b31bd87dfdfad6fa41ca98199215451c38f06306d3bf2871e24441889f2ce16b

Sharing

Copy URL Twitter E-mail

General

Target

b31bd87dfdfad6fa41ca98199215451c38f06306d3bf2871e24441889f2ce16b
Size

10.0MB
MD5

3767887d9183ff7d55bd7df3b807bfc0
SHA1

9069a8342b0f5b4167b89a8635491b88c1dd4dcb
SHA256

b31bd87dfdfad6fa41ca98199215451c38f06306d3bf2871e24441889f2ce16b
SHA512

cbcee3d3983733a28cbc6a48f114684171559a4e6c31a385e212a741fd37dcfcbee6920dfef8166ea5858328c2ad05b67752c68762d39a4a673e102fa3198966
SSDEEP

196608:Ue8Ib9mGmj0wqBVpdRC/Nq7Tn1PjtJkh6xpbJw9kLOxhuS/gX9L9rTv:UeyhgVpdRC/INPjtJkh6xpa9kaE/v

Score

3^/10

Malware Config

Signatures

Unsigned PE 30 IoCs

Checks for missing Authenticode signature.

resource
b31bd87dfdfad6fa41ca98199215451c38f06306d3bf2871e24441889f2ce16b
unpack001/$PLUGINSDIR/AccessControl.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$_13_/user-components/foo_enhanced_spectrum_analyzer/foo_enhanced_spectrum_analyzer.dll
unpack001/$_13_/user-components/foo_playcount/foo_playcount.dll
unpack001/$_13_/user-components/foo_uie_eslyric/foo_uie_eslyric.dll
unpack001/Fb2kShellExt.dll
unpack001/PP-UWP-Interop.dll
unpack001/avcodec-fb2k-60.dll
unpack001/avformat-fb2k-60.dll
unpack001/avutil-fb2k-58.dll
unpack001/components/foo_converter.dll
unpack001/components/foo_dsp_eq.dll
unpack001/components/foo_dsp_std.dll
unpack001/components/foo_fileops.dll
unpack001/components/foo_freedb2.dll
unpack001/components/foo_input_std.dll
unpack001/components/foo_ui_std.dll
unpack001/components/foo_unpack.dll
unpack001/encoders/flac.exe
unpack001/encoders/lame.exe
unpack001/encoders/metaflac.exe
unpack001/encoders/oggenc2.exe
unpack001/foobar2000 Shell Associations Updater.exe
unpack001/foobar2000.exe
unpack001/shared.dll
unpack001/sqlite3.dll
unpack001/zlib1.dll

Files

b31bd87dfdfad6fa41ca98199215451c38f06306d3bf2871e24441889f2ce16b
.exe windows:4 windows x86 arch:x86

9dda1a1d1f8a1d13ae0297b47046b26e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
WriteFile
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CopyFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AccessControl.dll
.dll windows:4 windows x86 arch:x86

6b225baf8d24583523d4f42890e12522

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
CloseHandle
lstrlenW
lstrcatW
lstrcmpiW
GetFileAttributesW
LocalAlloc
LoadLibraryA
GetCurrentProcess
GetProcAddress
lstrcpyW
GetLastError
LocalFree
GlobalFree
lstrcpynW

user32

wsprintfW

advapi32

GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSidSubAuthority
RegCloseKey
OpenProcessToken
RegGetKeySecurity
LookupAccountSidW
GetSidIdentifierAuthority
AdjustTokenPrivileges
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
RegOpenKeyExW
RegSetKeySecurity
IsValidSid
GetSecurityDescriptorDacl
GetUserNameW
GetNamedSecurityInfoW
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetSidSubAuthorityCount
InitializeSecurityDescriptor
LookupAccountNameW
SetEntriesInAclW

Exports

Exports

ClearOnFile
ClearOnRegKey
DenyOnFile
DenyOnRegKey
DisableFileInheritance
DisableRegKeyInheritance
EnableFileInheritance
EnableRegKeyInheritance
GetCurrentUserName
GetFileGroup
GetFileOwner
GetRegKeyGroup
GetRegKeyOwner
GrantOnFile
GrantOnRegKey
NameToSid
RevokeOnFile
RevokeOnRegKey
SetFileGroup
SetFileOwner
SetOnFile
SetOnRegKey
SetRegKeyGroup
SetRegKeyOwner
SidToName

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:4 windows x86 arch:x86

0ef725341a4aecf8398c0e2132f38049

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetCurrentProcessId
GetCommandLineW
GetProcAddress
CreateThread
GlobalFree
LoadLibraryA
OpenProcess
GlobalAlloc
CreateFileMappingW
Sleep
MapViewOfFile
GetModuleHandleW
UnmapViewOfFile
CreateEventW
SetCurrentDirectoryW
GetVersionExW
GetExitCodeProcess
lstrcatW
LocalFree
GetPrivateProfileStringW
FormatMessageW
GetPrivateProfileIntW
CreateProcessW
CloseHandle
GetLastError
DuplicateHandle
GetCurrentThreadId
lstrlenW
SetEvent
WaitForSingleObject
lstrcmpiW
GetExitCodeThread
GetModuleFileNameW

user32

SetWindowPos
GetClientRect
GetWindowThreadProcessId
SetWindowLongW
DefWindowProcW
GetDlgItem
CallWindowProcW
CallNextHookEx
GetClassNameW
PeekMessageW
DestroyWindow
SendMessageW
SetForegroundWindow
IsWindowVisible
MsgWaitForMultipleObjects
LoadStringW
EndDialog
EnableWindow
DialogBoxParamW
LoadImageW
MessageBoxW
GetWindowLongW
DispatchMessageW
ShowWindow
wsprintfW
CreateDialogParamW
GetWindowRect
IsDialogMessageW
FindWindowExW
CharNextW
CreateWindowExW
LoadIconW
PostMessageW
SetWindowsHookExW
UnhookWindowsHookEx
TranslateMessage

shell32

ShellExecuteExW

advapi32

OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenProcessToken
OpenSCManagerW
GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
EqualSid

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/install.ico
$PLUGINSDIR/license.rtf
.rtf
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

3b477381217c97b22146297f93df2a92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW
GetFileAttributesW
lstrcmpiW
MulDiv
lstrlenW
HeapFree
GetProcessHeap
GetCurrentDirectoryW
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
HeapAlloc
SetCurrentDirectoryW

user32

GetPropW
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
RemovePropW
CharPrevW
GetWindowLongW
DrawTextW
GetWindowTextW
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
MapDialogRect
GetClientRect
CharNextW
SendMessageW
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/welcome120.bmp
$PLUGINSDIR/welcome144.bmp
$PLUGINSDIR/welcome168.bmp
$PLUGINSDIR/welcome192.bmp
$PLUGINSDIR/welcome96.bmp
$_13_/foobox/Genre/60's.jpg
.jpg
$_13_/foobox/Genre/70's.jpg
.jpg
$_13_/foobox/Genre/80's.jpg
.jpg
$_13_/foobox/Genre/90's.jpg
.jpg
$_13_/foobox/Genre/ACG.jpg
.jpg
$_13_/foobox/Genre/Blues.jpg
.jpg
$_13_/foobox/Genre/CPop.jpg
.jpg
$_13_/foobox/Genre/Classical.jpg
.jpg
$_13_/foobox/Genre/Country.jpg
.jpg
$_13_/foobox/Genre/Disco.jpg
.jpg
$_13_/foobox/Genre/Folk.jpg
.jpg
$_13_/foobox/Genre/Funk.jpg
.jpg
$_13_/foobox/Genre/Hip-Hop.jpg
.jpg
$_13_/foobox/Genre/Instrumental.jpg
.jpg
$_13_/foobox/Genre/JPop.jpg
.jpg
$_13_/foobox/Genre/Jazz.jpg
.jpg
$_13_/foobox/Genre/KPop.jpg
.jpg
$_13_/foobox/Genre/Metal.jpg
$_13_/foobox/Genre/NewAge.jpg
.jpg
$_13_/foobox/Genre/Other.jpg
$_13_/foobox/Genre/Pop.jpg
.jpg
$_13_/foobox/Genre/Punk.jpg
.jpg
$_13_/foobox/Genre/Rap.jpg
.jpg
$_13_/foobox/Genre/Rock.jpg
.jpg
$_13_/foobox/script/html/ConfirmDialog.html
.js
$_13_/foobox/script/html/styles10.css
$_13_/foobox/script/html/styles7.css
$_13_/foobox/script/images/cover_default.jpg
.jpg
$_13_/foobox/script/images/cover_w.jpg
.jpg
$_13_/foobox/script/js_common/Genre.js
.js
$_13_/foobox/script/js_common/JScommon.js
.js
$_13_/foobox/script/js_common/JScomponents.js
.js
$_13_/foobox/script/js_common/JSinputbox.js
.js
$_13_/foobox/script/js_common/common.js
.js
$_13_/foobox/script/js_common/guiext.js
.js
$_13_/foobox/script/js_panels/bottombar.js
.js
$_13_/foobox/script/js_panels/infoArt.js
.js
$_13_/foobox/script/js_panels/jsplaylist.js
.js
$_13_/foobox/script/js_panels/jsplaylist/WSHheaderbar.js
.js
$_13_/foobox/script/js_panels/jsplaylist/WSHplaylist.js
.js
$_13_/foobox/script/js_panels/jsplaylist/WSHscrollbar.js
.js
$_13_/foobox/script/js_panels/jsplaylist/WSHsettings.js
.js
$_13_/foobox/script/js_panels/jssb.js
.js
$_13_/foobox/script/js_panels/jsspm.js
.js
$_13_/foobox/script/js_panels/jsview_multiplaylist.js
.js
$_13_/foobox/script/js_panels/jsview_playlist.js
.js
$_13_/foobox/script/js_panels/search.js
.js
$_13_/reset_am.bat
$_13_/theme.fth
$_13_/user-components/foo_enhanced_spectrum_analyzer/foo_enhanced_spectrum_analyzer.dll
.dll windows:6 windows x86 arch:x86

0e6c6e8fb9fad648d31739812092d0da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Users\Matthias\Documents\(Programmeinstellungen)\foobar2000\components\foo_enhanced_spectrum_analyzer\foo_enhanced_spectrum_analyzer.pdb

Imports

shared

_GetInfiniteWaitEvent@0
_uSendMessageText@16
_uExceptFilterProc@4
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uChooseColor@12

kernel32

GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
RaiseException
HeapFree
HeapAlloc
DecodePointer
GetProcessHeap
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
InterlockedPopEntrySList
EncodePointer
TerminateProcess
GetCurrentProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InitializeCriticalSectionEx
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetProcAddress
OutputDebugStringW
GetLastError
DeleteCriticalSection
SetLastError
CloseHandle
FormatMessageW
InterlockedPushEntrySList
GetTickCount
CreateEventW
SetUnhandledExceptionFilter

user32

GetClientRect
EqualRect
GetDC
SetRectEmpty
SetFocus
GetClassInfoExW
RegisterClassExW
DestroyMenu
TrackPopupMenu
GetSysColor
DialogBoxParamW
GetWindow
MapWindowPoints
CreatePopupMenu
ClientToScreen
SetMenuDefaultItem
AppendMenuW
CallWindowProcW
ReleaseDC
UnregisterClassW
SetLayeredWindowAttributes
GetWindowRect
EndDialog
EnableWindow
InvalidateRect
FillRect
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
SetParent
ShowWindow
IsWindowVisible
KillTimer
EndPaint
BeginPaint
RedrawWindow
SetTimer
CreateWindowExW
RegisterClassW
LoadCursorW
DefWindowProcW
GetWindowLongW
SetWindowPos
GetParent
SetWindowLongW
MessageBoxW
SendMessageW
CopyRect
DestroyWindow

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
SetWindowOrgEx
OffsetWindowOrgEx

msvcp140

?_Xbad_function_call@std@@YAXXZ

gdiplus

GdipCreateSolidFill
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipSetSolidFillColor
GdipCloneBrush
GdipDeleteBrush
GdipFillEllipseI
GdipCreateLineBrushI
GdipCreateLineBrushFromRectI
GdipSetLineColors
GdipSetLinePresetBlend
GdipCreatePen2
GdipDeletePen
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDrawString
GdipFillPolygonI
GdipFillRectangleI
GdipDrawEllipseI
GdipDrawLinesI
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipFree

vcruntime140

memset
__std_exception_destroy
_purecall
memcpy
_except_handler3
__CxxFrameHandler3
__std_terminate
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

_recalloc
free
realloc
_aligned_realloc
_aligned_free
_callnewh
_aligned_malloc
malloc

api-ms-win-crt-runtime-l1-1-0

exit
_initterm
_invalid_parameter_noinfo_noreturn
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_cexit
_register_onexit_function
_execute_onexit_table
_crt_atexit
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-convert-l1-1-0

_itow_s
_wtof

api-ms-win-crt-math-l1-1-0

_CIcos
_CIlog10
_CIpow
_CIsin
_CIsqrt
floor

api-ms-win-crt-utility-l1-1-0

srand
rand

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$_13_/user-components/foo_playcount/foo_playcount.dll
.dll windows:6 windows x86 arch:x86

4d6244aed4e124b0a79c42f07d872816

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Sources\foobar2000\foobar2000\Release\foo_playcount.pdb

Imports

kernel32

FileTimeToLocalFileTime
OutputDebugStringW
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTickCount64
GetCurrentThread
GetSystemTimeAsFileTime
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
DecodePointer
ResetEvent
SetEvent
CloseHandle
GetProcessHeap
GetThreadPriority
ResumeThread
SetThreadPriority
TerminateProcess
HeapAlloc
HeapFree
GetCurrentProcess
IsDebuggerPresent
Sleep
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
GlobalSize
SetLastError
WaitForMultipleObjects
GlobalUnlock
GlobalLock
WaitForSingleObject
CreateEventW
InitializeCriticalSection
GetProcAddress
GetModuleHandleW
lstrlenW
GlobalFree
GlobalAlloc
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedPushEntrySList
QueryPerformanceCounter
GetCurrentProcessId
DisableThreadLibraryCalls

user32

IsWindowEnabled
SendMessageW
GetWindowLongW
UnregisterClassW
GetParent
GetSysColor
GetWindowTextW
InvalidateRect
SetClipboardData
CloseClipboard
GetClientRect
CreateDialogParamW
DrawEdge
IsClipboardFormatAvailable
BeginPaint
DrawTextW
DestroyWindow
FillRect
SetWindowLongW
EndPaint
OpenClipboard
GetActiveWindow
MessageBeep
RegisterClipboardFormatW
DefWindowProcW
GetDlgItem
EnableWindow
ShowWindow
LoadCursorW
GetClipboardData
RegisterClassW

gdi32

CreateFontIndirectW
GetObjectW
SetTextColor
SelectObject
GetTextExtentPoint32W
SetBkMode
DeleteObject

shared

??0uCallStackTracker@@QAE@PBD@Z
_GetInfiniteWaitEvent@0
_uCharLower@4
??1uCallStackTracker@@QAE@XZ
_uGetOpenFileName@32
_ModalDialog_CanCreateNew@0
_ModalDialog_PokeExisting@0
_uPrintCrashInfo_OnEvent@8
_uExceptFilterProc@4
_uBugCheck@0
_uFormatSystemErrorMessage@8

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ

vcruntime140

__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
strstr
__CxxFrameHandler3
memmove
strchr
memset
memcmp
__current_exception
_except_handler3
__current_exception_context
_CxxThrowException
_except_handler4_common
__std_type_info_destroy_list
memcpy

api-ms-win-crt-math-l1-1-0

rint
floor
lround
llround
ceil

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
terminate
_cexit
_beginthreadex
_initterm
_initterm_e

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
_expand
malloc
free

api-ms-win-crt-string-l1-1-0

_strdup
strncmp
strcmp
strlen

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-convert-l1-1-0

atoi

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$_13_/user-components/foo_uie_eslyric/foo_uie_eslyric.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 563KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Equalizer Presets/1965.feq
Equalizer Presets/Air.feq
Equalizer Presets/Brittle.feq
Equalizer Presets/Car Stereo.feq
Equalizer Presets/Classic V.feq
Equalizer Presets/Clear.feq
Equalizer Presets/DEATH.feq
Equalizer Presets/Dark.feq
Equalizer Presets/Drums.feq
Equalizer Presets/Flat.feq
Equalizer Presets/Home Theater.feq
Equalizer Presets/Loudness.feq
Equalizer Presets/Metal.feq
Equalizer Presets/Pop.feq
Equalizer Presets/Premaster.feq
Equalizer Presets/Presence.feq
Equalizer Presets/Punch & Sparkle.feq
Equalizer Presets/Shimmer.feq
Equalizer Presets/Soft Bass.feq
Equalizer Presets/Strings.feq
Fb2kShellExt.dll
.dll regsvr32 windows:6 windows x86 arch:x86

3b5c23898f95fa7c4eb112d7d2be78cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Sources\foobar2000\Fb2kShellExt\Fb2kShellExt\Release\Fb2kShellExt.pdb

Imports

kernel32

MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
SetLastError
GetTickCount64
CreateProcessW
CloseHandle
GetThreadLocale
lstrcmpiW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
GetModuleHandleW
GetProcAddress
FreeLibrary
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
SetThreadLocale
InitializeCriticalSectionEx
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
IsDebuggerPresent
OutputDebugStringW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlUnwind
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
HeapSize
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW

user32

GetClassNameW
SendMessageW
CharNextW
wsprintfW
EnumWindows

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

shell32

ShellExecuteW
SHGetIDListFromObject

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

oleaut32

LoadTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
RegisterTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PP-UWP-Interop.dll
.dll windows:6 windows x86 arch:x86

a809edd23a14e7013a5542e0aa190ddd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\PP-UWP-Interop.pdb

Imports

shlwapi

ord12

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream

api-ms-win-core-winrt-l1-1-0

RoInitialize

vccorlib140

?UninitializeData@Details@Platform@@YAXH@Z
?InitializeData@Details@Platform@@YAJH@Z
??0Delegate@Platform@@Q$AAA@XZ
?GetIidsFn@@YGJHPAKPBU__s_GUID@@PAPAVGuid@Platform@@@Z
?AlignedFree@Heap@Details@Platform@@SAXPAX@Z
?Free@Heap@Details@Platform@@SAXPAX@Z
?__abi_translateCurrentException@@YGJ_N@Z
?Allocate@Heap@Details@Platform@@SAPAXII@Z
?__abi_WinRTraiseNotImplementedException@@YGXXZ
?__abi_WinRTraiseInvalidCastException@@YGXXZ
?__abi_WinRTraiseNullReferenceException@@YGXXZ
?__abi_WinRTraiseOperationCanceledException@@YGXXZ
?__abi_WinRTraiseFailureException@@YGXXZ
?__abi_WinRTraiseAccessDeniedException@@YGXXZ
?__abi_WinRTraiseOutOfMemoryException@@YGXXZ
?__abi_WinRTraiseInvalidArgumentException@@YGXXZ
?__abi_WinRTraiseOutOfBoundsException@@YGXXZ
?__abi_WinRTraiseChangedStateException@@YGXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YGXXZ
?__abi_WinRTraiseWrongThreadException@@YGXXZ
?__abi_WinRTraiseDisconnectedException@@YGXXZ
?__abi_WinRTraiseObjectDisposedException@@YGXXZ
?__abi_WinRTraiseCOMException@@YGXJ@Z
?GetActivationFactoryByPCWSTR@@YGJPAXAAVGuid@Platform@@PAPAX@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AAEXXZ

vcruntime140

__std_exception_destroy
_CxxThrowException
_except_handler4_common
__std_exception_copy
memset
__std_type_info_destroy_list
__CxxFrameHandler3

api-ms-win-crt-string-l1-1-0

wcslen

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_cexit
_crt_atexit

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsDeleteString

kernel32

AcquireSRWLockExclusive
DecodePointer
ReleaseSRWLockExclusive
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitOnceExecuteOnce

ole32

CoCreateFreeThreadedMarshaler

Exports

Exports

PP_UVC_Init_v2

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec-fb2k-60.dll
.dll windows:6 windows x86 arch:x86

