail@mozilla@@YAX_K0@Z
?IsActive@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsActiveAndSamplingUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsActiveAndUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsActiveWithFeature@RacyFeatures@detail@baseprofiler@mozilla@@SA_NI@Z
?IsActiveWithoutFeature@RacyFeatures@detail@baseprofiler@mozilla@@SA_NI@Z
?IsDynamicCodeDisabled@mozilla@@YA_NXZ
?IsEafPlusEnabled@mozilla@@YA_NXZ
?IsFloat32Representable@mozilla@@YA_NN@Z
?IsThreadBeingProfiled@detail@baseprofiler@mozilla@@YA_NXZ
?IsUserShadowStackEnabled@mozilla@@YA_NXZ
?IsValidUtf8@detail@mozilla@@YA_NPEBX_K@Z
?IsWin32kLockedDown@mozilla@@YA_NXZ
?LocationToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0?0@2@W4Location@12@@Z
?MapRemoteViewOfFile@mozilla@@YAPEAXPEAX0_K01KK@Z
?MozStackWalkThread@@YAXP6AXIPEAX00@ZI00PEAU_CONTEXT@@@Z
?NotePreXULSkeletonUIRestarting@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@XZ
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z
?NowLoRes@AwakeTimeStamp@mozilla@@SA?AV12@XZ
?PersistPreXULSkeletonUIValues@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@AEBUSkeletonUISettings@1@@Z
?PollPreXULSkeletonUIEvents@mozilla@@YAXXZ
?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ
?ProcessUptimeExcludingSuspendMs@mozilla@@YA?AV?$Maybe@_K@1@XZ
?ProcessUptimeMs@mozilla@@YA?AV?$Maybe@_K@1@XZ
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ
?RandomUint64OrDie@mozilla@@YA_KXZ
?RecordProcessRestart@TimeStamp@mozilla@@SAXXZ
?RegisterJitCodeRegion@@YAXPEAE_K@Z
?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APEAXPEBD0PEAX@ZP6AX1@Z@Z
?RegisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?Release@PageInformation@baseprofiler@mozilla@@QEBAXXZ
?Release@ThreadInfo@baseprofiler@mozilla@@QEBAXXZ
?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ
?ResolutionInTicks@BaseTimeDurationPlatformUtils@mozilla@@SA_JXZ
?SetActive@RacyFeatures@detail@baseprofiler@mozilla@@SAXI@Z
?SetGeckoProcessType@mozilla@@YAXPEBD@Z
?SetInactive@RacyFeatures@detail@baseprofiler@mozilla@@SAXXZ
?SetPaused@RacyFeatures@detail@baseprofiler@mozilla@@SAXXZ
?SetPreXULSkeletonUIEnabledIfAllowed@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@_N@Z
?SetPreXULSkeletonUIThemeId@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@W4ThemeMode@1@@Z
?SetSamplingPaused@RacyFeatures@detail@baseprofiler@mozilla@@SAXXZ
?SetSamplingUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SAXXZ
?SetUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SAXXZ
?SetWin32kLockedDownInPolicy@mozilla@@YAXXZ
?Shutdown@TimeStamp@mozilla@@SAXXZ
?SpliceStringTableElements@UniqueJSONStrings@baseprofiler@mozilla@@QEAAXAEAVSpliceableJSONWriter@23@@Z
?Startup@TimeStamp@mozilla@@SAXXZ
?Stream@MarkerSchema@mozilla@@QEHAAXAEAVJSONWriter@2@AEBV?$Span@$$CBD$0?0@2@@Z
?StringToDouble@StringToDoubleConverter@double_conversion@@QEBANPEBDHPEAH@Z
?StringToDouble@StringToDoubleConverter@double_conversion@@QEBANPEBGHPEAH@Z
?StringToFloat@StringToDoubleConverter@double_conversion@@QEBAMPEBDHPEAH@Z
?StringToFloat@StringToDoubleConverter@double_conversion@@QEBAMPEBGHPEAH@Z
?TagForMarkerTypeFunctions@Streaming@base_profiler_markers_detail@mozilla@@SAEP6AXAEAVProfileBufferEntryReader@3@AEAVSpliceableJSONWriter@baseprofiler@3@@ZP6A?AV?$Span@$$CBD$0?0@3@XZP6A?AVMarkerSchema@3@XZ@Z
?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z
?ToExponential@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToFixed@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToMicroseconds@AwakeTimeDuration@mozilla@@QEBANXZ
?ToMilliseconds@AwakeTimeDuration@mozilla@@QEBANXZ
?ToPrecision@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToSeconds@AwakeTimeDuration@mozilla@@QEBANXZ
?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToSecondsSigDigits@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@AEBA_NNPEAVStringBuilder@2@W4DtoaMode@12@@Z
?UnmapRemoteViewOfFile@mozilla@@YA_NPEAX0@Z
?UnregisterJitCodeRegion@@YAXPEAE_K@Z
?UnregisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?Unused@mozilla@@3Uunused_t@1@B
?WasPreXULSkeletonUIMaximized@mozilla@@YA_NXZ
?WindowsBCryptInitialization@mozilla@@YA_NXZ
?WindowsDpiInitialization@mozilla@@YA?AW4WindowsDpiInitializationResult@1@XZ
?WindowsMsctfInitialization@mozilla@@YA_NXZ
?WindowsStackWalkInitialization@mozilla@@YAXXZ
?abs@Decimal@blink@@QEBA?AV12@XZ
?aes_enabled@sse_private@mozilla@@3_NA
?alignOperands@Decimal@blink@@CA?AUAlignedOperands@12@AEBV12@0@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_NH@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_NI@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_N_J@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_N_K@Z
?appendIntHex@PrintfTarget@mozilla@@QEAA_NI@Z
?appendIntHex@PrintfTarget@mozilla@@QEAA_N_K@Z
?appendIntOct@PrintfTarget@mozilla@@QEAA_NI@Z
?appendIntOct@PrintfTarget@mozilla@@QEAA_N_K@Z
?avx2_enabled@sse_private@mozilla@@3_NA
?avx_enabled@sse_private@mozilla@@3_NA
?avxvnni_enabled@sse_private@mozilla@@3_NA
?baseprofiler_save_profile_to_file@baseprofiler@mozilla@@YAXPEBD@Z
?ceil@Decimal@blink@@QEBA?AV12@XZ
?compareTo@Decimal@blink@@AEBA?AV12@AEBV12@@Z
?compress@LZ4@Compression@mozilla@@SA_KPEBD_KPEAD@Z
?compressLimitedOutput@LZ4@Compression@mozilla@@SA_KPEBD_KPEAD1@Z
?decompress@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?decompressPartial@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@@AEAAXXZ
?finish@SHA1Sum@mozilla@@QEAAXAEAY0BE@E@Z
?floor@Decimal@blink@@QEBA?AV12@XZ
?fma3_enabled@sse_private@mozilla@@3_NA
?fromDouble@Decimal@blink@@SA?AV12@N@Z
?fromString@Decimal@blink@@SA?AV12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
?gOOMAllocationSize@@3_KA
?gTwoCharEscapes@detail@mozilla@@3QBDB
?has_constant_tsc@sse_private@mozilla@@3_NA
?infinity@Decimal@blink@@SA?AV12@W4Sign@12@@Z
?lock@MutexImpl@detail@mozilla@@IEAAXXZ
?memchr16@SIMD@mozilla@@SAPEB_SPEB_S_S_K@Z
?memchr16AVX2@SIMD@mozilla@@SAPEB_SPEB_S_S_K@Z
?memchr16SSE2@SIMD@mozilla@@SAPEB_SPEB_S_S_K@Z
?memchr2x16@SIMD@mozilla@@SAPEB_SPEB_S_S1_K@Z
?memchr2x8@SIMD@mozilla@@SAPEBDPEBDDD_K@Z
?memchr64@SIMD@mozilla@@SAPEB_KPEB_K_K1@Z
?memchr64AVX2@SIMD@mozilla@@SAPEB_KPEB_K_K1@Z
?memchr8@SIMD@mozilla@@SAPEBDPEBDD_K@Z
?memchr8AVX2@SIMD@mozilla@@SAPEBDPEBDD_K@Z
?memchr8SSE2@SIMD@mozilla@@SAPEBDPEBDD_K@Z
?mmx_enabled@sse_private@mozilla@@3_NA
?mozalloc_handle_oom@@YAX_K@Z
?notify_all@ConditionVariableImpl@detail@mozilla@@QEAAXXZ
?notify_one@ConditionVariableImpl@detail@mozilla@@QEAAXXZ
?print@PrintfTarget@mozilla@@QEAA_NPEBDZZ
?profiler_active_without_feature@baseprofiler@mozilla@@YA_NI@Z
?profiler_add_js_marker@baseprofiler@mozilla@@YAXPEBD0@Z
?profiler_add_sampled_counter@baseprofiler@mozilla@@YAXPEAVBaseProfilerCount@12@@Z
?profiler_capture_backtrace@baseprofiler@mozilla@@YA?AV?$UniquePtr@VProfileChunkedBuffer@mozilla@@V?$DefaultDelete@VProfileChunkedBuffer@mozilla@@@2@@2@XZ
?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAEAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z
?profiler_current_process_id@baseprofiler@mozilla@@YA?AVBaseProfilerProcessId@12@XZ
?profiler_current_thread_id@baseprofiler@mozilla@@YA?AVBaseProfilerThreadId@12@XZ
?profiler_ensure_started@baseprofiler@mozilla@@YAXV?$PowerOfTwo@I@2@NIPEAPEBDIAEBV?$Maybe@N@2@@Z
?profiler_feature_active@baseprofiler@mozilla@@YA_NI@Z
?profiler_get_available_features@baseprofiler@mozilla@@YAIXZ
?profiler_get_backtrace@baseprofiler@mozilla@@YA?AV?$UniquePtr@VProfilerBacktrace@baseprofiler@mozilla@@UProfilerBacktraceDestructor@23@@2@XZ
?profiler_get_buffer_info@baseprofiler@mozilla@@YA?AV?$Maybe@UProfilerBufferInfo@baseprofiler@mozilla@@@2@XZ
?profiler_get_core_buffer@baseprofiler@mozilla@@YAAEAVProfileChunkedBuffer@2@XZ
?profiler_get_profile@baseprofiler@mozilla@@YA?AV?$UniquePtr@$$BY0A@DV?$DefaultDelete@$$BY0A@D@mozilla@@@2@N_N0@Z
?profiler_get_start_params@baseprofiler@mozilla@@YAXPEAHPEAV?$Maybe@N@2@PEANPEAIPEAV?$Vector@PEBD$0A@VMallocAllocPolicy@mozilla@@@2@@Z
?profiler_init@baseprofiler@mozilla@@YAXPEAX@Z
?profiler_init_main_thread_id@baseprofiler@mozilla@@YAXXZ
?profiler_is_main_thread@baseprofiler@mozilla@@YA_NXZ
?profiler_is_paused@baseprofiler@mozilla@@YA_NXZ
?profiler_is_sampling_paused@baseprofiler@mozilla@@YA_NXZ
?profiler_main_thread_id@baseprofiler@mozilla@@YA?AVBaseProfilerThreadId@12@XZ
?profiler_pause@baseprofiler@mozilla@@YAXXZ
?profiler_pause_sampling@baseprofiler@mozilla@@YAXXZ
?profiler_register_page@baseprofiler@mozilla@@YAX_K0AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?profiler_register_thread@baseprofiler@mozilla@@YAPEAVProfilingStack@12@PEBDPEAX@Z
?profiler_remove_sampled_counter@baseprofiler@mozilla@@YAXPEAVBaseProfilerCount@12@@Z
?profiler_resume@baseprofiler@mozilla@@YAXXZ
?profiler_resume_sampling@baseprofiler@mozilla@@YAXXZ
?profiler_set_process_name@baseprofiler@mozilla@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBV34@@Z
?profiler_shutdown@baseprofiler@mozilla@@YAXXZ
?profiler_start@baseprofiler@mozilla@@YAXV?$PowerOfTwo@I@2@NIPEAPEBDIAEBV?$Maybe@N@2@@Z
?profiler_stop@baseprofiler@mozilla@@YAXXZ
?profiler_stream_json_for_this_process@baseprofiler@mozilla@@YA_NAEAVSpliceableJSONWriter@12@N_N1@Z
?profiler_thread_is_sleeping@baseprofiler@mozilla@@YA_NXZ
?profiler_thread_sleep@baseprofiler@mozilla@@YAXXZ
?profiler_thread_wake@baseprofiler@mozilla@@YAXXZ
?profiler_time@baseprofiler@mozilla@@YANXZ
?profiler_unregister_page@baseprofiler@mozilla@@YAX_K@Z
?profiler_unregister_thread@baseprofiler@mozilla@@YAXXZ
?readLock@RWLockImpl@detail@mozilla@@IEAAXXZ
?readUnlock@RWLockImpl@detail@mozilla@@IEAAXXZ
?remainder@Decimal@blink@@QEBA?AV12@AEBV12@@Z
?round@Decimal@blink@@QEBA?AV12@XZ
?sChildProcessType@startup@mozilla@@3W4GeckoProcessType@@A
?sse3_enabled@sse_private@mozilla@@3_NA
?sse4_1_enabled@sse_private@mozilla@@3_NA
?sse4_2_enabled@sse_private@mozilla@@3_NA
?sse4a_enabled@sse_private@mozilla@@3_NA
?ssse3_enabled@sse_private@mozilla@@3_NA
?toDouble@Decimal@blink@@QEBANXZ
?toString@Decimal@blink@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?toString@Decimal@blink@@QEBA_NPEAD_K@Z
?tryLock@MutexImpl@detail@mozilla@@IEAA_NXZ
?tryReadLock@RWLockImpl@detail@mozilla@@IEAA_NXZ
?tryWriteLock@RWLockImpl@detail@mozilla@@IEAA_NXZ
?unlock@MutexImpl@detail@mozilla@@IEAAXXZ
?update@SHA1Sum@mozilla@@QEAAXPEBXI@Z
?vprint@PrintfTarget@mozilla@@QEAA_NPEBDPEAD@Z
?wait@ConditionVariableImpl@detail@mozilla@@QEAAXAEAVMutexImpl@23@@Z
?wait_for@ConditionVariableImpl@detail@mozilla@@QEAA?AW4CVStatus@3@AEAVMutexImpl@23@AEBV?$BaseTimeDuration@VTimeDurationValueCalculator@mozilla@@@3@@Z
?writeLock@RWLockImpl@detail@mozilla@@IEAAXXZ
?writeUnlock@RWLockImpl@detail@mozilla@@IEAAXXZ
?xgetbv@mozilla@@YA_KI@Z
?zero@Decimal@blink@@SA?AV12@W4Sign@12@@Z
DisablePHCOnCurrentThread
GetAllocatorStallSpecs
GetPHCStats
IsPHCAllocation
IsPHCEnabledOnCurrentThread
MOZ_CrashPrintf
MozDescribeCodeAddress
MozFormatCodeAddress
MozFormatCodeAddressDetails
MozStackWalk
MozWalkTheStack
MozWalkTheStackWithWriter
PHCMemoryUsage
ReenablePHCOnCurrentThread
SetPHCProbabilities
SetPHCState
_aligned_free
_aligned_malloc
_expand
_msize
_recalloc
_strdup
_wcsdup
calloc
fprint_stderr
fprintf_stderr
free
gMozCrashReason
gMozillaPoisonBase
gMozillaPoisonSize
gMozillaPoisonValue
jemalloc_free_dirty_pages
jemalloc_ptr_info
jemalloc_purge_freed_pages
jemalloc_set_main_thread
jemalloc_stats_internal
jemalloc_stats_num_bins
jemalloc_thread_local_arena
malloc
malloc_good_size
malloc_usable_size
moz_arena_calloc
moz_arena_free
moz_arena_malloc
moz_arena_memalign
moz_arena_realloc
moz_create_arena_with_params
moz_dispose_arena
moz_malloc_enclosing_size_of
moz_malloc_size_of
moz_malloc_usable_size
moz_set_max_dirty_page_modifier
moz_xcalloc
moz_xmalloc
moz_xmemalign
moz_xmemdup
moz_xrealloc
moz_xstrdup
mozalloc_abort
posix_memalign
print_stderr
printf_stderr
realloc
strdup
strndup
vprintf_stderr
wcsdup