321d837ff1c3fc8b0123218b21f00693

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

avutil-fb2k-58

av_frame_move_ref
av_frame_new_side_data
av_frame_apply_cropping
av_hwframe_ctx_alloc
av_pix_fmt_count_planes
av_get_planar_sample_fmt
av_samples_set_silence
av_frame_ref
av_frame_get_buffer
av_frame_copy_props
av_frame_get_side_data
av_calloc
av_buffer_allocz
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_pool_get
av_sample_fmt_is_planar
av_bprint_init
av_hwframe_get_buffer
av_image_fill_linesizes
av_image_fill_plane_sizes
av_find_best_pix_fmt_of_2
av_opt_set_defaults2
av_opt_set
av_fast_realloc
av_reallocp_array
av_cpu_count
av_opt_copy
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free
av_samples_fill_arrays
av_chroma_location_enum_to_pos
av_chroma_location_pos_to_enum
av_realloc_f
av_get_cpu_flags
av_samples_copy
av_strtok
av_get_token
av_opt_next
av_opt_set_dict2
av_opt_set_from_string
av_dynarray_add_nofree
av_dict_set
av_dict_iterate
av_strerror
av_buffer_realloc
av_buffer_is_writable
av_buffer_ref
av_buffer_default_free
av_buffer_create
av_buffer_alloc
av_realloc
av_rescale_q
av_frame_free
av_frame_alloc
av_buffer_unref
av_opt_set_dict
av_opt_free
av_opt_set_defaults
av_get_bytes_per_sample
av_get_sample_fmt_name
av_fourcc_make_string
av_gcd
av_get_media_type_string
av_image_check_sar
av_image_check_size2
av_reduce
av_get_pix_fmt_name
av_chroma_location_name
av_color_space_name
av_color_transfer_name
av_color_primaries_name
av_color_range_name
av_rescale
av_pix_fmt_desc_get
av_channel_layout_check
av_channel_layout_describe
av_bprint_chars
av_bprintf
av_bprint_init_for_buffer
av_match_list
av_log_get_level
av_memdup
av_downmix_info_update_side_data
avpriv_alloc_fixed_dsp
av_channel_layout_index_from_channel
av_lfg_init_from_data
av_lfg_init
av_fast_mallocz
av_fast_malloc
av_malloc_array
av_crc_get_table
av_tx_uninit
av_tx_init
av_frame_unref
av_channel_layout_compare
av_channel_layout_copy
avpriv_request_sample
avpriv_report_missing_feature
av_log
av_freep
av_free
av_mallocz
av_malloc
avpriv_float_dsp_alloc
av_default_item_name
av_buffer_replace
av_crc
av_channel_layout_uninit
av_bprint_finalize
av_samples_get_buffer_size
av_channel_layout_from_mask

kernel32

InitOnceBeginInitialize
InitOnceComplete
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetFullPathNameW
MultiByteToWideChar
InitializeSRWLock
InitializeConditionVariable
CloseHandle
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

vcruntime140

memcpy
memmove
memset
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-math-l1-1-0

__libm_sse2_powf
hypot
__libm_sse2_atanf
__libm_sse2_sinf
log2f
cbrt
__libm_sse2_sin
__libm_sse2_cos
_fdopen
exp2
frexp
llrint
cbrtf

api-ms-win-crt-stdio-l1-1-0

_sopen
_wsopen
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_errno
_beginthreadex
_initterm

api-ms-win-crt-utility-l1-1-0

bsearch

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_dirac_parse_sequence_header
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_fopen_utf8
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_unpack_dictionary
av_packet_unref
av_parser_close
av_parser_init
av_parser_iterate
av_parser_parse2
av_qsv_alloc_context
av_rdft_calc
av_rdft_end
av_rdft_init
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_subtitle2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_encode_buffer
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_subtitle
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpriv_ac3_parse_header
avpriv_adts_header_parse
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_find_start_code
avpriv_get_raw_pix_fmt_tags
avpriv_mpeg4audio_get_config2
avpriv_mpegaudio_decode_header
avpriv_packet_list_free
avpriv_packet_list_get
avpriv_packet_list_put
avpriv_pix_fmt_find
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avsubtitle_free

Sections

.text
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat-fb2k-60.dll
.dll windows:6 windows x86 arch:x86

2d55d58cd2b5aff57c9b1812020cf4c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

avcodec-fb2k-60

av_packet_move_ref
avcodec_alloc_context3
avpriv_dca_parse_core_frame_header
avpriv_dca_convert_bitstream
avpriv_pix_fmt_find
av_packet_alloc
avpriv_packet_list_put
avpriv_codec_get_cap_skip_frame_fill_param
av_packet_copy_props
avcodec_string
avcodec_pix_fmt_to_codec_tag
av_parser_parse2
av_new_packet
av_get_audio_frame_duration
av_packet_rescale_ts
av_bsf_send_packet
av_bsf_init
avcodec_is_open
av_bsf_receive_packet
av_bsf_alloc
av_shrink_packet
avcodec_parameters_alloc
avpriv_tak_parse_streaminfo
av_parser_init
avpriv_packet_list_get
av_grow_packet
avcodec_receive_frame
avcodec_send_packet
avcodec_decode_subtitle2
avsubtitle_free
avcodec_close
avcodec_open2
avcodec_parameters_to_context
avcodec_parameters_from_context
av_packet_make_refcounted
av_packet_get_side_data
av_packet_new_side_data
av_init_packet
av_get_audio_frame_duration2
av_ac3_parse_header
av_codec_is_decoder
av_codec_iterate
av_get_bits_per_sample
avcodec_get_name
avpriv_packet_list_free
av_bsf_free
av_parser_close
avcodec_free_context
av_packet_unref
av_packet_ref
av_packet_free
avcodec_parameters_copy
avcodec_parameters_free
avcodec_descriptor_get
avcodec_find_decoder
av_bsf_get_by_name

avutil-fb2k-58

av_asprintf
av_strncasecmp
av_bprintf
av_bprint_chars
av_buffer_alloc
av_buffer_unref
av_fast_malloc
av_strcasecmp
av_fourcc_make_string
av_buffer_create
av_channel_layout_from_mask
av_opt_set_dict2
av_fast_realloc
av_channel_layout_uninit
av_timecode_make_smpte_tc_string2
av_stereo3d_type_name
av_spherical_projection_name
av_spherical_tile_bounds
av_dict_count
av_get_picture_type_char
av_display_rotation_get
av_get_channel_name
av_frame_free
av_frame_alloc
av_buffer_ref
av_gettime
av_opt_ptr
av_opt_get_dict_val
av_opt_set_dict_val
av_opt_set_int
av_realloc
av_add_stable
av_compare_mod
av_compare_ts
av_rescale_q_rnd
av_rescale_q
av_rescale_rnd
av_rescale
av_gcd
av_opt_get
av_realloc_f
av_reallocp
av_bprint_finalize
av_bprint_append_data
av_vbprintf
av_bprint_init
av_default_item_name
av_usleep
av_gettime_relative
av_opt_copy
av_opt_set
av_opt_set_dict
av_opt_set_defaults
av_strerror
av_match_list
av_strlcpy
av_strstart
av_opt_free
av_dict_free
av_dict_copy
av_dict_get
av_dynarray_add_nofree
av_memdup
av_strndup
av_strdup
av_freep
av_realloc_array
av_calloc
av_mallocz
av_div_q
av_mul_q
av_reduce
av_match_name
av_free
av_malloc
av_dict_set
av_dict_iterate
av_crc
av_crc_get_table
av_log
av_channel_layout_copy

kernel32

GetFullPathNameW
MultiByteToWideChar
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

vcruntime140

strchr
memmove
memset
memcpy
strrchr
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initterm
_initialize_onexit_table
_execute_onexit_table
_cexit
abort
_errno
_initialize_narrow_environment

api-ms-win-crt-string-l1-1-0

strcspn
strspn
strncmp

api-ms-win-crt-convert-l1-1-0

atoi
strtol

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf
_sopen
__stdio_common_vfprintf
_wsopen

api-ms-win-crt-math-l1-1-0

_fdopen
llrint

Exports

Exports

av_add_index_entry
av_append_packet
av_codec_get_id
av_codec_get_tag
av_codec_get_tag2
av_demuxer_iterate
av_disposition_from_string
av_disposition_to_string
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_fmt_ctx_get_duration_estimation_method
av_fopen_utf8
av_format_ffversion
av_format_inject_global_side_data
av_get_frame_filename
av_get_frame_filename2
av_get_output_timestamp
av_get_packet
av_guess_codec
av_guess_format
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_index_search_timestamp
av_interleaved_write_frame
av_interleaved_write_uncoded_frame
av_match_ext
av_muxer_iterate
av_new_program
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_buffer2
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_program_add_stream_index
av_read_frame
av_read_pause
av_read_play
av_sdp_create
av_seek_frame
av_stream_add_side_data
av_stream_get_class
av_stream_get_codec_timebase
av_stream_get_end_pts
av_stream_get_parser
av_stream_get_side_data
av_stream_new_side_data
av_url_split
av_write_frame
av_write_trailer
av_write_uncoded_frame
av_write_uncoded_frame_query
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_flush
avformat_free_context
avformat_get_class
avformat_get_mov_audio_tags
avformat_get_mov_video_tags
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_index_get_entries_count
avformat_index_get_entry
avformat_index_get_entry_from_timestamp
avformat_init_output
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_transfer_internal_stream_timing_info
avformat_version
avformat_write_header
avio_accept
avio_alloc_context
avio_check
avio_close
avio_close_dir
avio_close_dyn_buf
avio_closep
avio_context_free
avio_enum_protocols
avio_feof
avio_find_protocol_name
avio_flush
avio_free_directory_entry
avio_get_dyn_buf
avio_get_str
avio_get_str16be
avio_get_str16le
avio_handshake
avio_open
avio_open2
avio_open_dir
avio_open_dyn_buf
avio_pause
avio_print_string_array
avio_printf
avio_protocol_get_class
avio_put_str
avio_put_str16be
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_read_dir
avio_read_partial
avio_read_to_bprint
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_vprintf
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avio_write_marker
avpriv_dv_get_packet
avpriv_dv_init_demux
avpriv_dv_produce_packet
avpriv_new_chapter
avpriv_register_devices
avpriv_set_pts_info
avpriv_stream_set_need_parsing
avpriv_update_cur_dts

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-fb2k-58.dll
.dll windows:6 windows x86 arch:x86

f1ea4ff743582afaa14de448e2feb57a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bcrypt

BCryptGenRandom
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider

kernel32

GetSystemTimeAsFileTime
TerminateProcess
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentProcess
GetProcessAffinityMask
InitOnceBeginInitialize
InitOnceComplete
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetFullPathNameW
MultiByteToWideChar
GetStdHandle
GetConsoleMode
WriteConsoleW
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WaitForSingleObjectEx
WakeAllConditionVariable
Sleep
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

vcruntime140

_except_handler4_common
memmove
memcpy
memset
memchr
strchr
strrchr
strstr
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_errno
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
abort
_beginthreadex
_initterm

api-ms-win-crt-math-l1-1-0

_fdopen
llrint
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_pow
frexp
__libm_sse2_cos
__libm_sse2_atan2
acos
asin
atan
__libm_sse2_sin
cosh
exp
fabs
log
sin
sinh
tan
tanh
exp2
round
trunc
copysign
llrintf
__libm_sse2_exp
_dclass
ceil
_CIfmod
cos
scalbn
hypot

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__acrt_iob_func
_get_osfhandle
_isatty
fputs
_tempnam
_close
__stdio_common_vsscanf
__stdio_common_vfprintf
_wsopen
_sopen

api-ms-win-crt-string-l1-1-0

strcspn
strspn
strncmp

api-ms-win-crt-time-l1-1-0

clock
strftime
_gmtime64
_localtime64
_mktime64

api-ms-win-crt-convert-l1-1-0

strtod
strtoul
strtoull
strtoll
strtol

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_aligned_realloc
free
_aligned_free

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

bsearch

Exports

Exports

av_add_i
av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_ambient_viewing_environment_alloc
av_ambient_viewing_environment_create_side_data
av_append_path_component
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_buffer_get_opaque
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_description
av_channel_description_bprint
av_channel_from_string
av_channel_layout_channel_from_index
av_channel_layout_channel_from_string
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_default
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_extract_channel
av_channel_layout_from_mask
av_channel_layout_from_string
av_channel_layout_index_from_channel
av_channel_layout_index_from_string
av_channel_layout_standard
av_channel_layout_subset
av_channel_layout_uninit
av_channel_name
av_channel_name_bprint
av_chroma_location_enum_to_pos
av_chroma_location_from_name
av_chroma_location_name
av_chroma_location_pos_to_enum
av_cmp_i
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_cpu_count
av_cpu_force_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_csp_approximate_trc_gamma
av_csp_luma_coeffs_from_avcsp
av_csp_primaries_desc_from_id
av_csp_primaries_id_from_desc
av_csp_trc_func_from_id
av_d2q
av_default_get_category
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_detection_bbox_alloc
av_detection_bbox_create_side_data
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_iterate
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_dovi_metadata_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynamic_hdr_plus_create_side_data
av_dynamic_hdr_vivid_alloc
av_dynamic_hdr_vivid_create_side_data
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_count_func
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc2
av_fifo_alloc_array
av_fifo_auto_grow_limit
av_fifo_can_read
av_fifo_can_write
av_fifo_drain
av_fifo_drain2
av_fifo_elem_size
av_fifo_free
av_fifo_freep
av_fifo_freep2
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_grow2
av_fifo_peek
av_fifo_peek_to_cb
av_fifo_read
av_fifo_read_to_cb
av_fifo_realloc2
av_fifo_reset
av_fifo_reset2
av_fifo_size
av_fifo_space
av_fifo_write
av_fifo_write_from_cb
av_file_map
av_file_unmap
av_film_grain_params_alloc
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_plane_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_gcd_q
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_extended_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create_derived_opts
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_plane_uc_from
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int2i
av_int_list_length_for_size
av_lfg_init
av_lfg_init_from_data
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_once
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_memdup
av_mod_i
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_nearer_q
av_opt_child_class_iterate
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_channel_layout
av_opt_get_chlayout
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_channel_layout
av_opt_set_chlayout
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_pixelutils_get_sad_fn
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_read_image_line
av_read_image_line2
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_ripemd_alloc
av_ripemd_final
av_ripemd_init
av_ripemd_size
av_ripemd_update
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_sha512_alloc
av_sha512_final
av_sha512_init
av_sha512_size
av_sha512_update
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_shr_i
av_size_mult
av_small_strptime
av_spherical_alloc
av_spherical_from_name
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_stereo3d_from_name
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod

Sections

.text
Size: 425KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/foo_converter.dll
.dll windows:6 windows x86 arch:x86

251451b48a00f61478fb0f070f156a3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_converter.pdb

Imports

uxtheme

DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData
GetThemePartSize
SetWindowTheme

kernel32

GetVersionExW
PowerCreateRequest
PowerClearRequest
PowerSetRequest
CompareStringW
GetModuleHandleW
GetProcAddress
lstrcmpiW
VerSetConditionMask
VerifyVersionInfoW
lstrlenW
OutputDebugStringW
GetTickCount
ResumeThread
WideCharToMultiByte
IsDebuggerPresent
GetSystemTimeAsFileTime
InitOnceComplete
InitOnceBeginInitialize
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
LoadLibraryExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
QueryPerformanceCounter
DecodePointer
GetExitCodeProcess
GetStdHandle
CreateFileW
CreateNamedPipeW
GetCurrentProcessId
TerminateProcess
CreateProcessW
GetThreadPriority
CancelIoEx
GetOverlappedResult
WaitForMultipleObjects
WriteFile
ResetEvent
CreateEventW
GetCurrentProcess
DuplicateHandle
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
GetCurrentThread
SetThreadPriority
CloseHandle
WaitForSingleObject
GetTickCount64
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
SetEvent
LoadLibraryExA
WakeAllConditionVariable
DisableThreadLibraryCalls

user32

TranslateAcceleratorW
GetSystemMetrics
EnumThreadWindows
IsWindowVisible
GetWindowPlacement
IsIconic
MonitorFromRect
GetMenu
GetClipboardData
CloseClipboard
OpenClipboard
AdjustWindowRect
GetWindowTextW
GetWindowTextLengthW
GetClassNameW
GetFocus
SystemParametersInfoW
ReleaseDC
GetDC
GetSysColor
OffsetRect
ReleaseCapture
TrackMouseEvent
GetCapture
UpdateWindow
IsWindow
CharLowerW
LoadAcceleratorsW
DestroyAcceleratorTable
DrawTextW
RegisterWindowMessageW
CharNextW
DrawEdge
DrawFrameControl
DrawFocusRect
NotifyWinEvent
FillRect
SetWindowTextW
IsRectEmpty
MapWindowPoints
GetWindowDC
GetMessagePos
GetDlgCtrlID
SetDlgItemInt
InflateRect
DialogBoxParamW
FrameRect
UnhookWindowsHookEx
SetWindowsHookExW
WindowFromPoint
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
EndDialog
CopyRect
RedrawWindow
GetKeyState
ScrollWindowEx
GetParent
SetCursor
SetCapture
KillTimer
GetCursorPos
DestroyMenu
MonitorFromPoint
SetScrollPos
SetScrollInfo
SetGestureConfig
CreatePopupMenu
CloseGestureInfoHandle
GetGestureInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetScrollInfo
AdjustWindowRectEx
MapDialogRect
EndDeferWindowPos
TrackPopupMenu
IsZoomed
DeferWindowPos
BeginDeferWindowPos
AppendMenuW
PtInRect
IntersectRect
ScreenToClient
GetClassInfoExW
RegisterClassExW
CreateWindowExW
CallWindowProcW
ClientToScreen
GetMonitorInfoW
EndPaint
BeginPaint
GetClientRect
SetLayeredWindowAttributes
GetWindowRect
SetFocus
MessageBeep
SetWindowPos
IsWindowEnabled
DestroyWindow
GetActiveWindow
SetTimer
PostMessageW
SetDlgItemTextW
EnableWindow
SendDlgItemMessageW
ShowWindow
CreateDialogParamW
LoadCursorW
GetWindowLongW
SetWindowLongW
UnregisterClassW
DefWindowProcW
RegisterClassW
GetDlgItem
SendMessageW
InvalidateRect
SetRectEmpty

gdi32

CreateCompatibleDC
GetTextMetricsW
LPtoDP
SaveDC
RestoreDC
OffsetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
CombineRgn
GetDeviceCaps
LineTo
MoveToEx
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
OffsetRgn
FillRgn
FrameRgn
CreatePolygonRgn
SetDCBrushColor
GetObjectW
SetBkMode
GetStockObject
CreateFontIndirectW
SetDCPenColor
ExtTextOutW
SetBkColor
SetTextColor
DeleteObject
DeleteDC
SelectObject

shell32

ShellExecuteW
ord74

oleaut32

VariantClear
VariantInit
SysAllocString

shared

_stricmp_utf8_ex@16
_uSearchPath@16
_uGetModuleFileName@8
_uFileExists@4
_uCreateFile@28
_stricmp_utf8_partial@12
_stricmp_utf8@8
_uDeleteFile@4
_uGetDlgItemText@12
_uSendMessageText@16
?g_from_system@t_font_description@@SG?AU1@H@Z
?create@t_font_description@@QBGPAUHFONT__@@XZ
_PokeWindow@4
_uCharUpper@4
_ModalDialog_Switch@4
_FindOwningPopup@4
_uReplaceStringAdd@32
_uGetOpenFileName@32
_uBrowseForFolder@12
_uAddStringLower@12
_ModalDialog_CanCreateNew@0
_ModalDialog_PokeExisting@0
_uStringCompare@8
_uCreateDirectory@8
_uGetTempPath@4
??1uCallStackTracker@@QAE@XZ
??0uCallStackTracker@@QAE@PBD@Z
_uSetDlgItemText@12
?scale@audio_math@@YGXPBMIPAMM@Z
_uFormatSystemErrorMessage@8
_uGetWindowText@8
_uShellExecute@24
_uExceptFilterProc@4
_uSetWindowText@8
_GetInfiniteWaitEvent@0
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uFindFirstFile@4

msvcp140

_Thrd_hardware_concurrency
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ

shlwapi

SHAutoComplete

comctl32

ord413
ord410

msimg32

GradientFill

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown

vcruntime140

memcmp
memmove
__current_exception
wcschr
memcpy
__current_exception_context
_except_handler3
__CxxFrameHandler3
_except_handler4_common
__std_terminate
_CxxThrowException
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
_purecall
memset
strstr
strrchr
strchr

api-ms-win-crt-string-l1-1-0

_strdup
strncmp
wcsnlen
wcscpy_s
wcslen
strcmp
strlen
strcat_s

api-ms-win-crt-heap-l1-1-0

malloc
_expand
free
realloc
_aligned_malloc
_aligned_realloc
_aligned_free
_callnewh
_recalloc

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_invalid_parameter_noinfo
abort
_controlfp_s
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn
_errno

api-ms-win-crt-utility-l1-1-0

abs
rand
srand
_byteswap_ulong
_byteswap_ushort

api-ms-win-crt-math-l1-1-0

fabs
sqrt
frexp
ldexp
floor
__libm_sse2_pow
ceil
lround
llround

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-convert-l1-1-0

_atoi64
atoi
_wtoi

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop
CoCreateGuid

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_dsp_eq.dll
.dll windows:6 windows x86 arch:x86

a2fca92677978cc35940ba030d5548ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_dsp_eq.pdb

Imports

kernel32

GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
RaiseException
MulDiv
GetLastError
TerminateProcess
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
GetSystemTimeAsFileTime
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
SetLastError
MultiByteToWideChar
OutputDebugStringW
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
lstrlenW
GetVersionExW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared

user32

DrawTextW
GetDC
RedrawWindow
UnregisterClassW
DestroyWindow
SetWindowLongW
GetWindowLongW
DefWindowProcW
CallWindowProcW
SetTimer
ShowWindow
KillTimer
GetWindowRect
SetWindowPos
SetLayeredWindowAttributes
GetClientRect
GetSysColor
GetParent
EnumChildWindows
DeferWindowPos
GetWindowDC
ReleaseDC
BeginDeferWindowPos
EndDeferWindowPos
AdjustWindowRectEx
GetDlgItem
ClientToScreen
CreateWindowExW
RegisterClassExW
GetClassInfoExW
LoadCursorW
FillRect
SetFocus
CreateDialogParamW
EndDialog
MapWindowPoints
GetClassNameW
DrawFocusRect
GetMenuStringW
GetWindow
SendMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CharLowerW
GetKeyState
GetClipboardData
CloseClipboard
OpenClipboard
AdjustWindowRect
EnableWindow
NotifyWinEvent
MessageBeep
GetFocus
IsRectEmpty
TrackMouseEvent
GetMessagePos
UnhookWindowsHookEx
DrawIconEx
DrawIcon
FrameRect
SetWindowsHookExW
WindowFromPoint
DrawFrameControl
GetDlgCtrlID
OffsetRect
CopyRect
InflateRect
IntersectRect
SystemParametersInfoW
RegisterWindowMessageW
PtInRect
DialogBoxParamW
GetMenuBarInfo
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
SetCursor
SetCapture
GetCursorPos
ScreenToClient
PostMessageW
GetIconInfo
BeginPaint
EndPaint
InvalidateRect
IsWindowEnabled

gdi32

DeleteObject
ExtTextOutW
SaveDC
SelectObject
DeleteDC
GetStockObject
CreateFontIndirectW
RestoreDC
GetDeviceCaps
CreatePen
SetTextColor
SetBkColor
GetCurrentObject
CreateRectRgn
FillRgn
FrameRgn
CreatePolygonRgn
GetTextExtentPoint32W
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
GetObjectW
IntersectClipRect
SetWindowOrgEx
OffsetWindowOrgEx
LPtoDP
GetTextMetricsW
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
OffsetRgn
GetBkColor
GetTextColor
SetBkMode
MoveToEx
LineTo
SetDCPenColor
SetDCBrushColor

oleaut32

VariantInit
SysAllocString
VariantClear

shared

_uGetTextExtentPoint32@16
_uFormatSystemErrorMessage@8
_GetInfiniteWaitEvent@0
??1uCallStackTracker@@QAE@XZ
??0uCallStackTracker@@QAE@PBD@Z
_uExceptFilterProc@4
_ModalDialog_Switch@4
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uGetFontHeight@4
_uGetOpenFileName@32

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ

comctl32

ImageList_DrawEx
ord410
ord413
ImageList_GetIconSize

uxtheme

OpenThemeData
DrawThemeBackground
GetThemePartSize
CloseThemeData
IsThemePartDefined
SetWindowTheme
DrawThemeTextEx

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdiplusShutdown
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipDeletePen
GdipCreatePen1

vcruntime140

__std_exception_copy
__std_exception_destroy
__std_terminate
__CxxFrameHandler3
_purecall
__std_type_info_destroy_list
_CxxThrowException
__current_exception_context
__current_exception
_except_handler4_common
memset
strstr
memcmp
memmove
memcpy
strchr
_except_handler3

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_errno
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
terminate
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
abort

api-ms-win-crt-heap-l1-1-0

_recalloc
_callnewh
realloc
free
malloc
_expand

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_wcsicmp
_strdup
wcsnlen

api-ms-win-crt-math-l1-1-0

__libm_sse2_pow
__libm_sse2_sin
ceil
__libm_sse2_cos
lround

api-ms-win-crt-utility-l1-1-0

rand
srand

shell32

ord74

ole32

DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CreateStreamOnHGlobal
CoCreateInstance

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_dsp_std.dll
.dll windows:6 windows x86 arch:x86

2336027b8f4a7374b1d4c784af837b43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_dsp_std.pdb

Imports

kernel32

GetProcessHeap
DecodePointer
HeapAlloc
HeapFree
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
TerminateProcess
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcess
IsDebuggerPresent
GetProcAddress
OutputDebugStringW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive

user32

SendMessageW
EndDialog
UnregisterClassW
DialogBoxParamW
SetWindowLongW
DestroyWindow
EnableWindow
wsprintfW
SetDlgItemInt
GetDlgItemInt
GetDlgItem
SetWindowTextW
SendDlgItemMessageW
wsprintfA
CreateDialogParamW
ShowWindow

shared

_GetInfiniteWaitEvent@0
?calculate_peak@audio_math@@YGMPBMI@Z
_uPrintfV@12
_uSendMessageText@16
_uExceptFilterProc@4
_ModalDialog_Switch@4
_uBugCheck@0
_uPrintCrashInfo_OnEvent@8
_uSetDlgItemText@12
_uSetWindowText@8
_uGetWindowText@8
_uGetDlgItemText@12

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140

__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
memcpy
memset
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
memcmp
_except_handler3
__CxxFrameHandler3
memmove

api-ms-win-crt-heap-l1-1-0

_expand
_aligned_free
free
_aligned_malloc
malloc
realloc
_callnewh
_aligned_realloc
calloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_crt_atexit
_register_onexit_function
_execute_onexit_table
_cexit

api-ms-win-crt-math-l1-1-0

llround
lround
_CItanh
__libm_sse2_cos
__libm_sse2_log10
__libm_sse2_pow
__libm_sse2_sin
ceil

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_fileops.dll
.dll windows:6 windows x86 arch:x86

1558445ee8c94ae3cb3edd1356841f07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_fileops.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentThread
OutputDebugStringW
GetVolumePathNameW
CreateHardLinkW
GetTickCount64
WaitForSingleObject
CloseHandle
GlobalSize
GlobalUnlock
CreateEventW
SetEvent
ResetEvent
GlobalLock
GlobalAlloc
GlobalFree
LoadLibraryExW
GetTickCount
lstrlenW
VerSetConditionMask
VerifyVersionInfoW
GetVersionExW
GetProcAddress
GetThreadPriority
SetThreadPriority
ResumeThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
IsDebuggerPresent
GetCurrentProcess
GetSystemTimeAsFileTime
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
DecodePointer
LoadLibraryExA
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
DisableThreadLibraryCalls
TerminateProcess
MoveFileExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
VirtualFree
HeapDestroy
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
RaiseException
MulDiv
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
DeleteCriticalSection
GetLastError
GetFileAttributesW
SetLastError

user32

SystemParametersInfoW
ScrollWindowEx
SetScrollPos
EnumThreadWindows
IsWindowVisible
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
GetWindowPlacement
IsIconic
CloseGestureInfoHandle
MonitorFromRect
GetGestureInfo
GetMenu
GetClipboardData
CloseClipboard
OpenClipboard
AdjustWindowRect
MapWindowPoints
OffsetRect
RegisterWindowMessageW
DrawEdge
AdjustWindowRectEx
MapDialogRect
IsZoomed
FillRect
EndDeferWindowPos
GetDC
DeferWindowPos
GetDlgCtrlID
DrawFrameControl
GetWindowTextLengthW
GetScrollInfo
GetWindowTextW
CopyRect
InvalidateRgn
GetSystemMetrics
GetSysColor
CharLowerW
SetActiveWindow
GetNextDlgTabItem
CallNextHookEx
WindowFromPoint
SetWindowsHookExW
UnhookWindowsHookEx
FrameRect
DrawTextW
IsRectEmpty
RedrawWindow
InflateRect
GetMessagePos
GetWindowDC
TrackMouseEvent
ReleaseDC
NotifyWinEvent
DestroyMenu
MonitorFromPoint
RegisterClassW
CreatePopupMenu
TrackPopupMenuEx
AppendMenuW
GetActiveWindow
GetFocus
MessageBeep
SetWindowTextW
GetDlgItem
GetMonitorInfoW
GetKeyState
PostMessageW
GetParent
CreateDialogParamW
SetTimer
SetCursor
SetCapture
KillTimer
SetFocus
GetCursorPos
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
PtInRect
ClientToScreen
IntersectRect
ScreenToClient
GetWindowRect
EnableWindow
ShowWindow
SetWindowPos
IsWindowEnabled
InvalidateRect
EndPaint
BeginPaint
GetClientRect
SetLayeredWindowAttributes
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
DestroyWindow
UnregisterClassW
SendMessageW
BeginDeferWindowPos

gdi32

FrameRgn
IntersectClipRect
GetStockObject
CreatePolygonRgn
CreateCompatibleBitmap
SetWindowOrgEx
OffsetWindowOrgEx
RestoreDC
SetDCBrushColor
SaveDC
SetViewportOrgEx
LPtoDP
CombineRgn
CreateFontIndirectW
SetDCPenColor
LineTo
MoveToEx
SetBkMode
GetObjectW
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
GetBkColor
GetCurrentObject
CreatePen
OffsetRgn
GetTextMetricsW
SelectObject
CreateCompatibleDC
BitBlt
FillRgn
GetDeviceCaps
ExtTextOutW
SetBkColor
SetTextColor
DeleteObject
DeleteDC

shell32

SHFileOperationW
SHQueryRecycleBinW
ord74

oleaut32

VariantInit
SysAllocString
VariantClear

shared

_PokeWindow@4
_uGetWindowText@8
_uShellExecute@24
_ModalDialog_Switch@4
_uGetOpenFileName@32
_uBrowseForFolder@12
_ModalDialog_PokeExisting@0
_GetInfiniteWaitEvent@0
_uSetWindowText@8
?g_from_system@t_font_description@@SG?AU1@H@Z
?create@t_font_description@@QBGPAUHFONT__@@XZ
_uExceptFilterProc@4
_stricmp_utf8_ex@16
??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ
_FindOwningPopup@4
_uFormatSystemErrorMessage@8
_ModalDialog_CanCreateNew@0
_uAddStringLower@12
_stricmp_utf8@8
_uGetFileAttributes@4
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_stricmp_utf8_partial@12
_uEvalKnownFolder@4

msvcp140

?__ExceptionPtrAssign@@YAXPAXPBX@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z

shlwapi

SHAutoComplete

comctl32

ord413
ord410

msimg32

GradientFill

oleacc

LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdiplusShutdown

vcruntime140

_except_handler3
__CxxFrameHandler3
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
memset
strrchr
strstr
memcpy
strchr
memmove
memcmp
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

abort
_invalid_parameter_noinfo
_errno
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-string-l1-1-0

strncmp
_strdup
strcmp
wcsnlen
wcslen
strlen

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
realloc
_recalloc
_expand

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s

api-ms-win-crt-math-l1-1-0

fabs
__libm_sse2_pow
ceil
sqrt
lround

api-ms-win-crt-utility-l1-1-0

srand
rand

uxtheme

SetWindowTheme
DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
DoDragDrop

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_freedb2.dll
.dll windows:6 windows x86 arch:x86

614576a1615ca095a3d660cb587485e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_freedb2.pdb

Imports

kernel32

RaiseException
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
LeaveCriticalSection
GetProcessHeap
HeapDestroy
DecodePointer
DisableThreadLibraryCalls
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
SetLastError
GetSystemTimeAsFileTime
OutputDebugStringW
GetThreadPriority
SetThreadPriority
GetCurrentThread
SetEvent
GetTickCount64
TerminateProcess
GetCurrentProcess
CloseHandle
IsDebuggerPresent
WaitForSingleObject
CreateEventW
GlobalUnlock
GlobalLock
GetVersionExW
GlobalSize
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetProcAddress
lstrlenW
InitializeCriticalSection

user32

MessageBoxW
SetWindowTextW
PostMessageW
SendMessageW
DestroyWindow
InvalidateRect
DefWindowProcW
GetClassInfoExW
RegisterClassExW
GetParent
LoadCursorW
RegisterClassW
GetDlgItemInt
CopyRect
AdjustWindowRect
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
WindowFromPoint
EndDialog
DialogBoxParamW
SetWindowLongW
FillRect
EnableWindow
DrawTextW
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
UnregisterClassW
GetSysColor
SetWindowPos
EndPaint
BeginPaint
UpdateWindow
GetDlgItem
DrawEdge
GetKeyState
GetClipboardData
IntersectRect
CreateDialogParamW
ShowWindow
LoadIconW
IsWindowEnabled
CallWindowProcW
CloseClipboard
OpenClipboard
SetFocus
GetWindowRect
MapWindowPoints
GetClientRect
BeginDeferWindowPos
DeferWindowPos
IsZoomed
EndDeferWindowPos
MapDialogRect
AdjustWindowRectEx
CreateWindowExW

gdi32

GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
SelectObject
SetTextColor
SetBkMode
GetObjectW

advapi32

CryptGetHashParam
CryptAcquireContextW
CryptDestroyHash
CryptReleaseContext
CryptCreateHash
CryptHashData

shared

??0uCallStackTracker@@QAE@PBD@Z
_ModalDialog_PokeExisting@0
_stricmp_utf8@8
_ModalDialog_CanCreateNew@0
_uSetDlgItemText@12
_uGetDlgItemText@12
_ModalDialog_Switch@4
_GetInfiniteWaitEvent@0
_uGetWindowText@8
_uSetWindowText@8
_uExceptFilterProc@4
_stricmp_utf8_ex@16
_uBugCheck@0
_uFormatSystemErrorMessage@8
??1uCallStackTracker@@QAE@XZ
_uPrintCrashInfo_OnEvent@8

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ

vcruntime140

strstr
memcpy
strchr
_purecall
memset
memmove
__std_exception_copy
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
_except_handler3
__std_exception_destroy
__std_terminate
__CxxFrameHandler3
memcmp

api-ms-win-crt-string-l1-1-0

wcsnlen
strncmp
_strdup
strcmp
strlen

api-ms-win-crt-heap-l1-1-0

free
malloc
_expand
_recalloc
_callnewh
realloc

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_errno
_crt_atexit
abort
_initterm_e
_initterm
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_cexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

lround
ceil
llround

api-ms-win-crt-utility-l1-1-0

srand
rand

uxtheme

SetWindowTheme

ole32

CoCreateInstance

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_input_std.dll
.dll windows:6 windows x86 arch:x86

090e7ccdb351b10a91b6734b249bfd04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_input_std.pdb

Imports

zlib1

inflateEnd
inflate
inflateInit_

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmFormatTagDetailsW
acmFormatSuggest
acmStreamOpen
acmStreamUnprepareHeader
acmStreamClose

avcodec-fb2k-60

avcodec_open2
avcodec_close
avcodec_send_packet
avcodec_receive_frame
av_init_packet
av_packet_unref
avcodec_parameters_to_context
avcodec_free_context
avcodec_flush_buffers
avcodec_parameters_free
avcodec_parameters_alloc
avcodec_parameters_from_context
avcodec_alloc_context3
avcodec_find_decoder

avformat-fb2k-60

avio_alloc_context
avio_context_free
avformat_close_input
avformat_alloc_context
avformat_open_input
avformat_find_stream_info
av_find_best_stream
av_seek_frame
av_read_frame

avutil-fb2k-58

av_dict_free
av_free
av_frame_unref
av_version_info
av_malloc
av_dict_set
av_mallocz
av_crc
av_crc_get_table

kernel32

DeviceIoControl
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionEx
GetCurrentThreadId
RaiseException
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
MulDiv
GetTickCount64
VirtualFree
FreeLibrary
GetProcAddress
GetVersionExW
SetEvent
SetFileAttributesW
GetFileSize
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
LoadLibraryExA
IsDebuggerPresent
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
TerminateProcess
VirtualAlloc
GetLastError
SetLastError
WideCharToMultiByte
GetDriveTypeW
SystemTimeToFileTime
ResumeThread
SetThreadPriority
GetThreadPriority
MultiByteToWideChar
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
GetModuleHandleW
GlobalSize
DecodePointer
GetStdHandle
CreateFileW
OutputDebugStringW
GetCurrentThread
GlobalLock
GlobalUnlock
CreateEventW
WaitForSingleObject
ResetEvent
WaitForMultipleObjects
LoadLibraryExW
DeleteFileW
Sleep
lstrlenW

user32

DrawEdge
AdjustWindowRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
CopyRect
EnumThreadWindows
GetSystemMetrics
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
MapWindowPoints
IsZoomed
ClientToScreen
GetDlgItemInt
MessageBoxW
SetWindowTextW
OffsetRect
UpdateWindow
FillRect
DrawTextW
GetClassInfoExW
RegisterClassExW
EndDeferWindowPos
DeferWindowPos
GetFocus
TrackMouseEvent
GetDlgCtrlID
EndPaint
BeginPaint
DrawFrameControl
ReleaseDC
GetWindowDC
WindowFromPoint
CloseClipboard
OpenClipboard
MapDialogRect
GetWindowTextW
GetWindowTextLengthW
CharLowerW
RegisterClassW
CreateWindowExW
LoadCursorW
GetMenu
AdjustWindowRectEx
GetWindowRect
SetFocus
InvalidateRect
CreateDialogParamW
MessageBeep
ShowWindow
GetDlgItem
SendDlgItemMessageW
SetDlgItemInt
CallWindowProcW
DefWindowProcW
DestroyWindow
GetKeyState
EnableWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
PostMessageW
IsWindowEnabled
GetClientRect
GetParent
UnregisterClassW
SendMessageW
wsprintfW
IsWindowVisible
IntersectRect
GetWindowPlacement
IsIconic
GetSysColor
GetDC
GetClipboardData
GetMonitorInfoW
BeginDeferWindowPos
MonitorFromRect
SystemParametersInfoW