Sections

.text
Size: 638KB - Virtual size: 637KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 49B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\msvcp140.dll
.dll windows:6 windows x64 arch:x64

118dde577a38119350ab495f68a0326f

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0
Signer

Actual PE Digest

09:9e:7b:ef:03:27:a7:fc:e4:8b:93:ea:a4:bd:93:4a:e4:7a:e1:20:38:8f:f5:02:99:2c:47:4b:6e:c8:ab:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

Imports

vcruntime140

__current_exception_context
__C_specific_handler
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_onexit_function
_execute_onexit_table
_crt_atexit
_endthreadex
_beginthreadex
_set_new_handler
abort
terminate
_cexit
_initialize_onexit_table
_errno
_initterm_e
_initterm

api-ms-win-crt-string-l1-1-0

iswspace
_wcsdup
iswalnum
__strncnt
wcsnlen
wcscpy_s
strcspn
iswdigit
isupper
tolower
isdigit
isspace
islower
iswxdigit
isxdigit
isalnum

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
setlocale
_unlock_locales
___lc_locale_name_func
localeconv
__pctype_func
___mb_cur_max_func
___lc_collate_cp_func
_lock_locales

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
fgetc
fseek
_fsopen
_wfsopen
fputs
fgetwc
fputwc
ungetwc
fflush
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
setvbuf
__acrt_iob_func
_get_stream_buffer_pointers
fclose
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wchdir
_unlock_file
_wremove
_wrmdir
_lock_file

api-ms-win-crt-time-l1-1-0

_Wcsftime
_W_Gettnames
_W_Getmonths
_W_Getdays
_Strftime
_Getdays
_Gettnames
_Getmonths

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysign
copysignf
ldexp
_dclass
frexp
_ldclass
log
logf

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

EnterCriticalSection
RaiseException
CompareStringEx
MultiByteToWideChar
GetCPInfo
InitializeSListHead
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
RtlPcToFileHeader
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QEAA@AEBV01@@Z
??0?$_Yarn@D@std@@QEAA@PEBD@Z
??0?$_Yarn@D@std@@QEAA@XZ
??0?$_Yarn@G@std@@QEAA@AEBV01@@Z
??0?$_Yarn@G@std@@QEAA@PEBG@Z
??0?$_Yarn@G@std@@QEAA@XZ
??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z
??0?$_Yarn@_W@std@@QEAA@PEB_W@Z
??0?$_Yarn@_W@std@@QEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@D@std@@QEAA@PEBF_N_K@Z
??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@G@std@@QEAA@_K@Z
??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$ctype@_W@std@@QEAA@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z
??0Init@ios_base@std@@QEAA@XZ
??0_Facet_base@std@@QEAA@AEBV01@@Z
??0_Facet_base@std@@QEAA@XZ
??0_Init_locks@std@@QEAA@XZ
??0_Locimp@locale@std@@AEAA@AEBV012@@Z
??0_Locimp@locale@std@@AEAA@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0_Lockit@std@@QEAA@XZ
??0_Timevec@std@@QEAA@AEBV01@@Z
??0_Timevec@std@@QEAA@PEAX@Z
??0_UShinit@std@@QEAA@XZ
??0_Winit@std@@QEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??0ctype_base@std@@QEAA@_K@Z
??0facet@locale@std@@IEAA@_K@Z
??0id@locale@std@@QEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??0task_continuation_context@Concurrency@@AEAA@XZ
??0time_base@std@@QEAA@_K@Z
??1?$_Yarn@D@std@@QEAA@XZ
??1?$_Yarn@G@std@@QEAA@XZ
??1?$_Yarn@_W@std@@QEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1?$ctype@D@std@@MEAA@XZ
??1?$ctype@G@std@@MEAA@XZ
??1?$ctype@_W@std@@MEAA@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ
??1Init@ios_base@std@@QEAA@XZ
??1_Facet_base@std@@UEAA@XZ
??1_Init_locks@std@@QEAA@XZ
??1_Locimp@locale@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1_Timevec@std@@QEAA@XZ
??1_UShinit@std@@QEAA@XZ
??1_Winit@std@@QEAA@XZ
??1codecvt_base@std@@UEAA@XZ
??1ctype_base@std@@UEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??1time_base@std@@UEAA@XZ
??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z
??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z
??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z
??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z
??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z
??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z
??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z
??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z
??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z
??4_Winit@std@@QEAAAEAV01@AEBV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??7ios_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??Bios_base@std@@QEBA_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ
??_F?$ctype@D@std@@QEAAXXZ
??_F?$ctype@G@std@@QEAAXXZ
??_F?$ctype@_W@std@@QEAAXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ
??_F_Locinfo@std@@QEAAXXZ
??_F_Timevec@std@@QEAAXXZ
??_Fcodecvt_base@std@@QEAAXXZ
??_Fctype_base@std@@QEAAXXZ
??_Ffacet@locale@std@@QEAAXXZ
??_Fid@locale@std@@QEAAXXZ
??_Ftime_base@std@@QEAAXXZ
?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Addstd@ios_base@std@@SAXPEAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ
?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AEAAXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Clocptr@_Locimp@locale@std@@0PEAV123@EA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IEBADGD@Z
?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z
?_Dowiden@?$ctype@G@std@@IEBAGD@Z
?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z
?_Empty@?$_Yarn@D@std@@QEBA_NXZ
?_Empty@?$_Yarn@G@std@@QEBA_NXZ
?_Empty@?$_Yarn@_W@std@@QEBA_NXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z
?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QEBAHXZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Getptr@_Timevec@std@@QEBAPEAXXZ
?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\nmhproxy.exe
.exe windows:6 windows x64 arch:x64

a5cc79c72237e4d3ea13ea50f0c6199a

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f4:bc:b3:85:57:86:42:fa:a6:96:ca:24:ad:75:b7:30:6d:5c:f8:e9:52:89:5d:59:8c:9b:ea:4d:59:64:99:4b
Signer

Actual PE Digest

f4:bc:b3:85:57:86:42:fa:a6:96:ca:24:ad:75:b7:30:6d:5c:f8:e9:52:89:5d:59:8c:9b:ea:4d:59:64:99:4b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

nmhproxy.pdb

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CompareStringOrdinal
CreateFileW
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateThread
DeleteProcThreadAttributeList
DuplicateHandle
FindClose
FindFirstFileW
FormatMessageW
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
ReadConsoleW
ReadFileEx
ReleaseMutex
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetFileInformationByHandle
SetFilePointerEx
SetLastError
SetThreadStackGuarantee
SetUnhandledExceptionFilter
SleepEx
UnhandledExceptionFilter
UpdateProcThreadAttribute
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFileEx
lstrlenW

bcryptprimitives

ProcessPrng

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

ntdll

NtReadFile
NtWriteFile
RtlNtStatusToDosError

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

vcruntime140

__C_specific_handler
__CxxFrameHandler3
__current_exception
__current_exception_context
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_c_exit
_cexit
_configure_narrow_argv
_crt_atexit
_exit
_get_initial_narrow_environment
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
terminate

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

Sections

.text
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\notificationserver.dll
.dll windows:10 windows x64 arch:x64

603163895bc4d56a39107a50011d67c7

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:15:35:60:c2:47:75:f8:22:64:19:49:41:62:f4:f3:59:23:80:42:b8:d2:79:aa:75:9b:6e:43:71:52:bd:15
Signer

Actual PE Digest

38:15:35:60:c2:47:75:f8:22:64:19:49:41:62:f4:f3:59:23:80:42:b8:d2:79:aa:75:9b:6e:43:71:52:bd:15

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

DeregisterEventSource
RegGetValueW
RegisterEventSourceW
ReportEventW

kernel32

AcquireSRWLockExclusive
AreFileApisANSI
CancelIo
CloseHandle
ConnectNamedPipe
CreateEventW
CreateFileW
CreateNamedPipeW
CreateProcessW
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileInformationByHandle
GetFileInformationByHandleEx
GetLastError
GetLocaleInfoEx
GetModuleFileNameW
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetSystemInfo
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LocalFree
QueryPerformanceCounter
ReadFile
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
WakeAllConditionVariable
WideCharToMultiByte
WriteFile

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

user32

AllowSetForegroundWindow

msvcp140

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1ios_base@std@@UEAA@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Syserror_map@std@@YAPEBDH@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Winerror_map@std@@YAHH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAAXPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@_N@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z

ole32

CoTaskMemFree
StringFromCLSID

vcruntime140

_CxxThrowException
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
memcpy
memmove
memset
wcschr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnwprintf_s
__stdio_common_vswprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
abort

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
free
malloc

api-ms-win-crt-string-l1-1-0

strlen
wcscpy
wcslen
wcspbrk

Exports

Exports

DllGetClassObject
gMozillaPoisonBase
gMozillaPoisonSize
gMozillaPoisonValue

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\nss3.dll
.dll windows:10 windows x64 arch:x64

a5204b7412e32b0cadf42461221418c9

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a3:a9:74:a4:5c:23:ce:96:2c:49:aa:c2:e1:fe:bb:5c:8b:56:54:18:c9:38:54:cb:3f:fc:d5:fe:31:0d:f5:c6
Signer

Actual PE Digest

a3:a9:74:a4:5c:23:ce:96:2c:49:aa:c2:e1:fe:bb:5c:8b:56:54:18:c9:38:54:cb:3f:fc:d5:fe:31:0d:f5:c6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mozglue

_msize
calloc
free
malloc
realloc
strdup

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getpeername
getprotobyname
getprotobynumber
getsockname
getsockopt
htonl
htons
inet_ntoa
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

ws2_32

WSAIoctl

kernel32

AreFileApisANSI
CancelIo
CloseHandle
CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateMutexW
CreatePipe
CreateProcessA
CreateSemaphoreA
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GlobalMemoryStatusEx
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MoveFileA
MoveFileW
MultiByteToWideChar
OpenSemaphoreA
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEndOfFile
SetFilePointer
SetHandleInformation
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memchr
memcmp
memcpy
memmove
memset
strchr
strrchr
strstr

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
_close
_wfopen
_wopen
fclose
feof
fflush
fgets
fopen
fputc
fputs
ftell
fwrite
setvbuf

api-ms-win-crt-environment-l1-1-0

__p__environ
_putenv
getenv

api-ms-win-crt-filesystem-l1-1-0

_access
_waccess
_wstat64i32

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_endthreadex
_errno
_execute_onexit_table
_exit
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
abort
strerror

api-ms-win-crt-math-l1-1-0

_fdopen
acos
acosh
asin
asinh
atan
atan2
atanh
cos
cosh
exp
fmod
log
log10
log2
pow
sin
sinh
sqrt
tan
tanh
trunc

api-ms-win-crt-time-l1-1-0

_localtime64_s
_mktime64
_time64
strftime

api-ms-win-crt-multibyte-l1-1-0

_mbsdec
_mbsinc

api-ms-win-crt-string-l1-1-0

_stricmp
isalnum
isalpha
isspace
strcat
strcmp
strcpy
strcspn
strlen
strncat
strncmp
strncpy
strpbrk
strspn
tolower
toupper

api-ms-win-crt-convert-l1-1-0

atoi
strtol
strtoul

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

ATOB_AsciiToData
ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii
BTOA_DataToAscii_Util
CERT_AddCertToListHead
CERT_AddCertToListTail
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AsciiToName
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertificateRequestTemplate
CERT_CertificateTemplate
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckNameSpace
CERT_ClearOCSPCache
CERT_CompareCerts
CERT_CompareName
CERT_ConvertAndDecodeCertificate
CERT_CopyName
CERT_CopyRDN
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_CrlTemplate
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertFromPackage
CERT_DecodeCertPackage
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeNameConstraintsExtension
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DupCertificate
CERT_EnableOCSPChecking
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodeSubjectKeyID
CERT_EncodeUserNotice
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrCX
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_ForcePostMethodForOCSP
CERT_FreeNicknames
CERT_GenTime2FormattedAscii_Util
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIsPerm
CERT_GetCertKeyType
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertificateDer
CERT_GetCertificateRequestExtensions
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDefaultCertDB
CERT_GetFirstEmailAddress
CERT_GetGeneralNameTypeFromString
CERT_GetImposedNameConstraints
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetStateName
CERT_Hexify
CERT_ImportCerts
CERT_IsCACert
CERT_IsUserCert
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameTemplate
CERT_NameToAscii
CERT_NewCertList
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_OCSPCacheSettings
CERT_RFC1485_EscapeAndQuote
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SequenceOfCertExtensionTemplate
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SignedCrlTemplate
CERT_SignedDataTemplate
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_SubjectPublicKeyInfoTemplate
CERT_TimeChoiceTemplate
CERT_VerifyCertificate
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime_Util
DER_DecodeTimeChoice
DER_DecodeTimeChoice_Util
DER_Encode
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedTimeToTime
DER_GeneralizedTimeToTime_Util
DER_GetInteger
DER_GetInteger_Util
DER_SetUInteger
DER_UTCTimeToTime_Util
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSigWithLen
DTLS_GetHandshakeTimeout
DTLS_ImportFD
GetExecutionEnvironment
HASH_Begin
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHashObject
HASH_GetHashOidTagByHMACOidTag
HASH_GetHashOidTagByHMACOidTag_Util
HASH_GetHashOidTagByHashType
HASH_GetHashTypeByOidTag
HASH_GetHashTypeByOidTag_Util
HASH_GetType
HASH_HashBuf
HASH_ResultLenByOidTag
HASH_Update
NSSBase64_EncodeItem_Util
NSSSMIME_GetVersion
NSSSSL_GetVersion
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSS_CMSContentInfo_GetContent
NSS_CMSContentInfo_GetContentTypeTag
NSS_CMSContentInfo_SetContent_SignedData
NSS_CMSEncoder_Finish
NSS_CMSEncoder_Start
NSS_CMSMessage_ContentLevel
NSS_CMSMessage_Create
NSS_CMSMessage_CreateFromDER
NSS_CMSMessage_Destroy
NSS_CMSMessage_GetContentInfo
NSS_CMSMessage_IsSigned
NSS_CMSSignedData_AddCertificate
NSS_CMSSignedData_CreateCertsOnly
NSS_CMSSignedData_Destroy
NSS_CMSSignedData_GetSignerInfo
NSS_CMSSignedData_SignerInfoCount
NSS_CMSSignerInfo_GetSigningCertificate
NSS_CMSSignerInfo_Verify
NSS_FindCertKEAType
NSS_GetAlgorithmPolicy
NSS_GetVersion
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPSSParamsTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Init
NSS_InitContext
NSS_InitReadWrite
NSS_InitWithMerge
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_OptionGet
NSS_OptionSet
NSS_SMIMESignerInfo_SaveSMIMEProfile
NSS_SMIMEUtil_FindBulkAlgForRecipients
NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SecureSelect
NSS_SetAlgorithmPolicy
NSS_SetDomesticPolicy
NSS_Shutdown
NSS_ShutdownContext
NSS_VersionCheck
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AEADOp
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_ChangePW
PK11_CheckUserPassword
PK11_CipherOp
PK11_ConfigurePKCS11
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreateMergeLog
PK11_CreatePBEV2AlgorithmID
PK11_DEREncodePublicKey
PK11_Decrypt
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithTemplate
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyMergeLog
PK11_DestroyObject
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestOp
PK11_DoesMechanism
PK11_Encrypt
PK11_ExportDERPrivateKeyInfo
PK11_ExportEncryptedPrivKeyInfo
PK11_ExtractKeyValue
PK11_FindCertFromNickname
PK11_FindCertInSlot
PK11_FindCertsFromEmailAddress
PK11_FindCertsFromNickname
PK11_FindEncodedCertInSlot
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindRawCertsWithSubject
PK11_FindSlotByName
PK11_FindSlotsByNames
PK11_FreeSlot
PK11_FreeSlotList
PK11_FreeSlotListElement
PK11_FreeSymKey
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithFlags
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetAllSlotsForCert
PK11_GetAllTokens
PK11_GetBestSlot
PK11_GetBestSlotMultiple
PK11_GetBlockSize
PK11_GetCertFromPrivateKey
PK11_GetCertsMatchingPrivateKey
PK11_GetDefaultArray
PK11_GetDefaultFlags
PK11_GetDisabledReason
PK11_GetFirstSafe
PK11_GetIVLength
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetKeyGen
PK11_GetLowLevelKeyIDForPrivateKey
PK11_GetMechanism
PK11_GetModInfo
PK11_GetModuleURI
PK11_GetNextGenericObject
PK11_GetNextSafe
PK11_GetNextSymKey
PK11_GetPadMechanism
PK11_GetPrivateKeyNickname
PK11_GetPrivateModulusLen
PK11_GetSlotFromPrivateKey
PK11_GetSlotID
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotSeries
PK11_GetSymKeyNickname
PK11_GetTokenInfo
PK11_GetTokenName
PK11_GetTokenURI
PK11_HPKE_Deserialize
PK11_HPKE_DestroyContext
PK11_HPKE_ExportSecret
PK11_HPKE_GetEncapPubKey
PK11_HPKE_NewContext
PK11_HPKE_Open
PK11_HPKE_Seal
PK11_HPKE_Serialize
PK11_HPKE_SetupR
PK11_HPKE_SetupS
PK11_HPKE_ValidateParameters
PK11_HasAttributeSet
PK11_HasRootCerts
PK11_HashBuf
PK11_ImportCRL
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportDataKey
PK11_ImportEncryptedPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey
PK11_ImportSymKey
PK11_InitPin
PK11_IsDisabled
PK11_IsFIPS
PK11_IsFriendly
PK11_IsHW
PK11_IsInternal
PK11_IsInternalKeySlot
PK11_IsLoggedIn
PK11_IsPresent
PK11_IsReadOnly
PK11_IsRemovable
PK11_KeyForCertExists
PK11_KeyGen
PK11_KeyGenWithTemplate
PK11_ListCerts
PK11_ListCertsInSlot
PK11_ListFixedKeysInSlot
PK11_ListPrivKeysInSlot
PK11_ListPrivateKeysInSlot
PK11_LoadPrivKey
PK11_Logout
PK11_LogoutAll
PK11_MakeIDFromPubKey
PK11_MapSignKeyType
PK11_MechanismToAlgtag
PK11_MergeTokens
PK11_NeedLogin
PK11_NeedUserInit
PK11_PBEKeyGen
PK11_ParamFromIV
PK11_PrivDecrypt
PK11_PrivDecryptPKCS1
PK11_ProtectedAuthenticationPath
PK11_PubDeriveWithKDF
PK11_PubEncrypt
PK11_PubEncryptPKCS1
PK11_PubUnwrapSymKey
PK11_PubWrapSymKey
PK11_RandomUpdate
PK11_ReadDistrustAfterAttribute
PK11_ReadRawAttribute
PK11_ReferenceSlot
PK11_ReferenceSymKey
PK11_ResetToken
PK11_SetPasswordFunc
PK11_SetSymKeyNickname
PK11_Sign
PK11_SignWithMechanism
PK11_SignatureLen
PK11_TokenKeyGenWithFlags
PK11_UnwrapPrivKey
PK11_UnwrapSymKey
PK11_UpdateSlotAttribute
PK11_UserDisableSlot
PK11_UserEnableSlot
PK11_Verify
PK11_VerifyWithMechanism
PK11_WrapPrivKey
PK11_WrapSymKey
PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_Base64Decode
PL_Base64Encode
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_FinishArenaPool
PL_FreeArenaPool
PL_GetNextOpt
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_PrintError
PL_SizeOfArenaPoolExcludingPool
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\nssckbi.dll
.dll windows:10 windows x64 arch:x64

5040f5401cbef0593f7caf886c3c92d3

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c7:70:fd:0c:50:90:d6:44:d3:4c:70:55:41:8e:1f:01:3f:ad:ca:17:20:3b:92:ea:a2:26:ca:a4:a1:c0:be:19
Signer

Actual PE Digest

c7:70:fd:0c:50:90:d6:44:d3:4c:70:55:41:8e:1f:01:3f:ad:ca:17:20:3b:92:ea:a2:26:ca:a4:a1:c0:be:19

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

ntdll

NtWriteFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlVirtualUnwind

kernel32

CloseHandle
CreateMutexA
DisableThreadLibraryCalls
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetLastError
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObject
WaitForSingleObjectEx
WriteConsoleW
lstrlenW

vcruntime140

__C_specific_handler
__CxxFrameHandler3
__std_type_info_destroy_list
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 562B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\omni.ja
zen.win-specific\zen\osclientcerts.dll
.dll windows:10 windows x64 arch:x64

e30cb35cef0294ace0b7e36dbd9d9330

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:e1:af:06:a6:b1:02:be:de:ea:c9:cb:67:4c:64:90:39:76:34:51:cc:95:ac:49:de:32:28:db:20:de:53:ad
Signer

Actual PE Digest

b9:e1:af:06:a6:b1:02:be:de:ea:c9:cb:67:4c:64:90:39:76:34:51:cc:95:ac:49:de:32:28:db:20:de:53:ad

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateMutexA
CreateThread
DisableThreadLibraryCalls
FormatMessageW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableW
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleMode
SetConsoleTextAttribute
SetLastError
SetThreadStackGuarantee
SetUnhandledExceptionFilter
SwitchToThread
UnhandledExceptionFilter
WaitForSingleObject
WaitForSingleObjectEx
WriteConsoleW
lstrlenW

crypt32

CertCloseStore
CertDuplicateCertificateContext
CertFindChainInStore
CertFreeCertificateContext
CertNameToStrA
CertOpenStore
CryptAcquireCertificatePrivateKey

ncrypt

NCryptFreeObject
NCryptSignHash

advapi32

CryptCreateHash
CryptDestroyHash
CryptReleaseContext
CryptSetHashParam
CryptSignHashW

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

ntdll

NtWriteFile
RtlNtStatusToDosError

bcryptprimitives

ProcessPrng

vcruntime140

__C_specific_handler
__CxxFrameHandler3
__std_type_info_destroy_list
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strlen

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\pingsender.exe
.exe windows:10 windows x64 arch:x64

c199bc60d38108a1744b5ff4625d24c6

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c8:0c:cd:cf:e0:8d:30:25:47:e7:9d:31:34:c6:41:16:2c:78:a8:48:df:77:b4:0d:58:3d:0b:d9:b9:4b:11:6f
Signer

Actual PE Digest

c8:0c:cd:cf:e0:8d:30:25:47:e7:9d:31:34:c6:41:16:2c:78:a8:48:df:77:b4:0d:58:3d:0b:d9:b9:4b:11:6f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mozglue

??2@YAPEAX_K@Z
??3@YAXPEAX@Z
??3@YAXPEAX_K@Z
calloc
free
malloc

wininet

HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetSetOptionA

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1ios_base@std@@UEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xlength_error@std@@YAXPEBD@Z
?bad@ios_base@std@@QEBA_NXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?eof@ios_base@std@@QEBA_NXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

kernel32

AcquireSRWLockExclusive
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
ReleaseSRWLockExclusive
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WakeAllConditionVariable

vcruntime140

__C_specific_handler
__current_exception
__current_exception_context
memcmp
memcpy
memmove
memset

api-ms-win-crt-filesystem-l1-1-0

_chdir
_fullpath
_lock_file
_makepath_s
_splitpath_s
_unlock_file
remove

api-ms-win-crt-stdio-l1-1-0

__p__commode
_fseeki64
_get_stream_buffer_pointers
_set_fmode
fclose
fflush
fgetc
fgetpos
fputc
fread
fsetpos
fwrite
setvbuf
ungetc

api-ms-win-crt-time-l1-1-0

_gmtime64
_time64
strftime

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_c_exit
_cexit
_configure_narrow_argv
_crt_atexit
_exit
_get_initial_narrow_environment
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
abort
exit
terminate

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-string-l1-1-0

strlen

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\platform.ini
zen.win-specific\zen\plugin-container.exe
.exe windows:10 windows x64 arch:x64

45515c0ffa070314eed29dc15246524c

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:57:8f:51:27:ae:12:5a:65:4c:dc:a9:65:b3:75:7f:90:95:82:9e:bd:78:29:f6:04:1e:2c:f0:65:bb:3e:a6
Signer

Actual PE Digest

50:57:8f:51:27:ae:12:5a:65:4c:dc:a9:65:b3:75:7f:90:95:82:9e:bd:78:29:f6:04:1e:2c:f0:65:bb:3e:a6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mozglue

??2@YAPEAX_K@Z
??3@YAXPEAX@Z
??3@YAXPEAX_K@Z
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
?DllBlocklist_Initialize@@YAXI@Z
?IsWin32kLockedDown@mozilla@@YA_NXZ
?RegisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?SetGeckoProcessType@mozilla@@YAXPEBD@Z
?UnregisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?sChildProcessType@startup@mozilla@@3W4GeckoProcessType@@A
_wcsdup
free
malloc
moz_xmalloc
mozalloc_abort
realloc

usp10

ScriptBreak
ScriptItemize

advapi32

AccessCheck
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CopySid
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
DuplicateToken
DuplicateTokenEx
EqualSid
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetTokenInformation
ImpersonateLoggedOnUser
InitializeSid
IsValidSid
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDisablePredefinedCache
RegOpenKeyExW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

ntdll

NtQueryVirtualMemory
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlSetLastWin32Error
RtlVirtualUnwind