gdi32

SelectObject
GetTextExtentPoint32W
SetTextColor
SetBkMode
GetDeviceCaps
SetBkColor
GetBkColor
GetTextColor
CreateFontIndirectW
GetObjectW
DeleteObject
DeleteDC
GetStockObject

shell32

DragFinish

shared

?scale@audio_math@@YGXPBMIPAMM@Z
_uAddStringUpper@12
_stricmp_utf8_ex@16
_uCharUpper@4
_uCharLower@4
_uDragQueryFileCount@4
_uDragQueryFile@12
?convert_from_int32@audio_math@@YGXPBHIPAMM@Z
_stricmp_utf8_partial@12
??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ
_LoadSystemLibrary@4
_uGetTempPath@4
_uGetTempFileName@16
?convert_from_int16@audio_math@@YGXPBFIPAMM@Z
_uGetOpenFileName@32
_ModalDialog_CanCreateNew@0
_ModalDialog_PokeExisting@0
_uAddStringLower@12
_uSendMessageText@16
_uExceptFilterProc@4
_PokeWindow@4
_uSetWindowText@8
_uGetDlgItemText@12
_stricmp_utf8@8
_CreateFileAbortable@28
_uGetWindowText@8
_uBugCheck@0
_uDeleteFile@4
_uReplaceStringAdd@32
_GetInfiniteWaitEvent@0
_uFormatSystemErrorMessage@8
_uPrintCrashInfo_OnEvent@8
?convert_to_int16@audio_math@@YGXPBMIPAFM@Z

msvcp140

?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

uxtheme

DrawThemeBackground
CloseThemeData
SetWindowTheme
OpenThemeData

vcruntime140

memmove
memcpy
strrchr
wcschr
strstr
memcmp
strchr
__std_exception_copy
__std_terminate
__std_exception_destroy
__CxxFrameHandler3
memset
wcsrchr
memchr
_except_handler4_common
__current_exception
__current_exception_context
_CxxThrowException
_purecall
_except_handler3
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_controlfp_s
_invalid_parameter_noinfo
_errno
_initterm_e
_beginthreadex
_initterm
terminate
_cexit
_invalid_parameter_noinfo_noreturn
_crt_atexit
_configure_narrow_argv
abort
_initialize_narrow_environment
_initialize_onexit_table
exit
_execute_onexit_table
_register_onexit_function
_seh_filter_dll

api-ms-win-crt-convert-l1-1-0

_itoa_s
strtod
atoi
_wtoi
atoll
_atoi64

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsprintf
fclose
__acrt_iob_func
__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

strcmp
isdigit
_strnicmp
strncmp
towlower
isalnum
wcscat_s
strcpy_s
_wcsicmp
_strdup
wcscpy_s
wcsnlen
wcslen
strcat_s
strlen

api-ms-win-crt-heap-l1-1-0

_expand
realloc
malloc
_aligned_free
_callnewh
free
_aligned_realloc
_aligned_malloc
calloc
_recalloc

api-ms-win-crt-math-l1-1-0

__libm_sse2_exp
ceil
atan
lround
acos
__libm_sse2_cosf
pow
sqrt
exp
log
fabs
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_pow
llround
cos
ldexp
exp2
__libm_sse2_sin
__libm_sse2_log
floor
sin

api-ms-win-crt-utility-l1-1-0

abs
labs
srand
rand
qsort

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid

Exports

Exports

_ConvertFile@24
_ConvertFileW2@16
_ConvertFileW@24
_CreateIAPEDecompress@20
_CreateIAPEDecompressEx2@16
_CreateIAPEDecompressEx@8
_DecompressFile@20
_DecompressFileW2@12
_DecompressFileW@20
_FillRF64Header@16
_FillWaveFormatEx@20
_FillWaveHeader@20
_GetAPECompressionLevelName@16
_GetAPEFileType@8
_VerifyFile@20
_VerifyFileW2@12
_VerifyFileW@20
foobar2000_get_interface

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_ui_std.dll
.dll windows:6 windows x86 arch:x86

40e8eadb87d51a2e76d439dc59c46862

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_ui_std.pdb

Imports

comctl32

ord412
InitCommonControlsEx
ImageList_GetIconSize
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ord410
ord413
ImageList_Destroy

gdiplus

GdipAlloc
GdipDisposeImage
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipGraphicsClear
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHICONFromBitmap
GdipCreateBitmapFromScan0
GdipCloneImage
GdipFree
GdipLoadImageFromStream
GdipGetImageHeight
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipSetCompositingMode
GdipDrawImageRect
GdiplusShutdown
GdiplusStartup
GdipCreatePen1
GdipDeletePen
GdipGetImageWidth
GdipDrawLines
GdipDrawImageI
GdipDrawImageRectI
GdipDrawLinesI
GdipDrawLineI

uxtheme

GetThemePartSize
DrawThemeTextEx
SetWindowTheme
DrawThemeBackground
IsThemePartDefined
CloseThemeData
OpenThemeData
EnableThemeDialogTexture

kernel32

AcquireSRWLockShared
DecodePointer
ResumeThread
CreateEventW
SetEvent
ResetEvent
SetThreadPriority
GetThreadPriority
MultiByteToWideChar
GetVersion
IsDebuggerPresent
GetCurrentThread
GetCurrentProcess
OutputDebugStringW
WaitForSingleObject
WaitForMultipleObjects
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemTimeAsFileTime
InitOnceComplete
InitOnceBeginInitialize
EncodePointer
LoadLibraryExW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
TerminateProcess
VerSetConditionMask
VerifyVersionInfoW
ReleaseSRWLockShared
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
InitializeCriticalSectionEx
GetCurrentThreadId
RaiseException
SetLastError
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleW
MulDiv
GlobalSize
GetCurrentProcessId
GetTickCount64
lstrlenW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetSystemInfo

user32

GetSysColorBrush
IsIconic
RegisterWindowMessageW
keybd_event
MapWindowPoints
CallNextHookEx
SystemParametersInfoW
GetWindowThreadProcessId
IsWindow
IsChild
UpdateWindow
GetCapture
GetSystemMetrics
DrawEdge
DestroyMenu
MonitorFromPoint
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CreatePopupMenu
CheckMenuRadioItem
SetMenuDefaultItem
GetSysColor
GetClipboardData
IsClipboardFormatAvailable
AdjustWindowRectEx
RegisterClipboardFormatW
TrackMouseEvent
PtInRect
FillRect
DrawIconEx
SetWindowTextW
MonitorFromWindow
GetActiveWindow
SetForegroundWindow
ScrollWindow
GetMenuItemCount
DrawTextW
ReleaseDC
GetDC
wsprintfW
DestroyAcceleratorTable
EqualRect
CharUpperW
CharLowerW
LoadAcceleratorsW
SetWindowPlacement
EnumDisplayMonitors
UnionRect
EnumThreadWindows
GetWindowPlacement
CloseClipboard
OpenClipboard
AdjustWindowRect
NotifyWinEvent
InvalidateRgn
SetScrollPos
SetScrollInfo
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
TrackPopupMenuEx
GetMenuItemInfoW
GetMenuState
GetScrollInfo
GetMenuStringW
DrawIcon
GetMenuBarInfo
IsZoomed
MapDialogRect
SetRectEmpty
DrawFocusRect
GetWindowTextLengthW
GetClassNameW
IntersectRect
ScrollWindowEx
EndPaint
BeginPaint
ReleaseCapture
SetCapture
SetDlgItemTextW
GetNextDlgTabItem
IsRectEmpty
DestroyIcon
LoadImageW
OffsetRect
CopyRect
GetMonitorInfoW
MonitorFromRect
GetDlgItemInt
SetDlgItemInt
TranslateAcceleratorW
FrameRect
EnableMenuItem
GetSubMenu
LoadMenuW
IsDialogMessageW
GetMenu
GetWindowDC
GetWindow
GetIconInfo
GetDlgCtrlID
DrawFrameControl
GetWindowTextW
ValidateRect
PeekMessageW
InflateRect
GetMenuItemID
UnhookWindowsHookEx
MessageBeep
GetFocus
SetCursor
WindowFromPoint
GetCursorPos
BringWindowToTop
IsWindowVisible
GetKeyState
EnableWindow
IsWindowEnabled
SetLayeredWindowAttributes
KillTimer
ShowWindow
SetTimer
SetWindowPos
ClientToScreen
GetClientRect
GetParent
GetMessagePos
RedrawWindow
ScreenToClient
GetWindowRect
SetFocus
CreateDialogParamW
UnregisterClassW
RegisterClassW
TrackPopupMenu
LoadCursorW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
DestroyWindow
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
AppendMenuW
GetDlgItem
SendMessageW
PostMessageW
SendDlgItemMessageW
InvalidateRect
SetMenuItemInfoW
SetWindowsHookExW

gdi32

SaveDC
RestoreDC
GetDeviceCaps
GetCurrentObject
SetWindowOrgEx
OffsetWindowOrgEx
LPtoDP
GetTextMetricsW
FrameRgn
CreatePolygonRgn
CreatePen
OffsetRgn
SetTextAlign
GetBkColor
GetTextColor
CreateDIBSection
GetClipRgn
SelectClipRgn
IntersectClipRect
MoveToEx
LineTo
SetDCPenColor
GetTextExtentPoint32W
CreateSolidBrush
GetObjectW
SetViewportOrgEx
CreateFontIndirectW
ExtTextOutW
SetBkMode
FillRgn
StretchBlt
BitBlt
SetDCBrushColor
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
CreateRectRgn
CreateRectRgnIndirect
CombineRgn
SetBkColor
SetTextColor
DeleteObject
DeleteDC

shell32

ord74

ole32

OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateGuid
DoDragDrop
OleSetClipboard
ReleaseStgMedium
OleGetClipboard
RegisterDragDrop
RevokeDragDrop
CoCreateInstance

shared

??1uCallStackTracker@@QAE@XZ
??0uCallStackTracker@@QAE@PBD@Z
_uGetOpenFileName@32
_ModalDialog_PokeExisting@0
_ModalDialog_CanCreateNew@0
_uGetTempFileName@16
_uGetTempPath@4
_uPrintfV@12
_uGetWindowText@8
_uAppendMenu@16
_PokeWindow@4
_uGetDlgItemText@12
_uSetDlgItemText@12
_uSetWindowText@8
_stricmp_utf8@8
_uExceptFilterProc@4
_uSetClipboardRawData@12
_stricmp_utf8_ex@16
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
_uGetFontHeight@4
_uStringCompare@8
_FindOwningPopup@4
?calculate_peak@audio_math@@YGMPBMI@Z
?g_from_system@t_font_description@@SG?AU1@H@Z
?create@t_font_description@@QBGPAUHFONT__@@XZ
?popup_dialog@t_font_description@@QAG_NPAUHWND__@@@Z
_uChooseColor@12
_uShellExecute@24
_uFixAmpersandChars@8
_uLoadImage@24
_uShellNotifyIconEx@32
_uShellNotifyIcon@24
_uAddStringUpper@12
_uFormatSystemErrorMessage@8
_uCharLower@4
_uGetMenuItemType@8
_uGetMenuString@16
_uModifyMenu@20
_uBrowseForFolder@12
_ModalDialog_Switch@4
_uFixAmpersandChars_v2@8
_uDragQueryFileCount@4
_uDragQueryFile@12
_uGetModuleFileName@8
_uSendMessageText@16
_uGetTextExtentPoint32@16
?scale@audio_math@@YGXPBMIPAMM@Z
_GetInfiniteWaitEvent@0

msvcp140

?__ExceptionPtrDestroy@@YAXPAX@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?__ExceptionPtrCreate@@YAXPAX@Z
_Thrd_hardware_concurrency
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?_Xlength_error@std@@YAXPBD@Z

shlwapi

SHAutoComplete
StrCmpLogicalW
ord12

msimg32

GradientFill

dwmapi

DwmSetWindowAttribute

vcruntime140

memchr
_except_handler3
__CxxFrameHandler3
__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
strchr
memmove
memset
memcpy
__std_type_info_destroy_list
_CxxThrowException
memcmp
__current_exception_context
wcschr
strstr
_except_handler4_common
__current_exception

api-ms-win-crt-string-l1-1-0

strncpy_s
wcsncpy_s
tolower
wcscat_s
wcscpy_s
wcscmp
wcsnlen
_wcsicmp
_wcsnicmp
_strdup
wcslen
strcmp
strncmp
strlen

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo_noreturn
abort
_invalid_parameter_noinfo
_controlfp_s
_beginthreadex
_configure_narrow_argv
_initialize_narrow_environment
_resetstkoflw
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_seh_filter_dll
terminate
_initterm
_initterm_e

api-ms-win-crt-heap-l1-1-0

_callnewh
_aligned_free
_aligned_realloc
_aligned_malloc
free
malloc
_expand
realloc
_recalloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vswprintf_s

api-ms-win-crt-utility-l1-1-0

rand
labs
srand

api-ms-win-crt-math-l1-1-0

lround
exp
log10
llround
llroundf
sqrt
fabs
lroundf
ceil
__libm_sse2_pow
fmod
log
sin
floor
tanh
pow
cos

api-ms-win-crt-convert-l1-1-0

atoi
_atoi64

advapi32

RegGetValueW

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
components/foo_unpack.dll
.dll windows:6 windows x86 arch:x86

adaf44d65ac55dc32b010dfefb8b1045

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foo_unpack.pdb

Imports

kernel32

FreeLibrary
SetThreadPriority
GetSystemDirectoryW
CreateEventW
LoadLibraryW
SetThreadExecutionState
ReleaseSemaphore
GetProcessAffinityMask
WaitForSingleObject
SetEvent
CreateThread
ResetEvent
CreateSemaphoreW
LocalFileTimeToFileTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
CompareStringW
GetCPInfo
MultiByteToWideChar
IsDBCSLeadByte
WideCharToMultiByte
LocalFree
GetCurrentThreadId
GetModuleHandleA
GetCurrentDirectoryW
GetSystemInfo
GlobalMemoryStatus
GetSystemTimeAsFileTime
DosDateTimeToFileTime
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
SetThreadAffinityMask
ResumeThread
OutputDebugStringW
AcquireSRWLockShared
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FoldStringW
GetVersionExW
FindClose
FindFirstFileW
GetCurrentProcessId
GetFileAttributesW
SetFilePointer
ReadFile
MoveFileW
GetShortPathNameW
GetLongPathNameW
CloseHandle
DeleteFileW
CreateFileW
CreateHardLinkW
SetFileTime
RemoveDirectoryW
DeviceIoControl
GetCurrentProcess
CreateDirectoryW
GetTickCount64
GetProcAddress
GetLastError
EnterCriticalSection
Sleep
IsDebuggerPresent
InitOnceComplete
InitOnceBeginInitialize
WakeAllConditionVariable
SleepConditionVariableSRW
AreFileApisANSI
GetFileType
GetStdHandle
DeleteCriticalSection
InitializeCriticalSection
InitializeCriticalSectionEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
DisableThreadLibraryCalls
InitializeSListHead
SetLastError
LeaveCriticalSection

user32

OemToCharA
OemToCharBuffA
CharToOemA
CharToOemBuffW
CharLowerW
CharUpperW

advapi32

FreeSid
AllocateAndInitializeSid
OpenProcessToken
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
CheckTokenMembership

ole32

CoSetProxyBlanket
CoCreateInstance
CoCreateGuid

oleaut32

SysStringLen
SysAllocStringLen
VariantCopy
SysFreeString
SysAllocString
VariantClear

zlib1

crc32
inflateReset
inflateInit2_
inflate
inflateEnd

shared

_uGetTempPath@4
_GetInfiniteWaitEvent@0
??1uCallStackTracker@@QAE@XZ
_uBugCheck@0
_uPrintCrashInfo_OnEvent@8
_uFormatSystemErrorMessage@8
_stricmp_utf8@8
??0uCallStackTracker@@QAE@PBD@Z

msvcp140

?__ExceptionPtrCopy@@YAXPAXPBX@Z
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_Xlength_error@std@@YAXPBD@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCreate@@YAXPAX@Z

vcruntime140

wcsrchr
wcsstr
wcschr
memcpy
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
__std_terminate
memset
memmove
strstr
strrchr
strchr
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
memcmp

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
terminate
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
exit
_execute_onexit_table
_crt_atexit
abort
_beginthreadex
_cexit

api-ms-win-crt-string-l1-1-0

strlen
wcsncmp
_strdup
_wcsdup
_wcsicmp
wcspbrk
wcsncpy
strncmp

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-math-l1-1-0

ceil
lround

Exports

Exports

foobar2000_get_interface

Sections

.text
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
concrt140.dll
.dll windows:6 windows x86 arch:x86

f7e155027608db4293a50332363a537b

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:8e:1b:c8:29:c8:7a:76:ad:d4:0a:0e:6d:4f:a9:be:af:1e:51:77:7a:7d:ff:9b:ea:06:68:e0:a9:b3:5e:d2
Signer

Actual PE Digest

7c:8e:1b:c8:29:c8:7a:76:ad:d4:0a:0e:6d:4f:a9:be:af:1e:51:77:7a:7d:ff:9b:ea:06:68:e0:a9:b3:5e:d2

Digest Algorithm

sha256

PE Digest Matches

true

7c:8e:1b:c8:29:c8:7a:76:ad:d4:0a:0e:6d:4f:a9:be:af:1e:51:77:7a:7d:ff:9b:ea:06:68:e0:a9:b3:5e:d2
Signer

Actual PE Digest

7c:8e:1b:c8:29:c8:7a:76:ad:d4:0a:0e:6d:4f:a9:be:af:1e:51:77:7a:7d:ff:9b:ea:06:68:e0:a9:b3:5e:d2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\concrt140.i386.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
?_Throw_C_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z

vcruntime140

__CxxFrameHandler3
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__uncaught_exception
memcpy
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
__current_exception
__RTDynamicCast

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
terminate
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_CIsqrt
_CIexp

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vswprintf_s
__acrt_iob_func
fflush

kernel32

WaitForSingleObjectEx
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetThreadTimes
EncodePointer
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
SetLastError
SetThreadpoolTimer
UnregisterWaitEx
CreateSemaphoreExW
ReleaseSemaphore
InitializeSListHead
SetProcessAffinityMask
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetCurrentProcessorNumber
FlushProcessWriteBuffers
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
GetProcAddress
GetModuleHandleW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetTickCount64
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
CreateTimerQueue
GetCurrentThread
CloseHandle
DuplicateHandle
GetLastError
SetEvent
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSectionEx
CreateEventExW
Sleep
SignalObjectAndWait
SwitchToThread
CreateThread
GetThreadPriority

Exports

Exports

??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1agent@Concurrency@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@$$QAV012@@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@$$QAV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
?AgentEventGuid@Concurrency@@3U_GUID@@B
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?ChoreEventGuid@Concurrency@@3U_GUID@@B
?ConcRTEventGuid@Concurrency@@3U_GUID@@B
?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B
?ContextEventGuid@Concurrency@@3U_GUID@@B
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?LockEventGuid@Concurrency@@3U_GUID@@B
?Log2@details@Concurrency@@YAKI@Z
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SchedulerEventGuid@Concurrency@@3U_GUID@@B
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IAEXABV123@IP6AXPAXI@ZP6AX1PBXI@Z4@Z
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IBEIXZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IAEIP6AXPAXI@Z@Z
?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IAEPAXIPAXP6AX0I@ZP6AX0PBXI@Z@Z
?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IAEXABV123@IP6AXPAXPBXI@Z@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IBE_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IAEXXZ
?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IAEIIIP6AXPAXPBXI@Z1@Z
?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IAEIIIP6AXPAXPBXI@Z1@Z
?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IAEXPAX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IAE_NPAX@Z
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IAEXPBX@Z
?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IAEPAXIAAI@Z
?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IAEXIII@Z
?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IAEXIIIP6AXPAXI@ZP6AX0PBXI@Z2@Z
?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IBEIXZ
?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IAEXAAV123@@Z
?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IAEXAAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IBEXXZ
?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IBEXI@Z
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KAII@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?cancel@agent@Concurrency@@QAE_NXZ
?current@location@Concurrency@@SA?AV12@XZ
?done@agent@Concurrency@@IAE_NXZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?is_current_task_group_canceling@Concurrency@@YA_NXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?start@agent@Concurrency@@QAE_NXZ
?status@agent@Concurrency@@QAE?AW4agent_status@2@XZ
?status_port@agent@Concurrency@@QAEPAV?$ISource@W4agent_status@Concurrency@@@2@XZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@agent@Concurrency@@SA?AW4agent_status@2@PAV12@I@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_all@agent@Concurrency@@SAXIPAPAV12@PAW4agent_status@2@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?wait_for_one@agent@Concurrency@@SAXIPAPAV12@AAW4agent_status@2@AAII@Z