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1ios_base@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?good@ios_base@std@@QEBA_NXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
CloseHandle
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DebugBreak
DeleteCriticalSection
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
ExpandEnvironmentStringsW
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileType
GetLastError
GetLongPathNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHandleCount
GetProcessHeaps
GetProcessId
GetProductInfo
GetQueuedCompletionStatus
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadId
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsWow64Process
LeaveCriticalSection
LoadLibraryExA
LoadLibraryW
LocalFree
MapViewOfFile
PostQueuedCompletionStatus
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ResetEvent
SearchPathW
SetDllDirectoryW
SetEnvironmentVariableW
SetEvent
SetHandleInformation
SetInformationJobObject
SetLastError
SetThreadAffinityMask
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WakeAllConditionVariable
WideCharToMultiByte
WriteProcessMemory
lstrlenW

vcruntime140

__C_specific_handler
__current_exception
__current_exception_context
memcmp
memcpy
memmove
memset

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
_set_fmode

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___wargv
_c_exit
_cexit
_configure_wide_argv
_crt_atexit
_errno
_exit
_get_initial_wide_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
terminate

api-ms-win-crt-string-l1-1-0

_wcsnicmp
strlen
wcscmp
wcslen
wcsncmp

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

GetHandleVerifier
IsSandboxedProcess
TargetConfigureOPMProtectedOutput
TargetConfigureOPMProtectedOutput64
TargetCreateNamedPipeW
TargetCreateNamedPipeW64
TargetCreateOPMProtectedOutputs
TargetCreateOPMProtectedOutputs64
TargetCreateProcessA
TargetCreateProcessA64
TargetCreateProcessW
TargetCreateProcessW64
TargetCreateThread
TargetCreateThread64
TargetDestroyOPMProtectedOutput
TargetDestroyOPMProtectedOutput64
TargetEnumDisplayDevicesA
TargetEnumDisplayDevicesA64
TargetEnumDisplayMonitors
TargetEnumDisplayMonitors64
TargetGdiDllInitialize
TargetGdiDllInitialize64
TargetGetCertificate
TargetGetCertificate64
TargetGetCertificateByHandle
TargetGetCertificateByHandle64
TargetGetCertificateSize
TargetGetCertificateSize64
TargetGetCertificateSizeByHandle
TargetGetCertificateSizeByHandle64
TargetGetMonitorInfoA
TargetGetMonitorInfoA64
TargetGetMonitorInfoW
TargetGetMonitorInfoW64
TargetGetOPMInformation
TargetGetOPMInformation64
TargetGetOPMRandomNumber
TargetGetOPMRandomNumber64
TargetGetStockObject
TargetGetStockObject64
TargetGetSuggestedOPMProtectedOutputArraySize
TargetGetSuggestedOPMProtectedOutputArraySize64
TargetNtCreateEvent
TargetNtCreateEvent64
TargetNtCreateFile
TargetNtCreateFile64
TargetNtCreateKey
TargetNtCreateKey64
TargetNtCreateSection
TargetNtCreateSection64
TargetNtImpersonateAnonymousToken
TargetNtImpersonateAnonymousToken64
TargetNtMapViewOfSection
TargetNtMapViewOfSection64
TargetNtOpenEvent
TargetNtOpenEvent64
TargetNtOpenFile
TargetNtOpenFile64
TargetNtOpenKey
TargetNtOpenKey64
TargetNtOpenKeyEx
TargetNtOpenKeyEx64
TargetNtOpenProcess
TargetNtOpenProcess64
TargetNtOpenProcessToken
TargetNtOpenProcessToken64
TargetNtOpenProcessTokenEx
TargetNtOpenProcessTokenEx64
TargetNtOpenThread
TargetNtOpenThread64
TargetNtOpenThreadToken
TargetNtOpenThreadToken64
TargetNtOpenThreadTokenEx
TargetNtOpenThreadTokenEx64
TargetNtQueryAttributesFile
TargetNtQueryAttributesFile64
TargetNtQueryFullAttributesFile
TargetNtQueryFullAttributesFile64
TargetNtSetInformationFile
TargetNtSetInformationFile64
TargetNtSetInformationThread
TargetNtSetInformationThread64
TargetNtUnmapViewOfSection
TargetNtUnmapViewOfSection64
TargetRegisterClassW
TargetRegisterClassW64
TargetSetOPMSigningKeyAndSequenceNumbers
TargetSetOPMSigningKeyAndSequenceNumbers64
g_handles_to_close
g_interceptions
g_nt
g_originals
g_shared_IPC_size
g_shared_delayed_integrity_level
g_shared_delayed_mitigations
g_shared_policy_size
g_shared_section

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\precomplete
zen.win-specific\zen\private_browsing.VisualElementsManifest.xml
zen.win-specific\zen\private_browsing.exe
.exe windows:10 windows x64 arch:x64

e575f37fbcf305a828176ba505fd3472

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:09:1c:71:bc:84:e5:e6:96:5f:50:8c:6c:95:da:6f:b0:a4:5f:2f:91:15:e1:1a:8a:a6:ab:8a:cf:1c:d4:6b
Signer

Actual PE Digest

0e:09:1c:71:bc:84:e5:e6:96:5f:50:8c:6c:95:da:6f:b0:a4:5f:2f:91:15:e1:1a:8a:a6:ab:8a:cf:1c:d4:6b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

PathAppendW
PathRemoveFileSpecW

user32

MessageBoxW

msvcp140

?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xlength_error@std@@YAXPEBD@Z

kernel32

CloseHandle
CreateProcessW
FormatMessageW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

_CxxThrowException
__C_specific_handler
__current_exception
__current_exception_context
__std_exception_copy
__std_exception_destroy
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_c_exit
_cexit
_configure_wide_argv
_crt_atexit
_exit
_get_wide_winmain_command_line
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
terminate

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
free
malloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-string-l1-1-0

wcslen

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\removed-files
zen.win-specific\zen\softokn3.dll
.dll windows:10 windows x64 arch:x64

47c11b6165364a32d291aef914d612e1

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ba:dc:13:b9:e3:db:c5:ef:68:a6:73:00:fb:a2:3f:47:61:5e:ef:5a:6c:dc:b5:fc:09:f7:fc:aa:b6:d9:8d:36
Signer

Actual PE Digest

ba:dc:13:b9:e3:db:c5:ef:68:a6:73:00:fb:a2:3f:47:61:5e:ef:5a:6c:dc:b5:fc:09:f7:fc:aa:b6:d9:8d:36

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

nss3

DER_Encode_Util
DER_GetInteger_Util
DER_SetUInteger
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_SecureMemcmp
PL_CompareValues
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRemove
PL_NewHashTable
PL_strcasecmp
PL_strncasecmp
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_Realloc_Util
PORT_SetError_Util
PORT_Strdup_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
PR_Access
PR_Available
PR_CallOnce
PR_Close
PR_DestroyLock
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_FindFunctionSymbol
PR_Free
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnv
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_IntervalNow
PR_LoadLibraryWithFlags
PR_Lock
PR_MillisecondsToInterval
PR_NewLock
PR_NewMonitor
PR_Now
PR_OpenFile
PR_Read
PR_SecondsToInterval
PR_Sleep
PR_UnloadLibrary
PR_Unlock
PR_smprintf
PR_smprintf_free
PR_snprintf
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDTag_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_QuickDERDecodeItem_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo
sqlite3_bind_blob
sqlite3_bind_int
sqlite3_bind_text
sqlite3_busy_timeout
sqlite3_close
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_int
sqlite3_column_text
sqlite3_exec
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_mprintf
sqlite3_open_v2
sqlite3_prepare_v2
sqlite3_reset
sqlite3_step

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTempPathA
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcmp
memcpy
memset
strrchr

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-filesystem-l1-1-0

_wchmod

api-ms-win-crt-convert-l1-1-0

atoi
strtoul

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

islower
isupper
strcmp
strcpy
strlen

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

C_GetFunctionList
C_GetInterface
C_GetInterfaceList
FC_GetFunctionList
FC_GetInterface
FC_GetInterfaceList
NSC_GetFunctionList
NSC_GetInterface
NSC_GetInterfaceList
NSC_ModuleDBFunc

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\uninstall\helper.exe
.exe windows:4 windows x86 arch:x86

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:eb:79:1f:a6:da:82:7b:ef:14:b5:e4:f0:42:0b:0b:07:f2:1b:01:65:5b:73:b7:99:7d:60:51:d8:1e:7f:44
Signer

Actual PE Digest

75:eb:79:1f:a6:da:82:7b:ef:14:b5:e4:f0:42:0b:0b:07:f2:1b:01:65:5b:73:b7:99:7d:60:51:d8:1e:7f:44

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$EXEDIR/uninstaller.exe.nsis
$PLUGINSDIR/AccessControl.dll
.dll windows:4 windows x86 arch:x86

4f9ac94e28e29febec2ab9514477dad2

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6e:94:8a:16:ad:53:75:20:39:3f:9a:92:7d:fa:ca:c4:5b:36:e8:0d:f2:d4:d7:ce:ac:a0:27:72:00:8a:eb:e9
Signer

Actual PE Digest

6e:94:8a:16:ad:53:75:20:39:3f:9a:92:7d:fa:ca:c4:5b:36:e8:0d:f2:d4:d7:ce:ac:a0:27:72:00:8a:eb:e9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

ConvertStringSidToSidW
LookupAccountNameW
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
LookupAccountSidW
GetUserNameW
ConvertSidToStringSidW
GetSidSubAuthority
GetSidSubAuthorityCount

kernel32

GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
LocalFree
LocalAlloc
lstrcmpiW
lstrlenW
GetLastError
CloseHandle
GetCurrentProcess
GetFileAttributesW
lstrcatW

user32

wsprintfW

Exports

Exports

ClearOnFile
ClearOnRegKey
DenyOnFile
DenyOnRegKey
DisableFileInheritance
DisableRegKeyInheritance
EnableFileInheritance
EnableRegKeyInheritance
GetCurrentUserName
GetFileGroup
GetFileOwner
GetRegKeyGroup
GetRegKeyOwner
GrantOnFile
GrantOnRegKey
IsUserTheAdministrator
RevokeOnFile
RevokeOnRegKey
SetFileGroup
SetFileOwner
SetOnFile
SetOnRegKey
SetRegKeyGroup
SetRegKeyOwner
SidToName

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AppAssocReg.dll
.dll windows:4 windows x86 arch:x86

3c290133e6ebf9207ee785f8308f1159

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b3:19:49:9a:f9:50:a4:ad:62:71:30:56:3b:47:47:9f:fa:8b:c0:c8:ca:58:a2:bf:51:db:69:e2:58:b2:b0:00
Signer

Actual PE Digest

b3:19:49:9a:f9:50:a4:ad:62:71:30:56:3b:47:47:9f:fa:8b:c0:c8:ca:58:a2:bf:51:db:69:e2:58:b2:b0:00

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc

user32

wsprintfW

ole32

CoCreateInstance
CoTaskMemFree

Exports

Exports

ClearUserAssociations
QueryAppIsDefault
QueryAppIsDefaultAll
QueryCurrentDefault
SetAppAsDefault
SetAppAsDefaultAll

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ApplicationID.dll
.dll windows:5 windows x86 arch:x86

342181dc22e6d047b283267c677abe77

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ca:39:3f:18:5a:1d:09:3a:11:4f:93:e7:73:91:2b:14:e7:83:e8:29:df:e1:08:c1:e8:6f:d2:f8:38:8d:b8:30
Signer

Actual PE Digest

ca:39:3f:18:5a:1d:09:3a:11:4f:93:e7:73:91:2b:14:e7:83:e8:29:df:e1:08:c1:e8:6f:d2:f8:38:8d:b8:30

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\jim\Desktop\metro research\ApplicationID\Release\ApplicationID.pdb

Imports

kernel32

GlobalAlloc
lstrcpynW
GlobalFree
HeapSize
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile

shell32

SHGetPropertyStoreFromParsingName
SHCreateItemFromParsingName

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

SHStrDupW

Exports

Exports

Set
UninstallJumpLists
UninstallPinnedItem

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CityHash.dll
.dll windows:4 windows x86 arch:x86

720db9870d7edf191c6f2f6cfa752e0e

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e6:e9:05:f0:57:a3:f1:63:74:65:04:c6:84:be:46:a3:5f:90:c9:5c:8f:e4:21:00:b3:16:14:69:3f:5f:78:20
Signer

Actual PE Digest

e6:e9:05:f0:57:a3:f1:63:74:65:04:c6:84:be:46:a3:5f:90:c9:5c:8f:e4:21:00:b3:16:14:69:3f:5f:78:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
lstrcpynW
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GlobalFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetStdHandle
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CloseHandle

Exports

Exports

GetCityHash64

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InvokeShellVerb.dll
.dll windows:4 windows x86 arch:x86

6e69df65bd2a5bb187e054e6154f54c2

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

85:cb:ad:76:b8:fa:10:ca:bd:50:1f:7b:d7:06:1c:79:34:65:7d:82:12:be:3f:bc:a2:ff:51:0a:34:b6:04:86
Signer

Actual PE Digest

85:cb:ad:76:b8:fa:10:ca:bd:50:1f:7b:d7:06:1c:79:34:65:7d:82:12:be:3f:bc:a2:ff:51:0a:34:b6:04:86

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

wcstol
wcscmp

kernel32

GlobalAlloc
GlobalFree
lstrcpynW
FreeLibrary
LoadLibraryW
lstrcpyW

user32

LoadStringW

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantInit

Exports

Exports

DoIt

Sections

.text
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 667B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PinToTaskbar.dll
.dll windows:6 windows x86 arch:x86

d4e6fc485e509e0a70d51be16c2e6a49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetProcessHeap
lstrcpynW
HeapAlloc

shell32

SHParseDisplayName

ole32

CoTaskMemFree
CoCreateInstance

Exports

Exports

Pin

Sections

.text
Size: 512B - Virtual size: 351B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ShellLink.dll
.dll windows:5 windows x86 arch:x86

45fa690faed482cb9bfd08458ed442ae

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5b:0d:12:67:a2:11:cb:0a:9b:79:08:28:d3:86:a5:03:ae:57:7c:8a:8a:07:2d:14:1f:32:30:c9:12:f3:ba:4d
Signer

Actual PE Digest

5b:0d:12:67:a2:11:cb:0a:9b:79:08:28:d3:86:a5:03:ae:57:7c:8a:8a:07:2d:14:1f:32:30:c9:12:f3:ba:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc

user32

wsprintfW

ole32

CoCreateInstance

Exports

Exports

GetShortCutArgs
GetShortCutDescription
GetShortCutHotkey
GetShortCutIconIndex
GetShortCutIconLocation
GetShortCutShowMode
GetShortCutTarget
GetShortCutWorkingDirectory
SetRunAsAdministrator
SetShortCutArgs
SetShortCutDescription
SetShortCutHotkey
SetShortCutIconIndex
SetShortCutIconLocation
SetShortCutShowMode
SetShortCutTarget
SetShortCutWorkingDirectory

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e2:d3:cc:e4:f6:37:f5:3f:02:67:d0:49:e3:b3:24:6a:f5:3b:04:3b:1f:95:17:b2:dd:53:f8:b8:5f:f0:69:3f
Signer

Actual PE Digest

e2:d3:cc:e4:f6:37:f5:3f:02:67:d0:49:e3:b3:24:6a:f5:3b:04:3b:1f:95:17:b2:dd:53:f8:b8:5f:f0:69:3f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

2a2e0e82c0dc9890f9201e8bd8ecbff2

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:24:6a:02:97:56:71:df:28:83:48:a9:51:1d:c8:d0:fe:06:ea:52:6e:34:0e:df:3d:2a:f0:4e:6b:9f:22:0c
Signer

Actual PE Digest

6d:24:6a:02:97:56:71:df:28:83:48:a9:51:1d:c8:d0:fe:06:ea:52:6e:34:0e:df:3d:2a:f0:4e:6b:9f:22:0c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
lstrlenW
lstrcpynW
GetVersionExW
lstrcmpiW
GetCurrentThreadId
LoadLibraryW
FreeLibrary
GetProcAddress
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
DuplicateHandle
Sleep
GetCurrentProcessId
CreateThread
GetCommandLineW
OpenProcess
GetLastError
FormatMessageW
LocalFree
GlobalFree
CloseHandle
SetLastError
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
LoadLibraryA
GetModuleHandleW

user32

DialogBoxParamW
CharNextW
UnhookWindowsHookEx
CallNextHookEx
GetClassNameW
SetWindowsHookExW
SendMessageTimeoutW
WaitForInputIdle
DefWindowProcW
PostMessageW
GetLastActivePopup
PostQuitMessage
SetForegroundWindow
DispatchMessageW
GetMessageW
CreateWindowExW
RegisterClassW
UnregisterClassW
GetWindowTextW
TranslateMessage
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
IsWindow
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
LoadImageW
DestroyWindow
GetWindowLongW
EnableWindow
ShowWindow
SetWindowTextW
wsprintfW
GetDlgItem
SendMessageW
LoadStringW
EndDialog

advapi32

RegCloseKey
QueryServiceStatus
OpenServiceW
CloseServiceHandle
OpenSCManagerW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteExW

ole32

CoInitialize
CoUninitialize

Exports

Exports

Exec
ExecCodeSegment
ExecWait
GetElevationType
GetOuterHwnd
GetShellFolderPath
IsAdmin
RunElevated
ShellExec
ShellExecWait
StackPush
SupportsUAC
Unload

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/liteFirewallW.dll
.dll windows:4 windows x86 arch:x86

0119d63f79e3f3aec8a3e2a3222688f9

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:6a:53:45:5c:c7:00:12:fa:23:ce:7a:80:f8:5e:47
Certificate

Issuer

CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-07-2013 12:00

Not After

22-10-2023 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2021 00:00

Not After

19-06-2024 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:4d:2b:29:12:90:56:66:63:22:bc:2f:59:1a:98:e9:bb:b0:e4:2d:11:1a:87:15:3c:a4:ea:9b:02:d4:60:96
Signer

Actual PE Digest

05:4d:2b:29:12:90:56:66:63:22:bc:2f:59:1a:98:e9:bb:b0:e4:2d:11:1a:87:15:3c:a4:ea:9b:02:d4:60:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
InterlockedDecrement
LocalFree

user32

wsprintfW

ole32

CLSIDFromString
CoInitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
OleRun
CoUninitialize

oleaut32

SysAllocString
SysFreeString
GetErrorInfo

msvcrt

_CxxThrowException
_adjust_fdiv
malloc
_initterm
free
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
printf
??1type_info@@UAE@XZ

Exports

Exports

AddRule
RemoveRule

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
zen.win-specific\zen\update-settings.ini
zen.win-specific\zen\updater.exe
.exe windows:10 windows x64 arch:x64

edf02d7fd9dc80d8a245b3ea3133014b

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b5:40:f4:f0:21:a8:e0:f0:6d:de:d1:98:6a:74:d3:54:21:8d:88:0b:28:15:20:94:75:71:60:9c:65:4e:40:89
Signer

Actual PE Digest

b5:40:f4:f0:21:a8:e0:f0:6d:de:d1:98:6a:74:d3:54:21:8d:88:0b:28:15:20:94:75:71:60:9c:65:4e:40:89

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHGetKnownFolderPath
ShellExecuteExW

ws2_32

ntohl

shlwapi

PathAppendW
PathCanonicalizeW
PathCommonPrefixW
PathIsUNCServerShareW
PathRemoveFileSpecW
PathStripPathW
PathStripToRootW

gdi32

SelectObject

user32

CopyRect
DialogBoxParamW
DrawTextW
EndDialog
GetClientRect
GetDC
GetDesktopWindow
GetDlgItem
GetParent
GetWindowLongPtrW
GetWindowRect
LoadIconW
OffsetRect
ReleaseDC
ScreenToClient
SendMessageW
SetTimer
SetWindowLongPtrW
SetWindowPos
SetWindowTextW
WaitForInputIdle

rpcrt4

RpcStringFreeW
UuidCreate
UuidToStringW

ole32

CoTaskMemFree

kernel32

AcquireSRWLockExclusive
ActivateActCtx
CloseHandle
CompareStringW
CopyFileW
CreateActCtxW
CreateDirectoryW
CreateFileW
CreateProcessW
CreateThread
DeactivateActCtx
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EncodePointer
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
LockFile
MoveFileExW
MultiByteToWideChar
OpenProcess
PeekNamedPipe
QueryInformationJobObject
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetDllDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\updater.ini
zen.win-specific\zen\vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0
Signer

Actual PE Digest

1a:10:bc:7c:70:3a:63:1e:59:62:cd:e6:a1:79:12:c0:c4:d6:01:d7:92:6a:f3:49:92:51:74:e7:92:fb:3d:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fothk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

72707e942878aac770fcc118ce3ec1c9

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a
Signer

Actual PE Digest

85:09:23:9c:92:b6:1d:1e:e6:9b:12:ba:3e:b3:d7:ed:7b:08:8e:83:76:bd:0b:8a:b6:25:44:ba:71:da:0e:7a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
RaiseException
RtlPcToFileHeader
GetLastError
DeleteCriticalSection
SetLastError

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\xul.dll
.dll windows:10 windows x64 arch:x64

f1892ae268b2b098ecaaef925714e258

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:ec:de:1d:21:96:61:1c:f9:f1:e0:5f:b2:2e:8a:18:cc:88:88:dd:8d:57:a9:88:f5:9e:89:33:eb:59:75:58
Signer

Actual PE Digest

3a:ec:de:1d:21:96:61:1c:f9:f1:e0:5f:b2:2e:8a:18:cc:88:88:dd:8d:57:a9:88:f5:9e:89:33:eb:59:75:58

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

nss3

CERT_AddCertToListTail
CERT_AsciiToName
CERT_CertListFromCert
CERT_ChangeCertTrust
CERT_CompareName
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeCertPackage
CERT_DecodeTrustString
CERT_DerNameToAscii
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyValidity
CERT_DupCertificate
CERT_ExtractPublicKey
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCertByIssuerAndSN
CERT_FindCertByNickname
CERT_FindKeyUsageExtension
CERT_GetCertTrust
CERT_GetCertificateDer
CERT_GetCommonName
CERT_GetDefaultCertDB
CERT_GetFirstEmailAddress
CERT_GetImposedNameConstraints
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_Hexify
CERT_IsCACert
CERT_MakeCANickname
CERT_NewCertList
CERT_NewTempCertificate
CERT_RemoveCertListNode
DER_DecodeTimeChoice
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSigWithLen
DTLS_GetHandshakeTimeout
DTLS_ImportFD
HASH_GetHashObject
HASH_HashBuf
HASH_ResultLenByOidTag
NSSSMIME_GetVersion
NSSSSL_GetVersion
NSSUTIL_GetVersion
NSS_CMSContentInfo_GetContent
NSS_CMSContentInfo_GetContentTypeTag
NSS_CMSContentInfo_SetContent_SignedData
NSS_CMSEncoder_Finish
NSS_CMSEncoder_Start
NSS_CMSMessage_ContentLevel
NSS_CMSMessage_Create
NSS_CMSMessage_CreateFromDER
NSS_CMSMessage_Destroy
NSS_CMSMessage_GetContentInfo
NSS_CMSMessage_IsSigned
NSS_CMSSignedData_AddCertificate
NSS_CMSSignedData_CreateCertsOnly
NSS_CMSSignedData_Destroy
NSS_CMSSignedData_GetSignerInfo
NSS_CMSSignedData_SignerInfoCount
NSS_CMSSignerInfo_GetSigningCertificate
NSS_CMSSignerInfo_Verify
NSS_FindCertKEAType
NSS_GetAlgorithmPolicy
NSS_GetVersion
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_InitContext
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_OptionSet
NSS_SecureMemcmp
NSS_SetAlgorithmPolicy
NSS_SetDomesticPolicy
NSS_Shutdown
NSS_ShutdownContext
NSS_VersionCheck
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AEADOp
PK11_Authenticate
PK11_ChangePW
PK11_CheckUserPassword
PK11_CipherOp
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreatePBEV2AlgorithmID
PK11_Decrypt
PK11_DeleteTokenCertAndKey
PK11_Derive
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestOp
PK11_DoesMechanism
PK11_Encrypt
PK11_ExportDERPrivateKeyInfo
PK11_ExportEncryptedPrivKeyInfo
PK11_ExtractKeyValue
PK11_FindCertFromNickname
PK11_FindEncodedCertInSlot
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindRawCertsWithSubject
PK11_FreeSlot
PK11_FreeSymKey
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetBestSlot
PK11_GetCertsMatchingPrivateKey
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetNextGenericObject
PK11_GetNextSymKey
PK11_GetPrivateModulusLen
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotSeries
PK11_GetTokenInfo
PK11_GetTokenName
PK11_HPKE_Deserialize
PK11_HPKE_DestroyContext
PK11_HPKE_ExportSecret
PK11_HPKE_GetEncapPubKey
PK11_HPKE_NewContext
PK11_HPKE_Open
PK11_HPKE_Seal
PK11_HPKE_Serialize
PK11_HPKE_SetupR
PK11_HPKE_SetupS
PK11_HPKE_ValidateParameters
PK11_HasAttributeSet
PK11_HasRootCerts
PK11_HashBuf
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportDataKey
PK11_ImportEncryptedPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey
PK11_ImportSymKey
PK11_InitPin
PK11_IsDisabled
PK11_IsFIPS
PK11_IsFriendly
PK11_IsInternal
PK11_IsInternalKeySlot
PK11_IsLoggedIn
PK11_IsPresent
PK11_IsReadOnly
PK11_KeyForCertExists
PK11_KeyGen
PK11_ListCerts
PK11_ListCertsInSlot
PK11_ListPrivKeysInSlot
PK11_Logout
PK11_LogoutAll
PK11_MapSignKeyType
PK11_NeedLogin
PK11_NeedUserInit
PK11_PBEKeyGen
PK11_ParamFromIV
PK11_PrivDecrypt
PK11_ProtectedAuthenticationPath
PK11_PubDeriveWithKDF
PK11_PubEncrypt
PK11_ReadDistrustAfterAttribute
PK11_ReadRawAttribute
PK11_ReferenceSlot
PK11_ReferenceSymKey
PK11_ResetToken
PK11_SetPasswordFunc
PK11_SignWithMechanism
PK11_SignatureLen
PK11_UnwrapSymKey
PK11_VerifyWithMechanism
PK11_WrapSymKey
PL_Base64Decode
PL_Base64Encode
PL_strcasecmp
PL_strcasestr
PL_strcmp
PL_strncasecmp
PL_strncpyz
PL_strstr
PL_strtok_r
PORT_ArenaAlloc
PORT_ArenaZAlloc
PORT_Free
PORT_FreeArena
PORT_GetError
PORT_NewArena
PORT_SetUCS2_ASCIIConversionFunction
PORT_UCS2_UTF8Conversion
PR_Accept
PR_Available
PR_Available64
PR_Bind
PR_CallOnce
PR_ChangeFileDescNativeHandle
PR_Close
PR_CloseFileMap
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateFileMap
PR_CreateIOLayerStub
PR_CreateThread
PR_DestroyCondVar
PR_DestroyLock
PR_DestroyMonitor
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_ErrorInstallTable
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindSymbol
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetIdentitiesLayer
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetMemMapAlignment
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetSystemInfo
PR_GetThreadName
PR_GetThreadPrivate
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_InitializeNetAddr
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinThread
PR_Listen
PR_LoadLibraryWithFlags
PR_LocalTimeParameters
PR_Lock
PR_LogPrint
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewMonitor
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyCondVar
PR_Now
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_Poll
PR_PopIOLayer
PR_PushIOLayer
PR_Read
PR_Recv
PR_RecvFrom
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Send
PR_SendTo
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetFDInheritable
PR_SetNetAddr
PR_SetSocketOption
PR_SetThreadPriority
PR_SetThreadPrivate
PR_Sleep
PR_StringToNetAddr
PR_Sync
PR_TicksPerSecond
PR_UnloadLibrary
PR_Unlock
PR_Wait
PR_WaitCondVar
PR_Write
PR_dtoa
PR_fprintf
PR_htonl
PR_htons
PR_ntohl
PR_ntohs
PR_sscanf
PR_strtod
PR_vsnprintf
SECITEM_AllocItem
SECITEM_AllocItem_Util
SECITEM_CopyItem
SECITEM_DupItem
SECITEM_FreeArray
SECITEM_FreeItem
SECITEM_FreeItem_Util
SECITEM_ItemsAreEqual
SECKEY_ConvertToPublicKey
SECKEY_CopyPrivateKey
SECKEY_CopyPublicKey
SECKEY_CreateSubjectPublicKeyInfo
SECKEY_DecodeDERSubjectPublicKeyInfo
SECKEY_DestroyEncryptedPrivateKeyInfo
SECKEY_DestroyPrivateKey
SECKEY_DestroyPrivateKeyList
SECKEY_DestroyPublicKey
SECKEY_DestroySubjectPublicKeyInfo
SECKEY_ExtractPublicKey
SECKEY_GetPublicKeyType
SECKEY_ImportDERPublicKey
SECKEY_PublicKeyStrength
SECKEY_SignatureLen
SECMOD_AddNewModule
SECMOD_CanDeleteInternalModule
SECMOD_DeleteInternalModule
SECMOD_DeleteModule
SECMOD_DestroyModule
SECMOD_FindModule
SECMOD_GetDeadModuleList
SECMOD_GetDefaultModuleList
SECMOD_GetDefaultModuleListLock
SECMOD_GetInternalModule
SECMOD_GetReadLock
SECMOD_LoadUserModule
SECMOD_LockedModuleHasRemovableSlots
SECMOD_PubCipherFlagstoInternal
SECMOD_PubMechFlagstoInternal
SECMOD_ReferenceModule
SECMOD_ReleaseReadLock
SECMOD_UnloadUserModule
SECMOD_UpdateSlotList
SECOID_DestroyAlgorithmID
SECOID_FindOID
SECOID_FindOIDByTag
SECOID_FindOIDTag
SECOID_SetAlgorithmID
SEC_ASN1DecodeItem
SEC_ASN1EncodeItem
SEC_DeletePermCertificate
SEC_DerSignData
SEC_PKCS12AddCertAndKey
SEC_PKCS12AddPasswordIntegrity
SEC_PKCS12CreateExportContext
SEC_PKCS12CreatePasswordPrivSafe
SEC_PKCS12CreateUnencryptedSafe
SEC_PKCS12DecoderFinish
SEC_PKCS12DecoderImportBags
SEC_PKCS12DecoderStart
SEC_PKCS12DecoderUpdate
SEC_PKCS12DecoderValidateBags
SEC_PKCS12DecoderVerify
SEC_PKCS12DestroyExportContext
SEC_PKCS12EnableCipher
SEC_PKCS12Encode
SEC_PKCS12IsEncryptionAllowed
SEC_PKCS12SetPreferredCipher
SEC_StringToOID
SGN_CreateDigestInfo
SGN_DestroyDigestInfo
SSL_AlertSentCallback
SSL_AuthCertificateComplete
SSL_AuthCertificateHook
SSL_CipherPrefGet
SSL_CipherPrefSet
SSL_CipherPrefSetDefault
SSL_ClearSessionCache
SSL_ClientCertCallbackComplete
SSL_ConfigSecureServer
SSL_ExportKeyingMaterial
SSL_ForceHandshake
SSL_GetChannelInfo
SSL_GetCipherSuiteInfo
SSL_GetClientAuthDataHook
SSL_GetExperimentalAPI
SSL_GetImplementedCiphers
SSL_GetNextProto
SSL_GetNumImplementedCiphers
SSL_GetPreliminaryChannelInfo
SSL_HandshakeCallback
SSL_HandshakeNegotiatedExtension
SSL_ImplementedCiphers
SSL_ImportFD
SSL_NamedGroupConfig
SSL_NumImplementedCiphers
SSL_OptionGet
SSL_OptionSet
SSL_OptionSetDefault
SSL_PeerCertificate
SSL_PeerCertificateChain
SSL_PeerSignedCertTimestamps
SSL_PeerStapledOCSPResponses
SSL_ResetHandshake
SSL_SendAdditionalKeyShares
SSL_SetCanFalseStartCallback
SSL_SetDowngradeCheckVersion
SSL_SetNextProtoNego
SSL_SetPKCS11PinArg
SSL_SetSockPeerID
SSL_SetTrustAnchors
SSL_SetURL
SSL_SignatureSchemePrefSet
SSL_VersionRangeGet
SSL_VersionRangeGetDefault
SSL_VersionRangeGetSupported
SSL_VersionRangeSet
SSL_VersionRangeSetDefault
VFY_Begin
VFY_CreateContext
VFY_DestroyContext
VFY_End
VFY_Update
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_zeroblob
sqlite3_busy_timeout
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation