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
doc/Query Syntax Help.html
.html
doc/license.html
doc/titleformat_help.css
doc/titleformat_help.html
encoders/flac.exe
.exe windows:4 windows x86 arch:x86

67d8f84ebe2751b34f877d3b8df5c2ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileW
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetConsoleScreenBufferInfo
GetCurrentProcess
GetFileInformationByHandle
GetFileType
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStdHandle
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
SetEndOfFile
SetFilePointerEx
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_filelengthi64
_fileno
_fileno
_fstat64
_get_osfhandle
_initterm
_iob
_lock
_onexit
_setmode
_strdup
_stricmp
_strnicmp
_strtoi64
_strtoui64
_unlock
_wchmod
_wfopen
_wrename
_write
_wstat64
_wunlink
_wutime64
abort
atof
atoi
atol
calloc
clock
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fprintf
fputc
fputws
fread
free
fsetpos
fwrite
getc
getenv
isspace
isxdigit
localeconv
log10
malloc
memchr
memcpy
memmove
memset
memcmp
qsort
rand
realloc
setlocale
setvbuf
signal
srand
strchr
strcmp
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strtol
strtoul
time
tanh
tolower
ungetc
vfprintf
wcslen

Sections

.text
Size: 561KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
encoders/lame.exe
.exe windows:5 windows x86 arch:x86

6482ea4d58686bf37c19f73f72cb0f3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStdHandle
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
WideCharToMultiByte
FindClose
FindFirstFileA
SetPriorityClass
GetCurrentProcess
MultiByteToWideChar
GetConsoleOutputCP
HeapSize
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
LocalFree
LocalAlloc
GetProcAddress
GetModuleHandleA
GetFileAttributesW
FindFirstFileW
FindNextFileW
LoadLibraryA
GetThreadLocale
FormatMessageA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InitializeCriticalSection
LoadLibraryExA
LeaveCriticalSection
GetModuleHandleExA
GetEnvironmentVariableA
EnterCriticalSection
RtlUnwind
GetLastError
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ReadFile
CreateFileW
CloseHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
QueryPerformanceFrequency
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
WriteFile
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetACP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleCP
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
FlushFileBuffers
HeapReAlloc
GetCurrentDirectoryW
SetStdHandle
GetStringTypeW
SetEndOfFile
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
RaiseException

shlwapi

PathIsRelativeW
PathIsUNCW
PathCombineW

Sections

.text
Size: 714KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
encoders/metaflac.exe
.exe windows:4 windows x86 arch:x86

a237f64002a65519265b11c42d50e637

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileW
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetConsoleScreenBufferInfo
GetCurrentProcess
GetFileInformationByHandle
GetFileType
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStdHandle
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_filelengthi64
_fileno
_fileno
_fstat64
_initterm
_iob
_lock
_onexit
_setmode
_strdup
_stricmp
_strnicmp
_strtoi64
_strtoui64
_unlock
_wchmod
_wfopen
_wrename
_write
_wstat64
_wunlink
_wutime64
abort
atof
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fprintf
fputc
fputws
fread
free
fsetpos
fwrite
getenv
isprint
localeconv
log10
malloc
memchr
memcpy
memmove
memset
memcmp
putc
qsort
realloc
setlocale
signal
strchr
strcmp
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strtol
strtoul
vfprintf
wcslen

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
encoders/oggenc2.exe
.exe windows:5 windows x86 arch:x86

967bfbc03b5968eb480eead0609ffe37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
GlobalFree
LoadLibraryA
GetCommandLineW
GetVersionExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetThreadLocale
FormatMessageA
InitializeCriticalSection
LoadLibraryExA
LeaveCriticalSection
GetModuleHandleExA
GetEnvironmentVariableA
EnterCriticalSection
RtlUnwind
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
CreateFileW
GetDriveTypeW
GetFileType
CloseHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
DuplicateHandle
CreateProcessA
GetFileAttributesExW
GetStdHandle
WriteFile
GetModuleFileNameA
GetCommandLineA
GetACP
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetStringTypeW
WaitForSingleObject
GetExitCodeProcess
CreatePipe
CreateDirectoryW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
GetTimeZoneInformation
WriteConsoleW
HeapSize
SetEndOfFile
RaiseException

Sections

.text
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
foobar2000 Shell Associations Updater.exe
.exe windows:6 windows x86 arch:x86

ae9862238f435c7df5c8a28e6030b949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Sources\foobar2000\foobar2000\Release\foobar2000 Shell Associations Updater.pdb

Imports

kernel32

GetModuleHandleW
DeleteCriticalSection
GetFileSize
GetProcAddress
CloseHandle
GetLastError
CreateFileW
InitializeCriticalSectionEx
ReadFile
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
OutputDebugStringW
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
GetCurrentProcess

user32

CharLowerW

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey

shell32

CommandLineToArgvW
SHChangeNotify

shlwapi

SHDeleteKeyW

vcruntime140

_CxxThrowException
_except_handler4_common
__current_exception
__std_terminate
__CxxFrameHandler3
memset
__current_exception_context
__std_exception_destroy
__std_exception_copy
memcpy

api-ms-win-crt-string-l1-1-0

wcslen
_wcsicmp
strlen

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
_set_new_mode
_callnewh

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
terminate
_controlfp_s
_cexit
_seh_filter_exe
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_initialize_wide_environment
_c_exit
_get_wide_winmain_command_line
_initialize_onexit_table
_exit
exit
_initterm_e
_register_onexit_function
_initterm
_set_app_type

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
foobar2000.exe
.exe windows:6 windows x86 arch:x86

126c1a2652b02ce8e0468f437ad90b91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\foobar2000.pdb

Imports

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ord410
ord17
ord412
ord413

winmm

timeEndPeriod
timeBeginPeriod

shlwapi

StrCmpLogicalW
SHDeleteKeyW
SHAutoComplete
ord12

uxtheme

DrawThemeBackground
IsThemePartDefined
OpenThemeData
SetWindowTheme
GetThemePartSize
EnableThemeDialogTexture
CloseThemeData

kernel32

TryEnterCriticalSection
SetThreadPriority
GetSystemPowerStatus
VerifyVersionInfoW
VerSetConditionMask
GlobalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
ResumeThread
GetLocaleInfoW
GetNumberFormatW
DecodePointer
GlobalSize
LoadLibraryW
CreateEventW
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
SetEndOfFile
GetFileTime
FlushFileBuffers
CreateFileW
GetDiskFreeSpaceExW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
MoveFileExW
GetFileAttributesExW
FindNextFileW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
EnterCriticalSection
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
InitOnceComplete
FindClose
SystemTimeToTzSpecificLocalTime
NormalizeString
Sleep
OutputDebugStringW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
DeviceIoControl
SetFileTime
SetFilePointer
DosDateTimeToFileTime
GetFileSizeEx
FileTimeToSystemTime
GetSystemTimeAsFileTime
ReadDirectoryChangesW
GetThreadPriority
GetThreadId
GetFileInformationByHandle
TerminateProcess
GetCurrentProcess
DuplicateHandle
WriteFile
CancelIo
GetOverlappedResult
ReadFile
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCommandLineW
LoadLibraryExW
lstrlenW
GetNativeSystemInfo
GetVersionExW
PowerCreateRequest
PowerClearRequest
PowerSetRequest
LeaveCriticalSection
GetTickCount64
CreateMutexW
GetCurrentThread
GetExitCodeThread
GetCurrentProcessId
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
CopyFileW
VirtualQuery
VirtualProtect
GetSystemInfo
IsDebuggerPresent
FreeLibrary
SetDllDirectoryW
SetEvent
ResetEvent
CloseHandle
WaitForSingleObject
GetModuleHandleW
GetProcAddress
GetTickCount
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
SetErrorMode
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSectionEx
GetLastError
RaiseException
GetCurrentThreadId
InitOnceBeginInitialize
SetLastError
LoadLibraryExA

user32

UnregisterClassW
CreateDialogParamW
SetWindowLongW
SendDlgItemMessageW
GetActiveWindow
GetWindowLongW
GetClientRect
ClientToScreen
GetWindowRect
SetWindowPos
SetLayeredWindowAttributes
BeginPaint
CharUpperW
GetComboBoxInfo
GetSystemMetrics
EnumThreadWindows
GetWindowPlacement
IsIconic
AdjustWindowRect
DrawEdge
SetClipboardData
CloseClipboard
OpenClipboard
FillRect
GetWindowTextLengthW
GetWindowTextW
NotifyWinEvent
RedrawWindow
SetWindowTextW
DrawTextW
TrackMouseEvent
InflateRect
FrameRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetNextDlgTabItem
InvalidateRgn
SystemParametersInfoW
ScrollWindowEx
SetScrollPos
UpdateWindow
SetScrollInfo
SetRectEmpty
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
GetScrollInfo
MapDialogRect
IsZoomed
SetMenuItemInfoW
GetMenuItemInfoW
GetDC
EndPaint
InvalidateRect
IsWindowEnabled
PostMessageW
CreateWindowExW
ScreenToClient
IntersectRect
PtInRect
DefWindowProcW
GetCursorPos
SetFocus
KillTimer
SetCapture
SetCursor
LoadCursorW
SetTimer
RegisterClassExW
GetClassInfoExW
CallWindowProcW
GetWindowDC
ReleaseDC
EnableWindow
ShowWindow
SendMessageW
GetDlgItem
DestroyWindow
RegisterShellHookWindow
CheckMenuRadioItem
WindowFromPoint
GetWindowThreadProcessId
GetClassNameW
EnumWindows
AllowSetForegroundWindow
DrawTextExW
GetClipboardData
IsCharAlphaW
IsClipboardFormatAvailable
LoadImageW
GetDesktopWindow
GetWindow
OffsetRect
CopyRect
MonitorFromWindow
LoadIconW
RegisterClipboardFormatW
MonitorFromRect
CharLowerW
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EmptyClipboard
IsWindowVisible
MoveWindow
IsRectEmpty
AppendMenuW
SetForegroundWindow
IsChild
DeregisterShellHookWindow
DrawFrameControl
GetParent
GetKeyState
GetMessagePos
wsprintfW
TrackPopupMenu
CreatePopupMenu
MonitorFromPoint
GetMonitorInfoW
DestroyMenu
MessageBoxW
EndDialog
DialogBoxParamW
MessageBeep
SetActiveWindow
EnumChildWindows
MapWindowPoints
SetMenuDefaultItem
TrackPopupMenuEx
GetDlgCtrlID
GetSysColor
GetFocus
TranslateAcceleratorW
LoadAcceleratorsW
DestroyAcceleratorTable
RegisterHotKey
UnregisterHotKey
SetDlgItemTextW
MapVirtualKeyW
AdjustWindowRectEx
GetMenu
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
GetMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
RegisterClassW
RegisterWindowMessageW

gdi32

CreateCompatibleBitmap
ExtTextOutW
SetBkColor
SetTextColor
DeleteDC
DeleteObject
GetObjectW
CreateFontIndirectW
CreatePen
OffsetRgn
SelectObject
GetStockObject
SetDCBrushColor
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
GetTextColor
CreateCompatibleDC
GetBkColor
GetDeviceCaps
GetTextMetricsW
LPtoDP
SaveDC
RestoreDC
OffsetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreatePolygonRgn
FrameRgn
FillRgn
SetViewportOrgEx
BitBlt
CombineRgn
SetDCPenColor
LineTo
MoveToEx
SetBkMode
GetCurrentObject

advapi32

CryptDestroyHash
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegCreateKeyW
RegDeleteValueW
RegQueryInfoKeyW
CryptGetHashParam
CryptVerifySignatureW
CryptHashData
CryptCreateHash
RegGetValueW
CryptDestroyKey
RegQueryValueExW
CryptReleaseContext
CryptImportKey
CryptAcquireContextW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW

shell32

SHGetDesktopFolder
SHOpenFolderAndSelectItems
SHGetFolderPathW
ord74
ShellExecuteExW
ShellExecuteW
ord680
DragAcceptFiles
DragFinish
SHCreateItemFromIDList

ole32

CoCreateInstance
OleSetClipboard
OleGetClipboard
CoTaskMemFree
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
CoCreateGuid
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
DoDragDrop
ReleaseStgMedium

oleaut32

VariantClear
VariantInit
SysAllocString

zlib1

inflateEnd
inflate
inflateInit2_
crc32

sqlite3

sqlite3_busy_timeout
sqlite3_close
sqlite3_errmsg
sqlite3_open_v2
sqlite3_column_name
sqlite3_column_count
sqlite3_step
sqlite3_bind_blob
sqlite3_prepare_v2
sqlite3_finalize
sqlite3_bind_text
sqlite3_column_int
sqlite3_exec
sqlite3_changes
sqlite3_clear_bindings
sqlite3_column_type
sqlite3_bind_null
sqlite3_bind_double
sqlite3_bind_int64
sqlite3_column_double
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_column_text
sqlite3_column_int64
sqlite3_reset
sqlite3_bind_int
sqlite3_last_insert_rowid

shared

?create@t_font_description@@QBGPAUHFONT__@@XZ
?g_from_system@t_font_description@@SG?AU1@H@Z
_uPrintCrashInfo_AddEnvironmentInfo@4
_uCharUpper@4
?popup_dialog@t_font_description@@QAG_NPAUHWND__@@@Z
_uGetClipboardString@4
_uFixAmpersandChars_v2@8
_uDragQueryFile@12
_uDragQueryFileCount@4
_uSetWindowTextEx@12
_stricmp_utf8_max@12
_stricmp_utf8_ex@16
_uCharLower@4
?scale@audio_math@@YGXPBMIPAMM@Z
_uGetCommandLine@4
_LoadSystemLibrary@4
_uGetModuleHandle@4
_uSetCurrentDirectory@4
_uPrintCrashInfo_SetDumpPath@4
_uPrintCrashInfo_StartLogging@4
_uPrintCrashInfo_Init@4
_uGetCurrentDirectory@4
_uGetEnvironmentVariable@8
_uCreateFile@28
_uEvalKnownFolder@4
_uReplaceCharAdd@24
_uRemovePanicHandler@4
_uAddPanicHandler@4
_uSearchPath@16
_uFixPathCaps@8
_uCreateDirectory@8
_uGetFileAttributes@4
_uAddStringLower@12
_uAddStringUpper@12
_uBrowseForFolder@12
_uBrowseForFolderEx@12
_uGetOpenFileName@32
_uGetOpenFileNameMulti@24
_uSendDlgItemMessageText@20
_uSendMessageText@16
_uAppendMenu@16
_ModalDialog_Switch@4
_uSetClipboardString@4
?uPrintCrashInfo_Suppress@@YGXXZ
_uPrintCrashInfo_SetComponentList@4
_uMessageBox@16
_uLoadLibrary@4
_uFindFirstFile@4
_GetInfiniteWaitEvent@0
?convert_to_int32@audio_math@@YGXPBMIPAHM@Z
?convert_to_int16@audio_math@@YGXPBMIPAFM@Z
_uGetTempFileName@16
_uGetTempPath@4
_stricmp_utf8@8
_uGetModuleFileName@8
_stricmp_utf8_partial@12
_ModalDialog_PokeExisting@0
_ModalDialog_CanCreateNew@0
_PokeWindow@4
_LoadResourceEx@16
_uFileExists@4
_uShellExecute@24
_uStringCompare@8
??1uCallStackTracker@@QAE@XZ
??0uCallStackTracker@@QAE@PBD@Z
_uGetDlgItemText@12
_uSetDlgItemText@12
_FindOwningPopup@4
_uGetWindowText@8
_uExceptFilterProc@4
_uSetWindowText@8
_uPrintCrashInfo_OnEvent@8
_uBugCheck@0
?calculate_peak@audio_math@@YGMPBMI@Z
_uFormatSystemErrorMessage@8
_uGetKeyNameText@8

msvcp140

_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
_Mtx_destroy_in_situ
_Cnd_wait
_Mtx_init_in_situ
_Cnd_broadcast
_Mtx_unlock
_Mtx_lock
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Thrd_hardware_concurrency
_Thrd_id
_Thrd_join
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z

msimg32

GradientFill

oleacc

AccessibleObjectFromWindow
LresultFromObject

crypt32

CertVerifyRevocation
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertVerifyTimeValidity
CertCloseStore
CertFreeCertificateChain
CertFreeCertificateContext

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen

gdiplus

GdipFree
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipLoadImageFromStream
GdipGraphicsClear
GdipGetImageGraphicsContext
GdipDrawImageRect
GdipSetSmoothingMode
GdipSetCompositingMode
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageType
GdiplusStartup
GdipCreateBitmapFromStream
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdiplusShutdown

secur32

AcquireCredentialsHandleW
FreeContextBuffer
AcceptSecurityContext
DecryptMessage
InitializeSecurityContextW
EncryptMessage
QueryContextAttributesW
FreeCredentialsHandle
DeleteSecurityContext

vcruntime140

memchr
_except_handler3
__CxxFrameHandler3
__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
strchr
strstr
wcschr
_set_purecall_handler
strrchr
wcsstr
memcpy
memset
memmove
memcmp
_except_handler4_common
__current_exception
__current_exception_context
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

_expand
realloc
malloc
free
_aligned_malloc
_aligned_realloc
_recalloc
_aligned_free
_set_new_mode
_callnewh

api-ms-win-crt-runtime-l1-1-0

abort
_controlfp_s
terminate
_beginthreadex
_invalid_parameter_noinfo
_errno
_set_invalid_parameter_handler
_set_abort_behavior
_get_wide_winmain_command_line
signal
_register_thread_local_exe_atexit_callback
_c_exit
_exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
exit
_configure_wide_argv
_initialize_wide_environment
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

__libm_sse2_tan
__libm_sse2_sin
_fpclass
__libm_sse2_exp
llround
lround
floor
__libm_sse2_log
__setusermatherr
__libm_sse2_log10
pow
__libm_sse2_pow
ceil
lroundf
llroundf
log2

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vsprintf_s
__p__commode
__stdio_common_vsprintf
__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

wcsncmp
wcstok_s
strcpy_s
wcscpy_s
wcsnlen
wmemcpy_s
strlen
strncmp
strcmp
isalpha
_strdup
wcsncpy_s
strcat_s
wcslen

api-ms-win-crt-convert-l1-1-0

atoi
atoll
_wtoi
_atoi64

api-ms-win-crt-utility-l1-1-0

srand
rand
_byteswap_ushort
_byteswap_ulong
_byteswap_uint64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.movehcs
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
foobar2000便携助手.bat
.bat .vbs
icons/aac.ico
icons/ac3.ico
icons/aiff.ico
icons/ape.ico
icons/apl.ico
icons/asx.ico
icons/cda.ico
icons/cue.ico
icons/dll.ico
icons/dts.ico
icons/flac.ico
icons/fpl.ico
icons/fth.ico
icons/generic.ico
icons/m3u.ico
icons/m3u8.ico
icons/m4a.ico
icons/mka.ico
icons/mp2.ico
icons/mp3.ico
icons/mp4.ico
icons/mpc.ico
icons/ofr.ico
icons/ogg.ico
icons/opus.ico
icons/pls.ico
icons/shn.ico
icons/spx.ico
icons/tak.ico
icons/tta.ico
icons/wav.ico
icons/wma.ico
icons/wv.ico
msvcp140.dll
.dll windows:6 windows x86 arch:x86

da80a601d055c1908586f1fd5977dd58

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:29:aa:92:9b:31:98:78:5d:b9:25:d5:7e:fb:fc:e7:9b:ff:dd:36:e8:18:35:1d:0b:d4:c3:84:dd:03:0d:b5
Signer