gkcodecs

aom_codec_av1_dx
aom_codec_dec_init_ver
aom_codec_decode
aom_codec_destroy
aom_codec_err_to_string
aom_codec_get_frame
aom_codec_peek_stream_info
aom_img_plane_height
aom_img_plane_width
ogg_set_mem_functions
ogg_stream_clear
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_pageout
opus_decode
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_get_version_string
opus_multistream_decode
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_encode
opus_multistream_encoder_create
opus_multistream_encoder_ctl
opus_multistream_encoder_destroy
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_samples_per_frame
opus_packet_parse
vorbis_block_clear
vorbis_block_init
vorbis_comment_clear
vorbis_comment_init
vorbis_dsp_clear
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_restart
vpx_codec_control_
vpx_codec_dec_init_ver
vpx_codec_decode
vpx_codec_destroy
vpx_codec_enc_config_default
vpx_codec_enc_config_set
vpx_codec_enc_init_multi_ver
vpx_codec_enc_init_ver
vpx_codec_encode
vpx_codec_err_to_string
vpx_codec_error
vpx_codec_error_detail
vpx_codec_get_cx_data
vpx_codec_get_frame
vpx_codec_set_frame_buffer_functions
vpx_codec_vp8_cx
vpx_codec_vp8_dx
vpx_codec_vp9_cx
vpx_codec_vp9_dx
vpx_img_alloc
vpx_img_free
vpx_img_wrap

lgpllibs

??0RLBoxSoundTouch@mozilla@@QEAA@XZ
??1RLBoxSoundTouch@mozilla@@QEAA@XZ
?Init@RLBoxSoundTouch@mozilla@@QEAA_NXZ
?flush@RLBoxSoundTouch@mozilla@@QEAAXXZ
?numSamples@RLBoxSoundTouch@mozilla@@QEAA?AV?$tainted@IVrlbox_wasm2c_sandbox@rlbox@@@rlbox@@XZ
?numUnprocessedSamples@RLBoxSoundTouch@mozilla@@QEAA?AV?$tainted@IVrlbox_wasm2c_sandbox@rlbox@@@rlbox@@XZ
?putSamples@RLBoxSoundTouch@mozilla@@QEAAXPEBMI@Z
?receiveSamples@RLBoxSoundTouch@mozilla@@QEAAIPEAMI@Z
?setChannels@RLBoxSoundTouch@mozilla@@QEAAXI@Z
?setPitch@RLBoxSoundTouch@mozilla@@QEAAXN@Z
?setRate@RLBoxSoundTouch@mozilla@@QEAAXN@Z
?setSampleRate@RLBoxSoundTouch@mozilla@@QEAAXI@Z
?setSetting@RLBoxSoundTouch@mozilla@@QEAAXHH@Z
?setTempo@RLBoxSoundTouch@mozilla@@QEAAXN@Z

mozglue

??$AddMarker@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@AEBV?$ProfilerStringView@D@1@AEBVMarkerCategory@1@$$QEAVMarkerOptions@1@UTextMarker@markers@01@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0AutoSuppressStackWalking@@QEAA@XZ
??0ConditionVariableImpl@detail@mozilla@@QEAA@XZ
??0Decimal@blink@@QEAA@AEBV01@@Z
??0Decimal@blink@@QEAA@H@Z
??0LZ4FrameCompressionContext@Compression@mozilla@@QEAA@H_K_N1@Z
??0LZ4FrameDecompressionContext@Compression@mozilla@@QEAA@_N@Z
??0LockedMarkerTypeFunctionsList@Streaming@base_profiler_markers_detail@mozilla@@QEAA@XZ
??0MutexImpl@detail@mozilla@@QEAA@XZ
??0PrintfTarget@mozilla@@IEAA@XZ
??0RWLockImpl@detail@mozilla@@QEAA@XZ
??0SHA1Sum@mozilla@@QEAA@XZ
??0UniqueJSONStrings@baseprofiler@mozilla@@QEAA@AEAVFailureLatch@2@@Z
??0UniqueJSONStrings@baseprofiler@mozilla@@QEAA@AEAVFailureLatch@2@AEBV012@VProgressLogger@2@@Z
??1AutoSuppressStackWalking@@QEAA@XZ
??1ConditionVariableImpl@detail@mozilla@@QEAA@XZ
??1LZ4FrameCompressionContext@Compression@mozilla@@QEAA@XZ
??1LZ4FrameDecompressionContext@Compression@mozilla@@QEAA@XZ
??1LockedMarkerTypeFunctionsList@Streaming@base_profiler_markers_detail@mozilla@@QEAA@XZ
??1MutexImpl@detail@mozilla@@QEAA@XZ
??1RWLockImpl@detail@mozilla@@QEAA@XZ
??1UniqueJSONStrings@baseprofiler@mozilla@@UEAA@XZ
??3@YAXPEAX@Z
??3@YAXPEAX_K@Z
??4Decimal@blink@@QEAAAEAV01@AEBV01@@Z
??8Decimal@blink@@QEBA_NAEBV01@@Z
??9Decimal@blink@@QEBA_NAEBV01@@Z
??DDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GAwakeTimeStamp@mozilla@@QEBA?AVAwakeTimeDuration@1@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@AEBV01@@Z
??GDecimal@blink@@QEBA?AV01@XZ
??GTimeStampValue@mozilla@@QEBA_KAEBV01@@Z
??HDecimal@blink@@QEBA?AV01@AEBV01@@Z
??KDecimal@blink@@QEBA?AV01@AEBV01@@Z
??MDecimal@blink@@QEBA_NAEBV01@@Z
??NDecimal@blink@@QEBA_NAEBV01@@Z
??ODecimal@blink@@QEBA_NAEBV01@@Z
??PDecimal@blink@@QEBA_NAEBV01@@Z
??RFileHandleDeleter@detail@mozilla@@QEAAXUFileHandleHelper@12@@Z
??YDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??ZDecimal@blink@@QEAAAEAV01@AEBV01@@Z
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
?BeginCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@V?$Span@D$0?0@3@@Z
?BeginProcessRuntimeInit@detail@mscom@mozilla@@YAAEAW4ProcessInitState@123@XZ
?ConsumePreXULSkeletonUIHandle@mozilla@@YAPEAUHWND__@@XZ
?ContinueCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@V?$Span@$$CBD$0?0@3@@Z
?Decompress@LZ4FrameDecompressionContext@Compression@mozilla@@QEAA?AV?$Result@ULZ4FrameDecompressionResult@Compression@mozilla@@_K@3@V?$Span@D$0?0@3@V?$Span@$$CBD$0?0@3@@Z
?DeserializerForTag@Streaming@base_profiler_markers_detail@mozilla@@SAP6AXAEAVProfileBufferEntryReader@3@AEAVSpliceableJSONWriter@baseprofiler@3@@ZE@Z
?DllBlocklist_CheckStatus@@YA_NXZ
?DllBlocklist_SetFullDllServices@@YAXPEAVDllServicesBase@detail@glue@mozilla@@@Z
?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPEADHPEA_NPEAH3@Z
?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAAEBV12@XZ
?EndCompressing@LZ4FrameCompressionContext@Compression@mozilla@@QEAA?AV?$Result@V?$Span@$$CBD$0?0@mozilla@@_K@3@XZ
?EndProcessRuntimeInit@detail@mscom@mozilla@@YAXXZ
?EnsureBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ
?ExtractBaseProfilerChunkManager@detail@baseprofiler@mozilla@@YA?AV?$UniquePtr@VProfileBufferChunkManagerWithLocalLimit@mozilla@@V?$DefaultDelete@VProfileBufferChunkManagerWithLocalLimit@mozilla@@@2@@3@XZ
?FilterHasPid@detail@profiler@mozilla@@YA_NPEBDVBaseProfilerProcessId@baseprofiler@3@@Z
?FiltersExcludePid@detail@profiler@mozilla@@YA_NV?$Span@QEBD$0?0@3@VBaseProfilerProcessId@baseprofiler@3@@Z
?FirstTimeStamp@TimeStamp@mozilla@@SA?AV12@XZ
?GenerateRandomBytesFromOS@mozilla@@YA_NPEAX_K@Z
?GetCachedNtDllThunk@mozilla@@YAPEAV?$Buffer@U_IMAGE_THUNK_DATA64@@@1@XZ
?GetClearedBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAPEAVProfileChunkedBuffer@2@XZ
?GetOrAddIndex@UniqueJSONStrings@baseprofiler@mozilla@@AEAA?AV?$Maybe@I@3@AEBV?$Span@$$CBD$0?0@3@@Z
?GetPreXULSkeletonUIEnabled@mozilla@@YA_NXZ
?GetPreXULSkeletonUIErrorReason@mozilla@@YA?AV?$Maybe@W4PreXULSkeletonUIError@mozilla@@@1@XZ
?GetPreXULSkeletonUIWasShown@mozilla@@YA_NXZ
?GetProfilingCategoryPairInfo@baseprofiler@mozilla@@YAAEBUProfilingCategoryPairInfo@12@W4ProfilingCategoryPair@12@@Z
?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPEAVProfilingStack@23@XZ
?GetProfilingStartTime@detail@baseprofiler@mozilla@@YA?AVTimeStamp@3@XZ
?GetThreadRegistrationTime@detail@baseprofiler@mozilla@@YA?AVTimeStamp@3@XZ
?HashBytes@mozilla@@YAIPEBX_K@Z
?InvalidArrayIndex_CRASH@detail@mozilla@@YAX_K0@Z
?IsActive@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsActiveAndUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsEafPlusEnabled@mozilla@@YA_NXZ
?IsFloat32Representable@mozilla@@YA_NN@Z
?IsWin32kLockedDown@mozilla@@YA_NXZ
?MozStackWalkThread@@YAXP6AXIPEAX00@ZI00PEAU_CONTEXT@@@Z
?NotePreXULSkeletonUIRestarting@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@XZ
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z
?NowLoRes@AwakeTimeStamp@mozilla@@SA?AV12@XZ
?PersistPreXULSkeletonUIValues@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@AEBUSkeletonUISettings@1@@Z
?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ
?ProcessUptimeExcludingSuspendMs@mozilla@@YA?AV?$Maybe@_K@1@XZ
?ProcessUptimeMs@mozilla@@YA?AV?$Maybe@_K@1@XZ
?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ
?RandomUint64OrDie@mozilla@@YA_KXZ
?RecordProcessRestart@TimeStamp@mozilla@@SAXXZ
?RegisterJitCodeRegion@@YAXPEAE_K@Z
?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APEAXPEBD0PEAX@ZP6AX1@Z@Z
?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ
?ResolutionInTicks@BaseTimeDurationPlatformUtils@mozilla@@SA_JXZ
?SetGeckoProcessType@mozilla@@YAXPEBD@Z
?SetPreXULSkeletonUIEnabledIfAllowed@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@_N@Z
?SetPreXULSkeletonUIThemeId@mozilla@@YA?AV?$Result@UOk@mozilla@@W4PreXULSkeletonUIError@2@@1@W4ThemeMode@1@@Z
?SpliceStringTableElements@UniqueJSONStrings@baseprofiler@mozilla@@QEAAXAEAVSpliceableJSONWriter@23@@Z
?Startup@TimeStamp@mozilla@@SAXXZ
?Stream@MarkerSchema@mozilla@@QEHAAXAEAVJSONWriter@2@AEBV?$Span@$$CBD$0?0@2@@Z
?StringToDouble@StringToDoubleConverter@double_conversion@@QEBANPEBDHPEAH@Z
?StringToDouble@StringToDoubleConverter@double_conversion@@QEBANPEBGHPEAH@Z
?StringToFloat@StringToDoubleConverter@double_conversion@@QEBAMPEBGHPEAH@Z
?TagForMarkerTypeFunctions@Streaming@base_profiler_markers_detail@mozilla@@SAEP6AXAEAVProfileBufferEntryReader@3@AEAVSpliceableJSONWriter@baseprofiler@3@@ZP6A?AV?$Span@$$CBD$0?0@3@XZP6A?AVMarkerSchema@3@XZ@Z
?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z
?ToExponential@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToFixed@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToPrecision@DoubleToStringConverter@double_conversion@@QEBA_NNHPEAVStringBuilder@2@@Z
?ToSeconds@AwakeTimeDuration@mozilla@@QEBANXZ
?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToSecondsSigDigits@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z
?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@AEBA_NNPEAVStringBuilder@2@W4DtoaMode@12@@Z
?UnregisterJitCodeRegion@@YAXPEAE_K@Z
?UnregisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?WasPreXULSkeletonUIMaximized@mozilla@@YA_NXZ
?WindowsBCryptInitialization@mozilla@@YA_NXZ
?WindowsMsctfInitialization@mozilla@@YA_NXZ
?WindowsStackWalkInitialization@mozilla@@YAXXZ
?abs@Decimal@blink@@QEBA?AV12@XZ
?aes_enabled@sse_private@mozilla@@3_NA
?appendIntDec@PrintfTarget@mozilla@@QEAA_NH@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_NI@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_N_J@Z
?appendIntDec@PrintfTarget@mozilla@@QEAA_N_K@Z
?appendIntHex@PrintfTarget@mozilla@@QEAA_NI@Z
?appendIntHex@PrintfTarget@mozilla@@QEAA_N_K@Z
?avx2_enabled@sse_private@mozilla@@3_NA
?avx_enabled@sse_private@mozilla@@3_NA
?compress@LZ4@Compression@mozilla@@SA_KPEBD_KPEAD@Z
?decompress@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?decompressPartial@LZ4@Compression@mozilla@@SA_NPEBD_KPEAD1PEA_K@Z
?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@@AEAAXXZ
?finish@SHA1Sum@mozilla@@QEAAXAEAY0BE@E@Z
?floor@Decimal@blink@@QEBA?AV12@XZ
?fromDouble@Decimal@blink@@SA?AV12@N@Z
?fromString@Decimal@blink@@SA?AV12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?gChaosFeatures@detail@mozilla@@3W4ChaosFeature@2@A
?gChaosModeCounter@detail@mozilla@@3V?$Atomic@I$01X@2@A
?gTwoCharEscapes@detail@mozilla@@3QBDB
?has_constant_tsc@sse_private@mozilla@@3_NA
?lock@MutexImpl@detail@mozilla@@IEAAXXZ
?memchr16@SIMD@mozilla@@SAPEB_SPEB_S_S_K@Z
?memchr2x16@SIMD@mozilla@@SAPEB_SPEB_S_S1_K@Z
?memchr2x8@SIMD@mozilla@@SAPEBDPEBDDD_K@Z
?memchr64@SIMD@mozilla@@SAPEB_KPEB_K_K1@Z
?memchr8@SIMD@mozilla@@SAPEBDPEBDD_K@Z
?mmx_enabled@sse_private@mozilla@@3_NA
?mozalloc_handle_oom@@YAX_K@Z
?notify_all@ConditionVariableImpl@detail@mozilla@@QEAAXXZ
?notify_one@ConditionVariableImpl@detail@mozilla@@QEAAXXZ
?print@PrintfTarget@mozilla@@QEAA_NPEBDZZ
?profiler_active_without_feature@baseprofiler@mozilla@@YA_NI@Z
?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAEAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z
?profiler_current_process_id@baseprofiler@mozilla@@YA?AVBaseProfilerProcessId@12@XZ
?profiler_current_thread_id@baseprofiler@mozilla@@YA?AVBaseProfilerThreadId@12@XZ
?profiler_get_core_buffer@baseprofiler@mozilla@@YAAEAVProfileChunkedBuffer@2@XZ
?profiler_init_main_thread_id@baseprofiler@mozilla@@YAXXZ
?profiler_main_thread_id@baseprofiler@mozilla@@YA?AVBaseProfilerThreadId@12@XZ
?profiler_stop@baseprofiler@mozilla@@YAXXZ
?readLock@RWLockImpl@detail@mozilla@@IEAAXXZ
?readUnlock@RWLockImpl@detail@mozilla@@IEAAXXZ
?round@Decimal@blink@@QEBA?AV12@XZ
?sChildProcessType@startup@mozilla@@3W4GeckoProcessType@@A
?sse3_enabled@sse_private@mozilla@@3_NA
?sse4_1_enabled@sse_private@mozilla@@3_NA
?sse4_2_enabled@sse_private@mozilla@@3_NA
?sse4a_enabled@sse_private@mozilla@@3_NA
?ssse3_enabled@sse_private@mozilla@@3_NA
?toDouble@Decimal@blink@@QEBANXZ
?toString@Decimal@blink@@QEBA_NPEAD_K@Z
?tryLock@MutexImpl@detail@mozilla@@IEAA_NXZ
?tryReadLock@RWLockImpl@detail@mozilla@@IEAA_NXZ
?unlock@MutexImpl@detail@mozilla@@IEAAXXZ
?update@SHA1Sum@mozilla@@QEAAXPEBXI@Z
?vprint@PrintfTarget@mozilla@@QEAA_NPEBDPEAD@Z
?wait@ConditionVariableImpl@detail@mozilla@@QEAAXAEAVMutexImpl@23@@Z
?wait_for@ConditionVariableImpl@detail@mozilla@@QEAA?AW4CVStatus@3@AEAVMutexImpl@23@AEBV?$BaseTimeDuration@VTimeDurationValueCalculator@mozilla@@@3@@Z
?writeLock@RWLockImpl@detail@mozilla@@IEAAXXZ
?writeUnlock@RWLockImpl@detail@mozilla@@IEAAXXZ
?xgetbv@mozilla@@YA_KI@Z
GetAllocatorStallSpecs
GetPHCStats
MOZ_CrashPrintf
MozDescribeCodeAddress
MozFormatCodeAddressDetails
MozStackWalk
MozWalkTheStack
MozWalkTheStackWithWriter
PHCMemoryUsage
SetPHCProbabilities
SetPHCState
_aligned_free
_aligned_malloc
_strdup
_wcsdup
calloc
fprint_stderr
fprintf_stderr
free
gMozCrashReason
gMozillaPoisonValue
jemalloc_free_dirty_pages
jemalloc_ptr_info
jemalloc_set_main_thread
jemalloc_stats_internal
jemalloc_stats_num_bins
jemalloc_thread_local_arena
malloc
malloc_good_size
moz_arena_calloc
moz_arena_malloc
moz_arena_realloc
moz_create_arena_with_params
moz_dispose_arena
moz_malloc_size_of
moz_malloc_usable_size
moz_set_max_dirty_page_modifier
moz_xcalloc
moz_xmalloc
moz_xmemdup
moz_xrealloc
moz_xstrdup
mozalloc_abort
print_stderr
printf_stderr
realloc
strdup
wcsdup

crypt32

CertCloseStore
CertFindCertificateInStore
CertGetEnhancedKeyUsage
CertOpenStore
CryptBinaryToStringW

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor

ktmw32

CommitTransaction
CreateTransaction

rpcrt4

RpcStringFreeA
RpcStringFreeW
UuidFromStringW
UuidToStringA
UuidToStringW

ntdll

NtCancelIoFileEx
NtCreateFile
NtDeviceIoControlFile
NtOpenDirectoryObject
NtQueryDirectoryObject
NtQueryInformationProcess
NtQueryObject
NtQuerySystemInformation
NtReadFile
NtWriteFile
RtlAddFunctionTable
RtlAddGrowableFunctionTable
RtlCaptureContext
RtlCompareMemory
RtlFreeHeap
RtlFreeUnicodeString
RtlInitUnicodeString
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlVirtualUnwind
VerSetConditionMask

bcrypt

BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptDestroyHash
BCryptFinishHash
BCryptGenRandom
BCryptHashData
BCryptOpenAlgorithmProvider

propsys

PropVariantToString

advapi32

AllocateAndInitializeSid
AllocateLocallyUniqueId
BuildTrusteeWithSidW
CheckTokenMembership
CloseServiceHandle
ConvertSidToStringSidA
ConvertSidToStringSidW
CreateProcessAsUserW
CreateWellKnownSid
CredDeleteA
CredFree
CredReadA
CredWriteA
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
DuplicateToken
EqualSid
EventRegister
EventSetInformation
EventUnregister
EventWrite
EventWriteTransfer
FreeSid
GetAce
GetNamedSecurityInfoW
GetSecurityInfo
GetTokenInformation
GetTraceLoggerHandle
GetUserNameW
InitializeAcl
InitializeSecurityDescriptor
LogonUserW
LookupAccountNameW
LsaNtStatusToWinError
OpenProcessToken
OpenSCManagerW
OpenServiceW
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExW
RegCreateKeyTransactedW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegGetValueW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
RevertToSelf
SetEntriesInAclW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityInfo
SetThreadToken
SystemFunction036
TraceEvent
UnregisterTraceGuids

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ws2_32

WSACleanup
WSAGetLastError
WSAIoctl
WSASendMsg
WSASocketW
WSAStartup
WSCEnumProtocols
WSCGetProviderInfo
WSCGetProviderPath
bind
closesocket
freeaddrinfo
getaddrinfo
gethostname
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntop
inet_pton
ioctlsocket
ntohl
ntohs
recvfrom
sendto
setsockopt
shutdown
socket

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

msvcp140

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
??0facet@locale@std@@IEAA@_K@Z
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??1facet@locale@std@@MEAA@XZ
??1ios_base@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??Bid@locale@std@@QEAA_KXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Throw_Cpp_error@std@@YAXH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?classic@locale@std@@SAAEBV12@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?eof@ios_base@std@@QEBA_NXZ
?fail@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
_Cnd_broadcast
_Cnd_destroy_in_situ
_Cnd_do_broadcast_at_thread_exit
_Cnd_init_in_situ
_Cnd_signal
_Cnd_wait
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
_Mtx_unlock
_Query_perf_counter
_Query_perf_frequency
_Strcoll
_Strxfrm
_Thrd_detach
_Thrd_hardware_concurrency
_Thrd_id
_Thrd_join
_Xtime_get_ticks

bcryptprimitives

ProcessPrng

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AllocConsole
AttachConsole
CancelIo
CancelIoEx
CancelSynchronousIo
CloseHandle
CloseThreadpoolWait
CompareFileTime
CompareStringOrdinal
ConnectNamedPipe
CopyFileExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMemoryResourceNotification
CreateMutexA
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateThreadpoolWait
CreateWaitableTimerExW
DebugBreak
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetApplicationRestartSettings
GetCommandLineW
GetComputerNameExA
GetComputerNameW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrencyFormatEx
GetCurrentApplicationUserModelId
GetCurrentDirectoryW
GetCurrentPackageFullName
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatEx
GetDiskFreeSpaceExW
GetDriveTypeW
GetDynamicTimeZoneInformation
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSize
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeServerProcessId
GetNativeSystemInfo
GetNumberFormatEx
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessIdOfThread
GetProcessTimes
GetQueuedCompletionStatus
GetQueuedCompletionStatusEx
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetSystemDefaultLangID
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetSystemTimePreciseAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadGroupAffinity
GetThreadId
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetTimeFormatA
GetTimeFormatEx
GetTimeZoneInformation
GetUserDefaultLangID
GetUserGeoID
GetUserPreferredUILanguages
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetVolumePathNameW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
HeapLock
HeapSetInformation
HeapUnlock
HeapWalk
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsWow64Process
K32EnumProcessModules
K32GetProcessImageFileNameW
K32GetProcessMemoryInfo
K32QueryWorkingSet
LCIDToLocaleName
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
LocaleNameToLCID
LockFile
LockFileEx
MapViewOfFile
MapViewOfFileEx
MoveFileExW
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PostQueuedCompletionStatus
PowerClearRequest
PowerCreateRequest
PowerSetRequest
ProcessIdToSessionId
QueryDosDeviceW
QueryFullProcessImageNameA
QueryFullProcessImageNameW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueryProcessCycleTime
QueryThreadCycleTime
RaiseException
ReadFile
ReadProcessMemory
RegisterApplicationRestart
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ReplaceFileA
ResetEvent
ResolveLocaleName
ResumeThread
SetConsoleMode
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetProcessShutdownParameters
SetStdHandle
SetThreadErrorMode
SetThreadIdealProcessor
SetThreadPriority
SetThreadStackGuarantee
SetThreadpoolWait
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockShared
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterApplicationRestart
UnregisterWait
UnregisterWaitEx
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
VirtualUnlock
WTSGetActiveConsoleSessionId
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWaitCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcatW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

vcruntime140

_CxxThrowException
__C_specific_handler
__CxxFrameHandler3
__RTDynamicCast
__RTtypeid
__intrinsic_setjmp
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_name
longjmp
memchr
memcmp
memcpy
memmove
memset
strchr
strrchr
strstr
wcschr
wcsrchr
wcsstr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_close
_dup
_fileno
_fseeki64
_get_osfhandle
_get_stream_buffer_pointers
_getc_nolock
_isatty
_lseeki64
_mktemp_s
_open
_open_osfhandle
_wfopen
_wfsopen
_wmktemp_s
_wopen
_write
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fputc
fputs
fread
freopen
fseek
fsetpos
ftell
fwrite
putchar
puts
rewind
setbuf
setvbuf
ungetc

api-ms-win-crt-time-l1-1-0

__timezone
__tzname
_difftime64
_ftime64
_gmtime64
_gmtime64_s
_localtime64
_localtime64_s
_mktime64
_time64
_tzset
strftime

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
_configure_narrow_argv
_controlfp_s
_crt_atexit
_errno
_execute_onexit_table
_exit
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_seh_filter_dll
_wassert
abort
exit
fegetenv
fesetenv
perror
raise
strerror

api-ms-win-crt-math-l1-1-0

_dclass
_dpcomp
_dsign
_dtest
_fdclass
_fdopen
_fdsign
_fdtest
_hypot
_hypotf
_isnan
acos
acosf
acosh
acoshf
asin
asinf
asinh
asinhf
atan
atan2
atan2f
atanf
atanh
atanhf
cbrt
cbrtf
ceilf
cos
cosf
cosh
coshf
exp
exp2
exp2f
expf
expm1
floorf
fmod
fmodf
frexp
hypot
ldexp
llround
llroundf
log
log10
log10f
log1p
log1pf
log2
log2f
logf
lrint
lrintf
lround
lroundf
modf
modff
nextafterf
nexttoward
pow
powf
remainder
roundf
sin
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
tanhf
truncf