Actual PE Digest

f6:29:aa:92:9b:31:98:78:5d:b9:25:d5:7e:fb:fc:e7:9b:ff:dd:36:e8:18:35:1d:0b:d4:c3:84:dd:03:0d:b5

Digest Algorithm

sha256

PE Digest Matches

true

f6:29:aa:92:9b:31:98:78:5d:b9:25:d5:7e:fb:fc:e7:9b:ff:dd:36:e8:18:35:1d:0b:d4:c3:84:dd:03:0d:b5
Signer

Actual PE Digest

f6:29:aa:92:9b:31:98:78:5d:b9:25:d5:7e:fb:fc:e7:9b:ff:dd:36:e8:18:35:1d:0b:d4:c3:84:dd:03:0d:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

Imports

vcruntime140

__std_exception_copy
__std_exception_destroy
__current_exception
__AdjustPointer
_CxxThrowException
__CxxFrameHandler3
__uncaught_exceptions
__std_type_info_destroy_list
memcpy
_except_handler4_common
memset
_purecall
__current_exception_context
__std_terminate
memmove
memchr
__uncaught_exception
memcmp

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
free
calloc
malloc

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_execute_onexit_table
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
_set_new_handler
terminate
_beginthreadex
_endthreadex
_errno
_initterm
_register_onexit_function
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-string-l1-1-0

_wcsdup
isdigit
__strncnt
wcscpy_s
isspace
isxdigit
strcspn
tolower
iswdigit
iswalnum
iswspace
iswxdigit
isupper
isalnum
wcsnlen
islower

api-ms-win-crt-locale-l1-1-0

_lock_locales
___lc_collate_cp_func
__pctype_func
localeconv
___mb_cur_max_func
___lc_locale_name_func
_unlock_locales
___lc_codepage_func
setlocale

api-ms-win-crt-stdio-l1-1-0

_fseeki64
fwrite
fsetpos
_wfsopen
setvbuf
ungetc
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
_fsopen
fseek
__stdio_common_vsprintf_s
__acrt_iob_func
ungetwc
fputwc
fgetwc
fputs
fread

api-ms-win-crt-filesystem-l1-1-0

_wchdir
_unlock_file
_wrename
_wrmdir
_wremove
_lock_file

api-ms-win-crt-time-l1-1-0

_Gettnames
_W_Getdays
_W_Getmonths
_Getmonths
_Getdays
_Wcsftime
_Strftime
_W_Gettnames

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysignf
copysign
_CIpow
ldexp
frexp
_CIlog

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

DeleteCriticalSection
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
InitializeSListHead
FindNextFileW
GetCurrentProcessId
FindFirstFileExW
FindClose
CreateFileW
TerminateProcess
GetCurrentProcess
CreateDirectoryW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetLocaleInfoEx
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
LCMapStringEx
WideCharToMultiByte
GetCPInfo
MultiByteToWideChar
CompareStringEx
RaiseException
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
InitializeSRWLock
TryAcquireSRWLockExclusive
RtlCaptureStackBackTrace
IsProcessorFeaturePresent
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
SwitchToThread
InitializeCriticalSectionEx
GetModuleHandleExW
QueryPerformanceCounter
QueryPerformanceFrequency
LeaveCriticalSection
EnterCriticalSection

ole32

CoGetObjectContext
CoGetApartmentType

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@G@std@@QAE@ABV01@@Z
??0?$_Yarn@G@std@@QAE@PBG@Z
??0?$_Yarn@G@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@ABV01@@Z
??0?$_Yarn@_W@std@@QAE@PB_W@Z
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0task_continuation_context@Concurrency@@AAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@G@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@G@std@@QAEAAV01@PBG@Z
??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z
??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@G@std@@QBEPBGXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@G@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_1.dll
.dll windows:6 windows x86 arch:x86

60906b3adc1136b7747200c4084a6dab

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:b4:2f:67:ae:d2:0d:b2:bd:64:b0:79:24:eb:02:4b:9a:60:d0:9d:39:5f:d9:9a:a3:8a:90:17:f4:f3:51:59
Signer

Actual PE Digest

c5:b4:2f:67:ae:d2:0d:b2:bd:64:b0:79:24:eb:02:4b:9a:60:d0:9d:39:5f:d9:9a:a3:8a:90:17:f4:f3:51:59

Digest Algorithm

sha256

PE Digest Matches

true

c5:b4:2f:67:ae:d2:0d:b2:bd:64:b0:79:24:eb:02:4b:9a:60:d0:9d:39:5f:d9:9a:a3:8a:90:17:f4:f3:51:59
Signer

Actual PE Digest

c5:b4:2f:67:ae:d2:0d:b2:bd:64:b0:79:24:eb:02:4b:9a:60:d0:9d:39:5f:d9:9a:a3:8a:90:17:f4:f3:51:59

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140_1.i386.pdb

Imports

msvcp140

?_Xbad_alloc@std@@YAXXZ

vcruntime140

__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
memset
_except_handler4_common
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

_aligned_free
free
_callnewh
malloc
_aligned_malloc

api-ms-win-crt-runtime-l1-1-0

_initterm
_execute_onexit_table
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit

kernel32

UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

_Aligned_get_default_resource
_Aligned_new_delete_resource
_Aligned_set_default_resource
_Unaligned_get_default_resource
_Unaligned_new_delete_resource
_Unaligned_set_default_resource
null_memory_resource

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_2.dll
.dll windows:6 windows x86 arch:x86

36df9e8fe7694384854cd914b9aceecf

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:f8:eb:d3:51:1b:6e:0e:30:6f:fa:7a:7b:19:a5:35:e9:38:70:0b:b6:15:bd:41:c3:5e:c4:78:12:3e:4a:01
Signer

Actual PE Digest

3d:f8:eb:d3:51:1b:6e:0e:30:6f:fa:7a:7b:19:a5:35:e9:38:70:0b:b6:15:bd:41:c3:5e:c4:78:12:3e:4a:01

Digest Algorithm

sha256

PE Digest Matches

true

3d:f8:eb:d3:51:1b:6e:0e:30:6f:fa:7a:7b:19:a5:35:e9:38:70:0b:b6:15:bd:41:c3:5e:c4:78:12:3e:4a:01
Signer

Actual PE Digest

3d:f8:eb:d3:51:1b:6e:0e:30:6f:fa:7a:7b:19:a5:35:e9:38:70:0b:b6:15:bd:41:c3:5e:c4:78:12:3e:4a:01

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140_2.i386.pdb

Imports

msvcp140

?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?widen@?$ctype@D@std@@QBEDD@Z
?widen@?$ctype@D@std@@QBEPBDPBD0PAD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?clear@ios_base@std@@QAEXH_N@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1facet@locale@std@@MAE@XZ
?_Addstd@ios_base@std@@SAXPAV12@@Z
??0ios_base@std@@IAE@XZ
?_Init@ios_base@std@@IAEXXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
??0facet@locale@std@@IAE@I@Z
??Bid@locale@std@@QAEIXZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?uncaught_exceptions@std@@YAHXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Lockit@std@@QAE@XZ
??1ios_base@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memchr
memcmp
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_invalid_parameter_noinfo_noreturn
_errno
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm

api-ms-win-crt-math-l1-1-0

_dclass
_fdclass
ceil
floor
_CIsin
_CIpow
log1p
_CItan
frexp
expm1
_CIsqrt
_CIatan
_CIcos
_CIcosh
_CIexp
ldexp
_CIfmod
_CIlog
_CIsinh

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

strcspn

api-ms-win-crt-locale-l1-1-0

localeconv

kernel32

DisableThreadLibraryCalls
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

Exports

Exports

___std_smf_assoc_laguerre@16
___std_smf_assoc_laguerref@12
___std_smf_assoc_legendre@16
___std_smf_assoc_legendref@12
___std_smf_beta@16
___std_smf_betaf@8
___std_smf_comp_ellint_1@8
___std_smf_comp_ellint_1f@4
___std_smf_comp_ellint_2@8
___std_smf_comp_ellint_2f@4
___std_smf_comp_ellint_3@16
___std_smf_comp_ellint_3f@8
___std_smf_cyl_bessel_i@16
___std_smf_cyl_bessel_if@8
___std_smf_cyl_bessel_j@16
___std_smf_cyl_bessel_jf@8
___std_smf_cyl_bessel_k@16
___std_smf_cyl_bessel_kf@8
___std_smf_cyl_neumann@16
___std_smf_cyl_neumannf@8
___std_smf_ellint_1@16
___std_smf_ellint_1f@8
___std_smf_ellint_2@16
___std_smf_ellint_2f@8
___std_smf_ellint_3@24
___std_smf_ellint_3f@12
___std_smf_expint@8
___std_smf_expintf@4
___std_smf_hermite@12
___std_smf_hermitef@8
___std_smf_hypot3@24
___std_smf_hypot3f@12
___std_smf_laguerre@12
___std_smf_laguerref@8
___std_smf_legendre@12
___std_smf_legendref@8
___std_smf_riemann_zeta@8
___std_smf_riemann_zetaf@4
___std_smf_sph_bessel@12
___std_smf_sph_besself@8
___std_smf_sph_legendre@16
___std_smf_sph_legendref@12
___std_smf_sph_neumann@12
___std_smf_sph_neumannf@8

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_atomic_wait.dll
.dll windows:6 windows x86 arch:x86

aca8386535c18887c5f9da92f8058db9

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:4e:a2:31:bb:c0:97:41:37:76:23:0d:e0:47:62:b3:33:c7:31:29:fe:30:0f:1c:57:03:9c:c9:83:0a:c6:45
Signer

Actual PE Digest

50:4e:a2:31:bb:c0:97:41:37:76:23:0d:e0:47:62:b3:33:c7:31:29:fe:30:0f:1c:57:03:9c:c9:83:0a:c6:45

Digest Algorithm

sha256

PE Digest Matches

true

50:4e:a2:31:bb:c0:97:41:37:76:23:0d:e0:47:62:b3:33:c7:31:29:fe:30:0f:1c:57:03:9c:c9:83:0a:c6:45
Signer

Actual PE Digest

50:4e:a2:31:bb:c0:97:41:37:76:23:0d:e0:47:62:b3:33:c7:31:29:fe:30:0f:1c:57:03:9c:c9:83:0a:c6:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140_atomic_wait.i386.pdb

Imports

msvcp140

??0_Init_locks@std@@QAE@XZ
??1_Init_locks@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
_Thrd_hardware_concurrency

vcruntime140

_CxxThrowException
__CxxFrameHandler3
__std_terminate
memset
_except_handler4_common
__std_type_info_destroy_list
__std_exception_copy
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_register_onexit_function
abort

api-ms-win-crt-heap-l1-1-0

free
calloc
_callnewh
malloc

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
AreFileApisANSI
GetSystemTimeAsFileTime
InitializeSListHead
WaitForThreadpoolWorkCallbacks
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetTickCount64
GetModuleHandleW
GetProcAddress
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetLastError
SetLastError
LoadLibraryExW
DisableThreadLibraryCalls

Exports

Exports

__std_acquire_shared_mutex_for_instance
__std_atomic_compare_exchange_128
__std_atomic_get_mutex
__std_atomic_has_cmpxchg16b
__std_atomic_notify_all_direct
__std_atomic_notify_all_indirect
__std_atomic_notify_one_direct
__std_atomic_notify_one_indirect
__std_atomic_set_api_level
__std_atomic_wait_direct
__std_atomic_wait_get_deadline
__std_atomic_wait_get_remaining_timeout
__std_atomic_wait_indirect
__std_bulk_submit_threadpool_work
__std_calloc_crt
__std_close_threadpool_work
__std_create_threadpool_work
__std_execution_wait_on_uchar
__std_execution_wake_by_address_all
__std_free_crt
__std_parallel_algorithms_hw_threads
__std_release_shared_mutex_for_instance
__std_submit_threadpool_work
__std_tzdb_delete_current_zone
__std_tzdb_delete_leap_seconds
__std_tzdb_delete_sys_info
__std_tzdb_delete_time_zones
__std_tzdb_get_current_zone
__std_tzdb_get_leap_seconds
__std_tzdb_get_sys_info
__std_tzdb_get_time_zones
__std_wait_for_threadpool_work_callbacks

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140_codecvt_ids.dll
.dll windows:6 windows x86 arch:x86

72e793c2d219d77e6e25707a25ef03fb

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:31:1a:d2:aa:42:98:8f:16:5c:94:03:4e:cd:a8:5e:98:10:b6:c6:62:65:f6:52:74:ad:83:34:b9:7e:6e:5a
Signer

Actual PE Digest

17:31:1a:d2:aa:42:98:8f:16:5c:94:03:4e:cd:a8:5e:98:10:b6:c6:62:65:f6:52:74:ad:83:34:b9:7e:6e:5a

Digest Algorithm

sha256

PE Digest Matches

true

17:31:1a:d2:aa:42:98:8f:16:5c:94:03:4e:cd:a8:5e:98:10:b6:c6:62:65:f6:52:74:ad:83:34:b9:7e:6e:5a
Signer

Actual PE Digest

17:31:1a:d2:aa:42:98:8f:16:5c:94:03:4e:cd:a8:5e:98:10:b6:c6:62:65:f6:52:74:ad:83:34:b9:7e:6e:5a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140_codecvt_ids.i386.pdb

Imports

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
DisableThreadLibraryCalls
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead

Exports

Exports

?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_S_QU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_UDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@_U_QU_Mbstatet@@@std@@2V0locale@2@A

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
runtime/API-MS-Win-core-xstate-l2-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:75:2d:60:7e:bb:0b:c6:8c:e9:b3:ff:1b:76:e4:66:eb:bb:98:a9:a9:a4:72:8d:08:b9:65:a3:0e:90:85:3c
Signer

Actual PE Digest

57:75:2d:60:7e:bb:0b:c6:8c:e9:b3:ff:1b:76:e4:66:eb:bb:98:a9:a9:a4:72:8d:08:b9:65:a3:0e:90:85:3c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-xstate-l2-1-0.pdb

Exports

Exports

CopyContext
GetEnabledXStateFeatures
GetXStateFeaturesMask
InitializeContext
LocateXStateFeature
SetXStateFeaturesMask

Sections

.text
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-console-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:2a:e6:7b:25:a7:80:29:c2:f8:d1:2b:de:7c:ca:29:7a:82:d9:a2:cb:8f:b5:56:80:3d:92:3a:2d:da:e8:65
Signer

Actual PE Digest

a3:2a:e6:7b:25:a7:80:29:c2:f8:d1:2b:de:7c:ca:29:7a:82:d9:a2:cb:8f:b5:56:80:3d:92:3a:2d:da:e8:65

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

Exports

AllocConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-console-l1-2-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:20:19:c2:7e:5a:b6:e4:e0:3f:97:ec:48:05:69:2f:00:ac:d0:52:2e:56:c0:0b:59:84:01:dc:28:af:e8:1f
Signer

Actual PE Digest

f6:20:19:c2:7e:5a:b6:e4:e0:3f:97:ec:48:05:69:2f:00:ac:d0:52:2e:56:c0:0b:59:84:01:dc:28:af:e8:1f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-2-0.pdb

Exports

Exports

AllocConsole
AttachConsole
FreeConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
PeekConsoleInputW
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-datetime-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:36:05:4d:b2:ef:a2:3f:d2:72:d0:80:b3:56:30:c1:22:04:43:18:07:f0:ce:d8:56:7d:28:fd:ea:af:2f:8c
Signer

Actual PE Digest

c6:36:05:4d:b2:ef:a2:3f:d2:72:d0:80:b3:56:30:c1:22:04:43:18:07:f0:ce:d8:56:7d:28:fd:ea:af:2f:8c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-datetime-l1-1-0.pdb

Exports

Exports

GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW

Sections

.text
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-debug-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:2e:c0:9f:8e:e1:14:dc:3b:01:2b:5b:be:f8:7d:a4:79:ef:0d:29:3f:bb:40:c0:8e:6c:ad:41:94:9a:d8:47
Signer

Actual PE Digest

25:2e:c0:9f:8e:e1:14:dc:3b:01:2b:5b:be:f8:7d:a4:79:ef:0d:29:3f:bb:40:c0:8e:6c:ad:41:94:9a:d8:47

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-debug-l1-1-0.pdb

Exports

Exports

DebugBreak
IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW

Sections

.text
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-errorhandling-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:44:4d:24:fe:b3:f5:3c:14:9b:b7:2c:42:2e:3e:df:5b:36:d7:92:72:5a:4e:13:6b:4e:57:6a:06:30:6f:c7
Signer

Actual PE Digest

ca:44:4d:24:fe:b3:f5:3c:14:9b:b7:2c:42:2e:3e:df:5b:36:d7:92:72:5a:4e:13:6b:4e:57:6a:06:30:6f:c7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-errorhandling-l1-1-0.pdb

Exports

Exports

GetErrorMode
GetLastError
RaiseException
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Sections

.text
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:5a:ce:e3:4f:b4:fe:af:1c:ee:5a:e5:69:16:90:63:68:45:40:2a:32:65:39:0f:b3:cc:aa:89:61:42:94:29
Signer

Actual PE Digest

8d:5a:ce:e3:4f:b4:fe:af:1c:ee:5a:e5:69:16:90:63:68:45:40:2a:32:65:39:0f:b3:cc:aa:89:61:42:94:29

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-1-0.pdb

Exports

Exports

CompareFileTime
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DefineDosDeviceW
DeleteFileA
DeleteFileW
DeleteVolumeMountPointW
FileTimeToLocalFileTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleA
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetLogicalDriveStringsW
GetLogicalDrives
GetLongPathNameA
GetLongPathNameW
GetShortPathNameW
GetTempFileNameW
GetVolumeInformationByHandleW
GetVolumeInformationW
GetVolumePathNameW
LocalFileTimeToFileTime
LockFile
LockFileEx
QueryDosDeviceW
ReadFile
ReadFileEx
ReadFileScatter
RemoveDirectoryA
RemoveDirectoryW
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
WriteFileGather

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l1-2-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:b5:f8:71:ec:b7:37:3f:b8:80:da:15:cd:2b:cc:55:dc:20:cc:2c:31:e8:21:24:45:f8:2c:c6:93:d4:32:de
Signer

Actual PE Digest

b2:b5:f8:71:ec:b7:37:3f:b8:80:da:15:cd:2b:cc:55:dc:20:cc:2c:31:e8:21:24:45:f8:2c:c6:93:d4:32:de

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l1-2-0.pdb

Exports

Exports

CreateFile2
GetTempPathW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW

Sections

.text
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-file-l2-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:8d:a1:57:74:14:17:5f:d8:41:41:cf:5e:14:76:11:07:b7:c3:2d:f5:6a:db:3b:e9:ee:eb:7e:ba:8c:54:03
Signer

Actual PE Digest

e4:8d:a1:57:74:14:17:5f:d8:41:41:cf:5e:14:76:11:07:b7:c3:2d:f5:6a:db:3b:e9:ee:eb:7e:ba:8c:54:03

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-file-l2-1-0.pdb

Exports

Exports

CopyFile2
CopyFileExW
CreateDirectoryExW
CreateHardLinkW
CreateSymbolicLinkW
GetFileInformationByHandleEx
MoveFileExW
MoveFileWithProgressW
ReOpenFile
ReadDirectoryChangesW
ReplaceFileW

Sections

.text
Size: 1024B - Virtual size: 941B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-handle-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:a3:43:f3:4a:33:31:d9:fd:a0:a4:e7:56:4a:34:80:39:c9:71:fa:18:24:36:68:28:3c:d3:e3:e6:e5:25:5a
Signer

Actual PE Digest

2e:a3:43:f3:4a:33:31:d9:fd:a0:a4:e7:56:4a:34:80:39:c9:71:fa:18:24:36:68:28:3c:d3:e3:e6:e5:25:5a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-handle-l1-1-0.pdb

Exports

Exports

CloseHandle
CompareObjectHandles
DuplicateHandle
GetHandleInformation
SetHandleInformation

Sections

.text
Size: 1024B - Virtual size: 639B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-heap-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:30:e4:e9:dd:d8:a7:71:9e:82:97:a4:01:c2:ee:7d:89:10:5c:f7:e2:4c:b7:08:0e:6d:1a:aa:e1:c7:e9:87
Signer

Actual PE Digest

05:30:e4:e9:dd:d8:a7:71:9e:82:97:a4:01:c2:ee:7d:89:10:5c:f7:e2:4c:b7:08:0e:6d:1a:aa:e1:c7:e9:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-heap-l1-1-0.pdb

Exports

Exports

GetProcessHeap
GetProcessHeaps
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
HeapSummary
HeapUnlock
HeapValidate
HeapWalk

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-interlocked-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:1e:7b:14:cf:78:d2:27:6a:80:36:36:5a:87:d9:d2:33:14:68:5b:c5:d9:45:e8:11:fa:9a:f6:2e:35:ce:0f
Signer

Actual PE Digest

0a:1e:7b:14:cf:78:d2:27:6a:80:36:36:5a:87:d9:d2:33:14:68:5b:c5:d9:45:e8:11:fa:9a:f6:2e:35:ce:0f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-interlocked-l1-1-0.pdb

Exports

Exports

InitializeSListHead
InterlockedCompareExchange
InterlockedCompareExchange64
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedFlushSList
InterlockedIncrement
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedPushListSList
QueryDepthSList

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-libraryloader-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:49:09:18:1f:a0:c6:f0:f8:a5:95:e3:af:b9:e4:e3:27:ac:d9:76:92:bd:49:79:97:77:60:3a:37:40:7b:92
Signer

Actual PE Digest

ad:49:09:18:1f:a0:c6:f0:f8:a5:95:e3:af:b9:e4:e3:27:ac:d9:76:92:bd:49:79:97:77:60:3a:37:40:7b:92

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-libraryloader-l1-1-0.pdb

Exports

Exports

AddDllDirectory
DisableThreadLibraryCalls
FindResourceExW
FindStringOrdinal
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
LoadLibraryExA
LoadLibraryExW
LoadResource
LoadStringA
LoadStringW
LockResource
RemoveDllDirectory
SetDefaultDllDirectories
SizeofResource

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-localization-l1-2-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:1a:1d:9f:c8:9c:ec:1f:d8:bc:98:b6:ae:f8:cb:2b:ce:3f:6c:ce:98:e6:94:95:45:7f:f8:73:e1:5c:6c:e0
Signer

Actual PE Digest

dc:1a:1d:9f:c8:9c:ec:1f:d8:bc:98:b6:ae:f8:cb:2b:ce:3f:6c:ce:98:e6:94:95:45:7f:f8:73:e1:5c:6c:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-localization-l1-2-0.pdb

Exports

Exports

ConvertDefaultLocale
EnumSystemGeoID
EnumSystemLocalesA
EnumSystemLocalesW
FindNLSString
FindNLSStringEx
FormatMessageA
FormatMessageW
GetACP
GetCPInfo
GetCPInfoExW
GetCalendarInfoEx
GetCalendarInfoW
GetFileMUIInfo
GetFileMUIPath
GetGeoInfoW
GetLocaleInfoA
GetLocaleInfoEx
GetLocaleInfoW
GetNLSVersion
GetNLSVersionEx
GetOEMCP
GetProcessPreferredUILanguages
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemPreferredUILanguages
GetThreadLocale
GetThreadPreferredUILanguages
GetThreadUILanguage
GetUILanguageInfo
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetUserGeoID
GetUserPreferredUILanguages
IdnToAscii
IdnToUnicode
IsDBCSLeadByte
IsDBCSLeadByteEx
IsNLSDefinedString
IsValidCodePage
IsValidLanguageGroup
IsValidLocale
IsValidLocaleName
IsValidNLSVersion
LCMapStringA
LCMapStringEx
LCMapStringW
LocaleNameToLCID
ResolveLocaleName
SetCalendarInfoW
SetLocaleInfoW
SetProcessPreferredUILanguages
SetThreadLocale
SetThreadPreferredUILanguages
SetThreadUILanguage
SetUserGeoID
VerLanguageNameA
VerLanguageNameW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-memory-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:eb:a2:12:ed:5c:14:1f:a9:7b:9c:28:91:70:00:08:76:b4:8d:ff:83:8a:ce:a7:4a:41:ae:f6:4e:0b:1d:d6
Signer

Actual PE Digest

1e:eb:a2:12:ed:5c:14:1f:a9:7b:9c:28:91:70:00:08:76:b4:8d:ff:83:8a:ce:a7:4a:41:ae:f6:4e:0b:1d:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-memory-l1-1-0.pdb

Exports

Exports

CreateFileMappingW
FlushViewOfFile
MapViewOfFile
MapViewOfFileEx
OpenFileMappingW
ReadProcessMemory
UnmapViewOfFile
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WriteProcessMemory

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-namedpipe-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:e7:1b:bc:c0:6a:38:6b:13:6f:99:dd:a5:3d:24:75:1d:09:2a:ec:19:6a:ce:d2:b8:6a:8d:b5:52:2f:a8:86
Signer

Actual PE Digest

b4:e7:1b:bc:c0:6a:38:6b:13:6f:99:dd:a5:3d:24:75:1d:09:2a:ec:19:6a:ce:d2:b8:6a:8d:b5:52:2f:a8:86

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-namedpipe-l1-1-0.pdb

Exports

Exports

ConnectNamedPipe
CreateNamedPipeW
CreatePipe
DisconnectNamedPipe
GetNamedPipeClientComputerNameW
ImpersonateNamedPipeClient
PeekNamedPipe
SetNamedPipeHandleState
TransactNamedPipe
WaitNamedPipeW

Sections

.text
Size: 1024B - Virtual size: 949B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processenvironment-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:23:75:cd:41:94:d4:a7:bb:ab:e8:64:ca:f8:8d:ba:e4:91:58:f3:bb:81:e7:5c:ae:de:97:bc:00:52:df:8f
Signer

Actual PE Digest

38:23:75:cd:41:94:d4:a7:bb:ab:e8:64:ca:f8:8d:ba:e4:91:58:f3:bb:81:e7:5c:ae:de:97:bc:00:52:df:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processenvironment-l1-1-0.pdb

Exports

Exports

ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStdHandle
SearchPathW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
SetStdHandleEx

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processthreads-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:da:85:58:43:c7:28:a1:36:4c:20:ff:3c:b6:55:32:3d:21:48:fe:5f:f2:f2:5a:35:ae:77:64:c7:8c:18:e6
Signer

Actual PE Digest

cf:da:85:58:43:c7:28:a1:36:4c:20:ff:3c:b6:55:32:3d:21:48:fe:5f:f2:f2:5a:35:ae:77:64:c7:8c:18:e6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-0.pdb

Exports

Exports

CreateProcessA
CreateProcessAsUserW
CreateProcessW
CreateRemoteThread
CreateRemoteThreadEx
CreateThread
DeleteProcThreadAttributeList
ExitProcess
ExitThread
FlushProcessWriteBuffers
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetPriorityClass
GetProcessId
GetProcessIdOfThread
GetProcessTimes
GetProcessVersion
GetStartupInfoW
GetThreadId
GetThreadPriority
GetThreadPriorityBoost
InitializeProcThreadAttributeList
OpenProcessToken
OpenThread
OpenThreadToken
ProcessIdToSessionId
QueryProcessAffinityUpdateMode
QueueUserAPC
ResumeThread
SetPriorityClass
SetProcessAffinityUpdateMode
SetProcessShutdownParameters
SetThreadPriority
SetThreadPriorityBoost
SetThreadStackGuarantee
SetThreadToken
SuspendThread
SwitchToThread
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UpdateProcThreadAttribute

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-processthreads-l1-1-1.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:2f:de:b3:34:f0:67:7e:6e:47:f2:42:30:5c:70:97:95:da:85:6a:e0:10:15:94:61:b2:cc:fb:ca:85:cf:2c
Signer

Actual PE Digest

c2:2f:de:b3:34:f0:67:7e:6e:47:f2:42:30:5c:70:97:95:da:85:6a:e0:10:15:94:61:b2:cc:fb:ca:85:cf:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-processthreads-l1-1-1.pdb

Exports

Exports

FlushInstructionCache
GetCurrentProcessorNumber
GetCurrentProcessorNumberEx
GetCurrentThreadStackLimits
GetProcessHandleCount
GetProcessMitigationPolicy
GetThreadContext
GetThreadIdealProcessorEx
GetThreadTimes
IsProcessorFeaturePresent
OpenProcess
SetProcessMitigationPolicy
SetThreadContext
SetThreadIdealProcessorEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-profile-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:28:f7:d1:5c:ea:51:82:73:f7:f7:a3:49:06:a1:52:9b:98:d0:46:e0:e1:73:62:67:c4:e6:1d:e8:41:ab:dd
Signer

Actual PE Digest

13:28:f7:d1:5c:ea:51:82:73:f7:f7:a3:49:06:a1:52:9b:98:d0:46:e0:e1:73:62:67:c4:e6:1d:e8:41:ab:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-profile-l1-1-0.pdb

Exports

Exports

QueryPerformanceCounter
QueryPerformanceFrequency

Sections

.text
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-rtlsupport-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

40:6d:e7:cc:5e:fa:d2:24:76:74:80:1b:59:a2:88:73:71:df:b3:f0:c8:85:4a:8f:e6:bd:fa:0a:49:f8:8b:ac
Signer

Actual PE Digest

40:6d:e7:cc:5e:fa:d2:24:76:74:80:1b:59:a2:88:73:71:df:b3:f0:c8:85:4a:8f:e6:bd:fa:0a:49:f8:8b:ac

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-rtlsupport-l1-1-0.pdb

Exports

Exports

RtlCaptureContext
RtlCaptureStackBackTrace
RtlUnwind

Sections

.text
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-string-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:81:46:19:72:b8:bf:9c:cb:25:66:7f:f3:b2:c5:ce:63:99:7e:c3:dd:b6:20:69:9c:7b:51:6c:05:53:6f:13
Signer

Actual PE Digest

85:81:46:19:72:b8:bf:9c:cb:25:66:7f:f3:b2:c5:ce:63:99:7e:c3:dd:b6:20:69:9c:7b:51:6c:05:53:6f:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

Exports

CompareStringEx
CompareStringOrdinal
CompareStringW
FoldStringW
GetStringTypeExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

Sections

.text
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-synch-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:3f:26:bf:65:fd:c6:28:ff:e1:6f:22:a0:a1:9e:e6:cc:ae:1a:e3:d7:33:7c:78:7c:d6:b5:33:f9:07:3f:ff
Signer

Actual PE Digest

6a:3f:26:bf:65:fd:c6:28:ff:e1:6f:22:a0:a1:9e:e6:cc:ae:1a:e3:d7:33:7c:78:7c:d6:b5:33:f9:07:3f:ff

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-1-0.pdb

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
CancelWaitableTimer
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateSemaphoreExW
CreateWaitableTimerExW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
LeaveCriticalSection
OpenEventA
OpenEventW
OpenMutexW
OpenSemaphoreW
OpenWaitableTimerW
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
SetCriticalSectionSpinCount
SetEvent
SetWaitableTimer
SetWaitableTimerEx
SleepEx
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-synch-l1-2-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:6e:f3:4b:ac:95:e7:5f:b7:e1:e3:48:ed:95:42:1e:1d:5b:a9:bf:46:be:6f:50:67:63:01:44:ec:d3:5f:96
Signer

Actual PE Digest

bf:6e:f3:4b:ac:95:e7:5f:b7:e1:e3:48:ed:95:42:1e:1d:5b:a9:bf:46:be:6f:50:67:63:01:44:ec:d3:5f:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-synch-l1-2-0.pdb

Exports

Exports

DeleteSynchronizationBarrier
EnterSynchronizationBarrier
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitOnceInitialize
InitializeConditionVariable
InitializeSynchronizationBarrier
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
WaitOnAddress
WakeAllConditionVariable
WakeByAddressAll
WakeByAddressSingle
WakeConditionVariable

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-sysinfo-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:90:57:16:30:dc:d2:bb:ea:1d:f2:18:9a:e1:11:fd:d2:ca:8d:02:c7:51:cf:9f:4c:27:6e:f7:17:7a:51:c8
Signer

Actual PE Digest

0e:90:57:16:30:dc:d2:bb:ea:1d:f2:18:9a:e1:11:fd:d2:ca:8d:02:c7:51:cf:9f:4c:27:6e:f7:17:7a:51:c8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-sysinfo-l1-1-0.pdb

Exports

Exports

GetComputerNameExA
GetComputerNameExW
GetLocalTime
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetTickCount
GetTickCount64
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalMemoryStatusEx
SetLocalTime

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-timezone-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:81:1b:27:c5:cf:48:15:9d:e9:e7:b7:0e:ef:11:42:2a:8e:c8:13:5c:cc:d3:a2:20:9c:fb:02:e9:fc:49:67
Signer

Actual PE Digest

09:81:1b:27:c5:cf:48:15:9d:e9:e7:b7:0e:ef:11:42:2a:8e:c8:13:5c:cc:d3:a2:20:9c:fb:02:e9:fc:49:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-timezone-l1-1-0.pdb

Exports

Exports

EnumDynamicTimeZoneInformation
FileTimeToSystemTime
GetDynamicTimeZoneInformation
GetDynamicTimeZoneInformationEffectiveYears
GetTimeZoneInformation
GetTimeZoneInformationForYear
SetDynamicTimeZoneInformation
SetTimeZoneInformation
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
SystemTimeToTzSpecificLocalTimeEx
TzSpecificLocalTimeToSystemTime
TzSpecificLocalTimeToSystemTimeEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-core-util-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a7:0f:d1:f5:c4:f7:23:1a:47:7e:85:0f:43:d8:72:dd:eb:8d:17:a3:7e:8f:36:5d:f5:ee:ae:81:c6:40:0f:e3
Signer

Actual PE Digest

a7:0f:d1:f5:c4:f7:23:1a:47:7e:85:0f:43:d8:72:dd:eb:8d:17:a3:7e:8f:36:5d:f5:ee:ae:81:c6:40:0f:e3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-util-l1-1-0.pdb

Exports

Exports

Beep
DecodePointer
DecodeSystemPointer
EncodePointer
EncodeSystemPointer

Sections

.text
Size: 1024B - Virtual size: 601B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-conio-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:7d:92:37:f7:38:86:aa:da:77:54:e2:18:5e:a0:75:3d:5d:2c:8a:f4:68:e1:dd:45:2c:90:89:38:d9:ea:c8
Signer

Actual PE Digest

c5:7d:92:37:f7:38:86:aa:da:77:54:e2:18:5e:a0:75:3d:5d:2c:8a:f4:68:e1:dd:45:2c:90:89:38:d9:ea:c8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-conio-l1-1-0.pdb

Exports

Exports

__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
_cgets
_cgets_s
_cgetws
_cgetws_s
_cputs
_cputws
_getch
_getch_nolock
_getche
_getche_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_putch
_putch_nolock
_putwch
_putwch_nolock
_ungetch
_ungetch_nolock
_ungetwch
_ungetwch_nolock

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-convert-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:de:47:2b:c6:5d:6b:9b:f4:dc:4c:0a:89:47:ae:51:9a:17:bb:b6:0a:0b:9a:d1:ad:0f:ba:df:c1:48:d0:2e
Signer

Actual PE Digest

96:de:47:2b:c6:5d:6b:9b:f4:dc:4c:0a:89:47:ae:51:9a:17:bb:b6:0a:0b:9a:d1:ad:0f:ba:df:c1:48:d0:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-convert-l1-1-0.pdb

Exports

Exports

__toascii
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_ecvt
_ecvt_s
_fcvt
_fcvt_s
_gcvt
_gcvt_s
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_itoa
_itoa_s
_itow
_itow_s
_ltoa
_ltoa_s
_ltow
_ltow_s
_strtod_l
_strtof_l
_strtoi64
_strtoi64_l
_strtoimax_l
_strtol_l
_strtold_l
_strtoll_l
_strtoui64
_strtoui64_l
_strtoul_l
_strtoull_l
_strtoumax_l
_ui64toa
_ui64toa_s
_ui64tow
_ui64tow_s
_ultoa
_ultoa_s
_ultow
_ultow_s
_wcstod_l
_wcstof_l
_wcstoi64
_wcstoi64_l
_wcstoimax_l
_wcstol_l
_wcstold_l
_wcstoll_l
_wcstombs_l
_wcstombs_s_l
_wcstoui64
_wcstoui64_l
_wcstoul_l
_wcstoull_l
_wcstoumax_l
_wctomb_l
_wctomb_s_l
_wtof
_wtof_l
_wtoi
_wtoi64
_wtoi64_l
_wtoi_l
_wtol
_wtol_l
_wtoll
_wtoll_l
atof
atoi
atol
atoll
btowc
c16rtomb
c32rtomb
mbrtoc16
mbrtoc32
mbrtowc
mbsrtowcs
mbsrtowcs_s
mbstowcs
mbstowcs_s
mbtowc
strtod
strtof
strtoimax
strtol
strtold
strtoll
strtoul
strtoull
strtoumax
wcrtomb
wcrtomb_s
wcsrtombs
wcsrtombs_s
wcstod
wcstof
wcstoimax
wcstol
wcstold
wcstoll
wcstombs
wcstombs_s
wcstoul
wcstoull
wcstoumax
wctob
wctomb
wctomb_s
wctrans

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-environment-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:f9:85:f8:8a:30:91:62:f3:6d:1a:24:6e:0d:1b:ed:2a:31:27:ab:e0:e5:18:8c:97:5c:fc:28:c9:6e:f3:cf
Signer

Actual PE Digest

44:f9:85:f8:8a:30:91:62:f3:6d:1a:24:6e:0d:1b:ed:2a:31:27:ab:e0:e5:18:8c:97:5c:fc:28:c9:6e:f3:cf

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-environment-l1-1-0.pdb

Exports

Exports

__p__environ
__p__wenviron
_dupenv_s
_putenv
_putenv_s
_searchenv
_searchenv_s
_wdupenv_s
_wgetcwd
_wgetdcwd
_wgetenv
_wgetenv_s
_wputenv
_wputenv_s
_wsearchenv
_wsearchenv_s
getenv
getenv_s

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-filesystem-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:8c:ac:36:fc:e9:2b:30:7f:dd:ac:3f:f1:80:3b:b5:a8:e7:1c:43:37:05:d5:8f:a1:1e:5d:03:68:70:0c:1c
Signer

Actual PE Digest

e2:8c:ac:36:fc:e9:2b:30:7f:dd:ac:3f:f1:80:3b:b5:a8:e7:1c:43:37:05:d5:8f:a1:1e:5d:03:68:70:0c:1c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-filesystem-l1-1-0.pdb