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_fullpath
_getdrives
_lock_file
_mkdir
_unlock_file
_wchmod
_wfullpath
_wstat64i32
remove

api-ms-win-crt-environment-l1-1-0

_putenv_s
_wgetcwd
_wgetdcwd
_wgetenv
getenv
getenv_s

api-ms-win-crt-string-l1-1-0

_stricmp
_strnicmp
_wcsicmp
_wcslwr
_wcsnicmp
isalnum
isalpha
isprint
isspace
isxdigit
strcat
strcmp
strcpy
strcpy_s
strlen
strncat
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
tolower
toupper
towlower
towupper
wcscat_s
wcscmp
wcscpy
wcscpy_s
wcslen
wcsncat
wcsncmp
wcsncpy
wcsncpy_s
wcsnlen
wcspbrk
wcstok_s

api-ms-win-crt-convert-l1-1-0

_wtoi
atof
atoi
atol
mbsrtowcs
strtod
strtof
strtol
strtoll
strtoul
strtoull
wcstol
wcstombs
wcstoul

api-ms-win-crt-utility-l1-1-0

bsearch
div
imaxdiv
lldiv
qsort
rand
rand_s
srand

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

Exports

Exports

DumpCompleteHeap
DumpJSStack
GIFFT_LabeledTimingDistributionAccumulateRawMillis
GIFFT_LabeledTimingDistributionCancel
GIFFT_LabeledTimingDistributionStart
GIFFT_LabeledTimingDistributionStopAndAccumulate
GIFFT_TimingDistributionAccumulateRawMillis
GIFFT_TimingDistributionCancel
GIFFT_TimingDistributionStart
GIFFT_TimingDistributionStopAndAccumulate
JOG_RegisterMetric
JOG_RegisterPing
VR_RuntimePath
XRE_GetBootstrap
mozilla_dump_image
mozilla_net_is_label_safe
uprofiler_backtrace_into_buffer
uprofiler_get
uprofiler_is_active
uprofiler_native_backtrace
uprofiler_register_thread
uprofiler_simple_event_marker
uprofiler_simple_event_marker_capture_stack
uprofiler_simple_event_marker_with_stack
uprofiler_unregister_thread

Sections

.text
Size: 89.2MB - Virtual size: 89.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17.5MB - Virtual size: 17.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 748KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 96B

.rodata
Size: 14.8MB - Virtual size: 14.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mozbldid
Size: 512B - Virtual size: 15B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zen.win-specific\zen\zen.exe
.exe windows:10 windows x64 arch:x64

398e6fd5e822c4bef75599de404ed5f7

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-05-2021 06:43

Not After

17-09-2029 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

09-09-2024 05:33

Not After

09-09-2025 05:33

Subject

CN=Open Source Developer\, OSCAR GONZALEZ MORENO,O=Open Source Developer,L=Valdemorillo,ST=Madrid,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02-11-2023 08:32

Not After

30-10-2034 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19-05-2021 05:32

Not After

18-05-2036 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fe:37:91:49:b3:65:c4:b9:e8:2e:41:22:98:91:e7:b7:15:2c:2f:9e:45:94:91:a6:b4:fa:7a:e6:b6:1b:2e:08
Signer

Actual PE Digest

fe:37:91:49:b3:65:c4:b9:e8:2e:41:22:98:91:e7:b7:15:2c:2f:9e:45:94:91:a6:b4:fa:7a:e6:b6:1b:2e:08

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mozglue

??$AddMarker@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@AEBV?$ProfilerStringView@D@1@AEBVMarkerCategory@1@$$QEAVMarkerOptions@1@UTextMarker@markers@01@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0PrintfTarget@mozilla@@IEAA@XZ
??1MutexImpl@detail@mozilla@@QEAA@XZ
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
??3@YAXPEAX_K@Z
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
?BeginProcessRuntimeInit@detail@mscom@mozilla@@YAAEAW4ProcessInitState@123@XZ
?CleanupProcessRuntime@mozilla@@YAXXZ
?CreateAndStorePreXULSkeletonUI@mozilla@@YAXPEAUHINSTANCE__@@HPEAPEAD@Z
?DllBlocklist_Initialize@@YAXI@Z
?DllBlocklist_SetBasicDllServices@@YAXPEAVDllServicesBase@detail@glue@mozilla@@@Z
?DllBlocklist_SetFullDllServices@@YAXPEAVDllServicesBase@detail@glue@mozilla@@@Z
?EndProcessRuntimeInit@detail@mscom@mozilla@@YAXXZ
?GetProfilingStack@AutoProfilerLabel@baseprofiler@mozilla@@SAPEAVProfilingStack@23@XZ
?IsActiveAndUnpaused@RacyFeatures@detail@baseprofiler@mozilla@@SA_NXZ
?IsWin32kLockedDown@mozilla@@YA_NXZ
?MapRemoteViewOfFile@mozilla@@YAPEAXPEAX0_K01KK@Z
?Now@TimeStamp@mozilla@@CA?AV12@_N@Z
?PollPreXULSkeletonUIEvents@mozilla@@YAXXZ
?RegisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?SetGeckoProcessType@mozilla@@YAXPEBD@Z
?SetWin32kLockedDownInPolicy@mozilla@@YAXXZ
?UnregisterRuntimeExceptionModule@CrashReporter@@YAXXZ
?WindowsDpiInitialization@mozilla@@YA?AW4WindowsDpiInitializationResult@1@XZ
?ensureCapacitySlow@ProfilingStack@baseprofiler@mozilla@@AEAAXXZ
?gTwoCharEscapes@detail@mozilla@@3QBDB
?lock@MutexImpl@detail@mozilla@@IEAAXXZ
?profiler_current_thread_id@baseprofiler@mozilla@@YA?AVBaseProfilerThreadId@12@XZ
?profiler_init@baseprofiler@mozilla@@YAXPEAX@Z
?profiler_shutdown@baseprofiler@mozilla@@YAXXZ
?sChildProcessType@startup@mozilla@@3W4GeckoProcessType@@A
?unlock@MutexImpl@detail@mozilla@@IEAAXXZ
?vprint@PrintfTarget@mozilla@@QEAA_NPEBDPEAD@Z
_wcsdup
free
malloc
moz_xmalloc
mozalloc_abort
printf_stderr
realloc
strdup

ntdll

NtMapViewOfSection
NtOpenFile
NtQueryInformationProcess
NtQueryObject
NtQueryVirtualMemory
NtReadVirtualMemory
NtUnmapViewOfSection
RtlAcquireSRWLockExclusive
RtlAcquireSRWLockShared
RtlAddFunctionTable
RtlAllocateHeap
RtlAnsiStringToUnicodeString
RtlCaptureContext
RtlCaptureStackBackTrace
RtlCompareMemory
RtlCompareUnicodeString
RtlDuplicateUnicodeString
RtlEqualUnicodeString
RtlFreeHeap
RtlFreeUnicodeString
RtlGetLastWin32Error
RtlInitAnsiString
RtlInitUnicodeString
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlQueryPerformanceCounter
RtlReAllocateHeap
RtlReleaseSRWLockExclusive
RtlReleaseSRWLockShared
RtlRunOnceExecuteOnce
RtlRunOnceInitialize
RtlSetLastWin32Error
RtlSleepConditionVariableSRW
RtlVirtualUnwind
RtlWakeAllConditionVariable
VerSetConditionMask
memcmp
memcpy
memmove
memset

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0ios_base@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1ios_base@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?fail@ios_base@std@@QEBA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?good@ios_base@std@@QEBA_NXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

kernel32

AcquireSRWLockExclusive
AssignProcessToJobObject
AttachConsole
CloseHandle
CreateEventW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
ExpandEnvironmentStringsW
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileType
GetLastError
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHandleCount
GetProcessHeaps
GetProcessId
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadId
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
GlobalMemoryStatusEx
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsWow64Process
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
Module32FirstW
Module32NextW
MultiByteToWideChar
OpenProcess
PostQueuedCompletionStatus
ProcessIdToSessionId
QueryFullProcessImageNameW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ResetEvent
ResumeThread
SearchPathW
SetDllDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadAffinityMask
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
UpdateProcThreadAttribute
VerifyVersionInfoW
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WakeAllConditionVariable
WideCharToMultiByte
WriteFile
WriteProcessMemory
lstrlenW

vcruntime140

_CxxThrowException
__C_specific_handler
__current_exception
__current_exception_context
__std_terminate
strrchr
wcschr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
_fileno
_get_osfhandle
_set_fmode
_wfopen
_wtmpnam_s
fclose
fgets
freopen

api-ms-win-crt-environment-l1-1-0

__p__environ
_putenv
_wgetenv
getenv

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___wargv
_beginthreadex
_c_exit
_cexit
_configure_wide_argv
_crt_atexit
_errno
_exit
_get_initial_wide_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
terminate

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64
strftime

api-ms-win-crt-convert-l1-1-0

_ltoa_s
wcstoul

api-ms-win-crt-string-l1-1-0

_stricmp
_wcslwr_s
_wcsnicmp
strcpy
strlen
towlower
wcscat_s
wcscmp
wcscpy
wcscpy_s
wcslen
wcsncmp
wcspbrk
wcstok_s

api-ms-win-crt-filesystem-l1-1-0

_wmakepath_s
_wsplitpath_s

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

GetHandleVerifier
GetNtLoaderAPI
IsSandboxedProcess
NativeNtBlockSet_Write
TargetConfigureOPMProtectedOutput
TargetConfigureOPMProtectedOutput64
TargetCreateNamedPipeW
TargetCreateNamedPipeW64
TargetCreateOPMProtectedOutputs
TargetCreateOPMProtectedOutputs64
TargetCreateProcessA
TargetCreateProcessA64
TargetCreateProcessW
TargetCreateProcessW64
TargetCreateThread
TargetCreateThread64
TargetDestroyOPMProtectedOutput
TargetDestroyOPMProtectedOutput64
TargetEnumDisplayDevicesA
TargetEnumDisplayDevicesA64
TargetEnumDisplayMonitors
TargetEnumDisplayMonitors64
TargetGdiDllInitialize
TargetGdiDllInitialize64
TargetGetCertificate
TargetGetCertificate64
TargetGetCertificateByHandle
TargetGetCertificateByHandle64
TargetGetCertificateSize
TargetGetCertificateSize64
TargetGetCertificateSizeByHandle
TargetGetCertificateSizeByHandle64
TargetGetMonitorInfoA
TargetGetMonitorInfoA64
TargetGetMonitorInfoW
TargetGetMonitorInfoW64
TargetGetOPMInformation
TargetGetOPMInformation64
TargetGetOPMRandomNumber
TargetGetOPMRandomNumber64
TargetGetStockObject
TargetGetStockObject64
TargetGetSuggestedOPMProtectedOutputArraySize
TargetGetSuggestedOPMProtectedOutputArraySize64
TargetNtCreateEvent
TargetNtCreateEvent64
TargetNtCreateFile
TargetNtCreateFile64
TargetNtCreateKey
TargetNtCreateKey64
TargetNtCreateSection
TargetNtCreateSection64
TargetNtImpersonateAnonymousToken
TargetNtImpersonateAnonymousToken64
TargetNtMapViewOfSection
TargetNtMapViewOfSection64
TargetNtOpenEvent
TargetNtOpenEvent64
TargetNtOpenFile
TargetNtOpenFile64
TargetNtOpenKey
TargetNtOpenKey64
TargetNtOpenKeyEx
TargetNtOpenKeyEx64
TargetNtOpenProcess
TargetNtOpenProcess64
TargetNtOpenProcessToken
TargetNtOpenProcessToken64
TargetNtOpenProcessTokenEx
TargetNtOpenProcessTokenEx64
TargetNtOpenThread
TargetNtOpenThread64
TargetNtOpenThreadToken
TargetNtOpenThreadToken64
TargetNtOpenThreadTokenEx
TargetNtOpenThreadTokenEx64
TargetNtQueryAttributesFile
TargetNtQueryAttributesFile64
TargetNtQueryFullAttributesFile
TargetNtQueryFullAttributesFile64
TargetNtSetInformationFile
TargetNtSetInformationFile64
TargetNtSetInformationThread
TargetNtSetInformationThread64
TargetNtUnmapViewOfSection
TargetNtUnmapViewOfSection64
TargetRegisterClassW
TargetRegisterClassW64
TargetSetOPMSigningKeyAndSequenceNumbers
TargetSetOPMSigningKeyAndSequenceNumbers64
g_handles_to_close
g_interceptions
g_nt
g_originals
g_shared_IPC_size
g_shared_delayed_integrity_level
g_shared_delayed_mitigations
g_shared_policy_size
g_shared_section

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.freestd
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 36B

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0caa654a8ff511450dc30146e927410

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10Certificate

Extended Key Usages

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

91:2d:d0:73:e3:3f:38:fa:cf:fc:e0:6e:1c:9e:59:36:b3:f8:57:34:c5:c3:2b:d0:14:90:1b:23:98:4e:9f:05Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

oleaut32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 680B

.pdata Size: 512B - Virtual size: 408B

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 232B

a2535afe3971a088ec9e65d2f3a58099

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10Certificate

Extended Key Usages

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

2c:35:1e:ff:61:ae:bf:8c:fe:d4:59:c2:db:20:41:25:c4:ba:93:cb:fe:e0:c3:f8:bc:bd:bc:58:83:7f:bc:04Signer

Headers

DLL Characteristics

File Characteristics

Imports

nss3

advapi32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 695KB - Virtual size: 694KB

.rdata Size: 126KB - Virtual size: 125KB

.data Size: 512B - Virtual size: 18KB

.pdata Size: 7KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 984B

5a51063a046bbfdf4186e63cd6768c32

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

91:2d:d0:73:e3:3f:38:fa:cf:fc:e0:6e:1c:9e:59:36:b3:f8:57:34:c5:c3:2b:d0:14:90:1b:23:98:4e:9f:05
Signer

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 680B

.pdata
Size: 512B - Virtual size: 408B

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 232B

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

2c:35:1e:ff:61:ae:bf:8c:fe:d4:59:c2:db:20:41:25:c4:ba:93:cb:fe:e0:c3:f8:bc:bd:bc:58:83:7f:bc:04
Signer

.text
Size: 695KB - Virtual size: 694KB

.rdata
Size: 126KB - Virtual size: 125KB

.data
Size: 512B - Virtual size: 18KB

.pdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 984B

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

7e:4d:cd:fd:b8:4d:e7:c2:18:5e:04:cd:30:b3:bb:d0:8c:8f:2c:ef:71:bb:36:54:05:e3:a0:e6:1c:ab:9f:e2
Signer

.text
Size: 7.0MB - Virtual size: 7.0MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 11KB - Virtual size: 329KB

.pdata
Size: 66KB - Virtual size: 65KB

.rodata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 15KB

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

38:a4:53:47:a4:8f:7b:eb:0d:e1:d6:4e:1a:a2:1b:10
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

a2:49:de:3a:06:f2:2e:f8:0c:21:27:f4:e8:48:f0:7a:f6:80:d1:09:68:08:ba:98:b0:dc:bf:57:ad:41:4f:b5
Signer