Exports

Exports

_access
_access_s
_chdir
_chdrive
_chmod
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_fullpath
_getdiskfree
_getdrive
_getdrives
_lock_file
_makepath
_makepath_s
_mkdir
_rmdir
_splitpath
_splitpath_s
_stat32
_stat32i64
_stat64
_stat64i32
_umask
_umask_s
_unlink
_unlock_file
_waccess
_waccess_s
_wchdir
_wchmod
_wfindfirst32
_wfindfirst32i64
_wfindfirst64
_wfindfirst64i32
_wfindnext32
_wfindnext32i64
_wfindnext64
_wfindnext64i32
_wfullpath
_wmakepath
_wmakepath_s
_wmkdir
_wremove
_wrename
_wrmdir
_wsplitpath
_wsplitpath_s
_wstat32
_wstat32i64
_wstat64
_wstat64i32
_wunlink
remove
rename

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-heap-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:67:ef:f1:b4:c6:de:53:3d:34:53:b1:33:34:13:27:f8:b8:85:fc:31:57:65:da:8f:fb:c4:5d:a5:33:2d:82
Signer

Actual PE Digest

e1:67:ef:f1:b4:c6:de:53:3d:34:53:b1:33:34:13:27:f8:b8:85:fc:31:57:65:da:8f:fb:c4:5d:a5:33:2d:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-heap-l1-1-0.pdb

Exports

Exports

_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_callnewh
_calloc_base
_expand
_free_base
_get_heap_handle
_heapchk
_heapmin
_heapwalk
_malloc_base
_msize
_query_new_handler
_query_new_mode
_realloc_base
_recalloc
_set_new_mode
calloc
free
malloc
realloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-locale-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:41:cb:31:2b:c6:8c:55:08:3e:f0:b0:a0:a8:91:4b:35:1a:24:9d:29:f0:2c:2d:88:1e:f4:fe:4a:df:4d:78
Signer

Actual PE Digest

ff:41:cb:31:2b:c6:8c:55:08:3e:f0:b0:a0:a8:91:4b:35:1a:24:9d:29:f0:2c:2d:88:1e:f4:fe:4a:df:4d:78

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-locale-l1-1-0.pdb

Exports

Exports

___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__initialize_lconv_for_unsigned_char
__pctype_func
__pwctype_func
_configthreadlocale
_create_locale
_free_locale
_get_current_locale
_getmbcp
_lock_locales
_setmbcp
_unlock_locales
_wcreate_locale
_wsetlocale
localeconv
setlocale

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-math-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:03:8d:23:ef:27:f7:6c:81:60:75:5a:92:84:1d:16:94:9f:19:31:94:88:e4:87:ba:59:94:d5:b7:22:e8:09
Signer

Actual PE Digest

95:03:8d:23:ef:27:f7:6c:81:60:75:5a:92:84:1d:16:94:9f:19:31:94:88:e4:87:ba:59:94:d5:b7:22:e8:09

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-math-l1-1-0.pdb

Exports

Exports

_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_Cbuild
_Cmulcc
_Cmulcr
_FCbuild
_FCmulcc
_FCmulcr
_LCbuild
_LCmulcc
_LCmulcr
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__setusermatherr
_cabs
_chgsign
_chgsignf
_copysign
_copysignf
_d_int
_dclass
_dexp
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_except1
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_finite
_fpclass
_ftol
_hypot
_hypotf
_isnan
_j0
_j1
_jn
_ld_int
_ldclass
_ldexp
_ldlog
_ldpcomp
_ldpoly
_ldscale
_ldsign
_ldsin
_ldtest
_ldunscale
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
_logb
_nextafter
_scalb
_set_SSE2_enable
_y0
_y1
_yn
acos
acosh
acoshf
acoshl
asin
asinh
asinhf
asinhl
atan
atan2
atanh
atanhf
atanhl
cabs
cabsf
cabsl
cacos
cacosf
cacosh
cacoshf
cacoshl
cacosl
carg
cargf
cargl
casin
casinf
casinh
casinhf
casinhl
casinl
catan
catanf
catanh
catanhf
catanhl
catanl
cbrt
cbrtf
cbrtl
ccos
ccosf
ccosh
ccoshf
ccoshl
ccosl
ceil
cexp
cexpf
cexpl
cimag
cimagf
cimagl
clog
clog10
clog10f
clog10l
clogf
clogl
conj
conjf
conjl
copysign
copysignf
copysignl
cos
cosh
cpow
cpowf
cpowl
cproj
cprojf
cprojl
creal
crealf
creall
csin
csinf
csinh
csinhf
csinhl
csinl
csqrt
csqrtf
csqrtl
ctan
ctanf
ctanh
ctanhf
ctanhl
ctanl
erf
erfc
erfcf
erfcl
erff
erfl
exp
exp2
exp2f
exp2l
expm1
expm1f
expm1l
fabs
fdim
fdimf
fdiml
floor
fma
fmaf
fmal
fmax
fmaxf
fmaxl
fmin
fminf
fminl
fmod
frexp
hypot
ilogb
ilogbf
ilogbl
ldexp
lgamma
lgammaf
lgammal
llrint
llrintf
llrintl
llround
llroundf
llroundl
log
log10
log1p
log1pf
log1pl
log2
log2f
log2l
logb
logbf
logbl
lrint
lrintf
lrintl
lround
lroundf
lroundl
modf
nan
nanf
nanl
nearbyint
nearbyintf
nearbyintl
nextafter
nextafterf
nextafterl
nexttoward
nexttowardf
nexttowardl
norm
normf
norml
pow
powf
remainder
remainderf
remainderl
remquo
remquof
remquol
rint
rintf
rintl
round
roundf
roundl
scalbln
scalblnf
scalblnl
scalbn
scalbnf
scalbnl
sin
sinh
sqrt
tan
tanh
tgamma
tgammaf
tgammal
trunc
truncf
truncl

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-multibyte-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:3f:b1:55:ef:49:47:ae:51:9b:f6:2f:ff:d5:09:28:2c:b4:b4:6d:eb:72:a2:00:99:c6:d1:94:62:20:79:ed
Signer

Actual PE Digest

9b:3f:b1:55:ef:49:47:ae:51:9b:f6:2f:ff:d5:09:28:2c:b4:b4:6d:eb:72:a2:00:99:c6:d1:94:62:20:79:ed

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-multibyte-l1-1-0.pdb

Exports

Exports

__p__mbcasemap
__p__mbctype
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcblank
_ismbcblank_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_mbbtombc
_mbbtombc_l
_mbbtype
_mbbtype_l
_mbcasemap
_mbccpy
_mbccpy_l
_mbccpy_s
_mbccpy_s_l
_mbcjistojms
_mbcjistojms_l
_mbcjmstojis
_mbcjmstojis_l
_mbclen
_mbclen_l
_mbctohira
_mbctohira_l
_mbctokata
_mbctokata_l
_mbctolower
_mbctolower_l
_mbctombb
_mbctombb_l
_mbctoupper
_mbctoupper_l
_mblen_l
_mbsbtype
_mbsbtype_l
_mbscat_s
_mbscat_s_l
_mbschr
_mbschr_l
_mbscmp
_mbscmp_l
_mbscoll
_mbscoll_l
_mbscpy_s
_mbscpy_s_l
_mbscspn
_mbscspn_l
_mbsdec
_mbsdec_l
_mbsdup
_mbsicmp
_mbsicmp_l
_mbsicoll
_mbsicoll_l
_mbsinc
_mbsinc_l
_mbslen
_mbslen_l
_mbslwr
_mbslwr_l
_mbslwr_s
_mbslwr_s_l
_mbsnbcat
_mbsnbcat_l
_mbsnbcat_s
_mbsnbcat_s_l
_mbsnbcmp
_mbsnbcmp_l
_mbsnbcnt
_mbsnbcnt_l
_mbsnbcoll
_mbsnbcoll_l
_mbsnbcpy
_mbsnbcpy_l
_mbsnbcpy_s
_mbsnbcpy_s_l
_mbsnbicmp
_mbsnbicmp_l
_mbsnbicoll
_mbsnbicoll_l
_mbsnbset
_mbsnbset_l
_mbsnbset_s
_mbsnbset_s_l
_mbsncat
_mbsncat_l
_mbsncat_s
_mbsncat_s_l
_mbsnccnt
_mbsnccnt_l
_mbsncmp
_mbsncmp_l
_mbsncoll
_mbsncoll_l
_mbsncpy
_mbsncpy_l
_mbsncpy_s
_mbsncpy_s_l
_mbsnextc
_mbsnextc_l
_mbsnicmp
_mbsnicmp_l
_mbsnicoll
_mbsnicoll_l
_mbsninc
_mbsninc_l
_mbsnlen
_mbsnlen_l
_mbsnset
_mbsnset_l
_mbsnset_s
_mbsnset_s_l
_mbspbrk
_mbspbrk_l
_mbsrchr
_mbsrchr_l
_mbsrev
_mbsrev_l
_mbsset
_mbsset_l
_mbsset_s
_mbsset_s_l
_mbsspn
_mbsspn_l
_mbsspnp
_mbsspnp_l
_mbsstr
_mbsstr_l
_mbstok
_mbstok_l
_mbstok_s
_mbstok_s_l
_mbstowcs_l
_mbstowcs_s_l
_mbstrlen
_mbstrlen_l
_mbstrnlen
_mbstrnlen_l
_mbsupr
_mbsupr_l
_mbsupr_s
_mbsupr_s_l
_mbtowc_l

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-private-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2c:f4:61:5d:f3:6d:cc:64:b2:be:c8:7d:f5:a8:47:00:22:14:7e:b8:b8:ab:a0:28:11:00:ff:fb:cb:76:7b:54
Signer

Actual PE Digest

2c:f4:61:5d:f3:6d:cc:64:b2:be:c8:7d:f5:a8:47:00:22:14:7e:b8:b8:ab:a0:28:11:00:ff:fb:cb:76:7b:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-private-l1-1-0.pdb

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__intrinsic_abnormal_termination
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_o__CIacos
_o__CIasin
_o__CIatan
_o__CIatan2
_o__CIcos
_o__CIcosh
_o__CIexp
_o__CIfmod
_o__CIlog
_o__CIlog10
_o__CIpow
_o__CIsin
_o__CIsinh
_o__CIsqrt
_o__CItan
_o__CItanh
_o__Getdays
_o__Getmonths
_o__Gettnames
_o__Strftime
_o__W_Getdays
_o__W_Getmonths
_o__W_Gettnames
_o__Wcsftime
_o____lc_codepage_func
_o____lc_collate_cp_func
_o____lc_locale_name_func
_o____mb_cur_max_func
_o___acrt_iob_func
_o___conio_common_vcprintf
_o___conio_common_vcprintf_p
_o___conio_common_vcprintf_s
_o___conio_common_vcscanf
_o___conio_common_vcwprintf
_o___conio_common_vcwprintf_p
_o___conio_common_vcwprintf_s
_o___conio_common_vcwscanf
_o___daylight
_o___dstbias
_o___fpe_flt_rounds
_o___libm_sse2_acos
_o___libm_sse2_acosf
_o___libm_sse2_asin
_o___libm_sse2_asinf
_o___libm_sse2_atan
_o___libm_sse2_atan2
_o___libm_sse2_atanf
_o___libm_sse2_cos
_o___libm_sse2_cosf
_o___libm_sse2_exp
_o___libm_sse2_expf
_o___libm_sse2_log
_o___libm_sse2_log10
_o___libm_sse2_log10f
_o___libm_sse2_logf
_o___libm_sse2_pow
_o___libm_sse2_powf
_o___libm_sse2_sin
_o___libm_sse2_sinf
_o___libm_sse2_tan
_o___libm_sse2_tanf
_o___p___argc
_o___p___argv
_o___p___wargv
_o___p__acmdln
_o___p__commode
_o___p__environ
_o___p__fmode
_o___p__mbcasemap
_o___p__mbctype
_o___p__pgmptr
_o___p__wcmdln
_o___p__wenviron
_o___p__wpgmptr
_o___pctype_func
_o___pwctype_func
_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o___std_type_info_name
_o___stdio_common_vfprintf
_o___stdio_common_vfprintf_p
_o___stdio_common_vfprintf_s
_o___stdio_common_vfscanf
_o___stdio_common_vfwprintf
_o___stdio_common_vfwprintf_p
_o___stdio_common_vfwprintf_s
_o___stdio_common_vfwscanf
_o___stdio_common_vsnprintf_s
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsprintf_p
_o___stdio_common_vsprintf_s
_o___stdio_common_vsscanf
_o___stdio_common_vswprintf
_o___stdio_common_vswprintf_p
_o___stdio_common_vswprintf_s
_o___stdio_common_vswscanf
_o___timezone
_o___tzname
_o___wcserror
_o__access
_o__access_s
_o__aligned_free
_o__aligned_malloc
_o__aligned_msize
_o__aligned_offset_malloc
_o__aligned_offset_realloc
_o__aligned_offset_recalloc
_o__aligned_realloc
_o__aligned_recalloc
_o__atodbl
_o__atodbl_l
_o__atof_l
_o__atoflt
_o__atoflt_l
_o__atoi64
_o__atoi64_l
_o__atoi_l
_o__atol_l
_o__atoldbl
_o__atoldbl_l
_o__atoll_l
_o__beep
_o__beginthread
_o__beginthreadex
_o__cabs
_o__callnewh
_o__calloc_base
_o__cexit
_o__cgets
_o__cgets_s
_o__cgetws
_o__cgetws_s
_o__chdir
_o__chdrive
_o__chmod
_o__chsize
_o__chsize_s
_o__close
_o__commit
_o__configthreadlocale
_o__configure_narrow_argv
_o__configure_wide_argv
_o__controlfp_s
_o__cputs
_o__cputws
_o__creat
_o__create_locale
_o__crt_atexit
_o__ctime32_s
_o__ctime64_s
_o__cwait
_o__d_int
_o__dclass
_o__difftime32
_o__difftime64
_o__dlog
_o__dnorm
_o__dpcomp
_o__dpoly
_o__dscale
_o__dsign
_o__dsin
_o__dtest
_o__dunscale
_o__dup
_o__dup2
_o__dupenv_s
_o__ecvt
_o__ecvt_s
_o__endthread
_o__endthreadex
_o__eof
_o__errno
_o__except1
_o__execute_onexit_table
_o__execv
_o__execve
_o__execvp
_o__execvpe
_o__exit
_o__expand
_o__fclose_nolock
_o__fcloseall
_o__fcvt
_o__fcvt_s
_o__fd_int
_o__fdclass
_o__fdexp
_o__fdlog
_o__fdopen
_o__fdpcomp
_o__fdpoly
_o__fdscale
_o__fdsign
_o__fdsin
_o__fflush_nolock
_o__fgetc_nolock
_o__fgetchar
_o__fgetwc_nolock
_o__fgetwchar
_o__filelength
_o__filelengthi64
_o__fileno
_o__findclose
_o__findfirst32
_o__findfirst32i64
_o__findfirst64
_o__findfirst64i32
_o__findnext32
_o__findnext32i64
_o__findnext64
_o__findnext64i32
_o__flushall
_o__fpclass
_o__fputc_nolock
_o__fputchar
_o__fputwc_nolock
_o__fputwchar
_o__fread_nolock
_o__fread_nolock_s
_o__free_base
_o__free_locale
_o__fseek_nolock
_o__fseeki64
_o__fseeki64_nolock
_o__fsopen
_o__fstat32
_o__fstat32i64
_o__fstat64
_o__fstat64i32
_o__ftell_nolock
_o__ftelli64
_o__ftelli64_nolock
_o__ftime32
_o__ftime32_s
_o__ftime64
_o__ftime64_s
_o__fullpath
_o__futime32
_o__futime64
_o__fwrite_nolock
_o__gcvt
_o__gcvt_s
_o__get_daylight
_o__get_doserrno
_o__get_dstbias
_o__get_errno
_o__get_fmode
_o__get_heap_handle
_o__get_initial_narrow_environment
_o__get_initial_wide_environment
_o__get_invalid_parameter_handler
_o__get_narrow_winmain_command_line
_o__get_osfhandle
_o__get_pgmptr
_o__get_stream_buffer_pointers
_o__get_terminate
_o__get_thread_local_invalid_parameter_handler
_o__get_timezone
_o__get_tzname
_o__get_wide_winmain_command_line
_o__get_wpgmptr
_o__getc_nolock
_o__getch
_o__getch_nolock
_o__getche
_o__getche_nolock
_o__getcwd
_o__getdcwd
_o__getdiskfree
_o__getdllprocaddr
_o__getdrive
_o__getdrives
_o__getmbcp
_o__getsystime
_o__getw
_o__getwc_nolock
_o__getwch
_o__getwch_nolock
_o__getwche
_o__getwche_nolock
_o__getws
_o__getws_s
_o__gmtime32
_o__gmtime32_s
_o__gmtime64
_o__gmtime64_s
_o__heapchk
_o__heapmin
_o__hypot
_o__hypotf
_o__i64toa
_o__i64toa_s
_o__i64tow
_o__i64tow_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__isatty
_o__isctype
_o__isctype_l
_o__isleadbyte_l
_o__ismbbalnum
_o__ismbbalnum_l
_o__ismbbalpha
_o__ismbbalpha_l
_o__ismbbblank
_o__ismbbblank_l
_o__ismbbgraph
_o__ismbbgraph_l
_o__ismbbkalnum
_o__ismbbkalnum_l
_o__ismbbkana
_o__ismbbkana_l
_o__ismbbkprint
_o__ismbbkprint_l
_o__ismbbkpunct
_o__ismbbkpunct_l
_o__ismbblead
_o__ismbblead_l
_o__ismbbprint
_o__ismbbprint_l
_o__ismbbpunct
_o__ismbbpunct_l
_o__ismbbtrail
_o__ismbbtrail_l
_o__ismbcalnum
_o__ismbcalnum_l
_o__ismbcalpha
_o__ismbcalpha_l
_o__ismbcblank
_o__ismbcblank_l
_o__ismbcdigit
_o__ismbcdigit_l
_o__ismbcgraph
_o__ismbcgraph_l
_o__ismbchira
_o__ismbchira_l
_o__ismbckata
_o__ismbckata_l
_o__ismbcl0
_o__ismbcl0_l
_o__ismbcl1
_o__ismbcl1_l
_o__ismbcl2
_o__ismbcl2_l
_o__ismbclegal
_o__ismbclegal_l
_o__ismbclower
_o__ismbclower_l
_o__ismbcprint
_o__ismbcprint_l
_o__ismbcpunct
_o__ismbcpunct_l
_o__ismbcspace
_o__ismbcspace_l
_o__ismbcsymbol
_o__ismbcsymbol_l
_o__ismbcupper
_o__ismbcupper_l
_o__ismbslead
_o__ismbslead_l
_o__ismbstrail
_o__ismbstrail_l
_o__iswctype_l
_o__itoa
_o__itoa_s
_o__itow
_o__itow_s
_o__j0
_o__j1
_o__jn
_o__kbhit
_o__ld_int
_o__ldclass
_o__ldexp
_o__ldlog
_o__ldpcomp
_o__ldpoly
_o__ldscale
_o__ldsign
_o__ldsin
_o__ldtest
_o__ldunscale
_o__lfind
_o__lfind_s
_o__libm_sse2_acos_precise
_o__libm_sse2_asin_precise
_o__libm_sse2_atan_precise
_o__libm_sse2_cos_precise
_o__libm_sse2_exp_precise
_o__libm_sse2_log10_precise
_o__libm_sse2_log_precise
_o__libm_sse2_pow_precise
_o__libm_sse2_sin_precise
_o__libm_sse2_sqrt_precise
_o__libm_sse2_tan_precise
_o__loaddll
_o__localtime32
_o__localtime32_s
_o__localtime64
_o__localtime64_s
_o__lock_file
_o__locking
_o__logb
_o__lsearch
_o__lsearch_s
_o__lseek
_o__lseeki64
_o__ltoa
_o__ltoa_s
_o__ltow
_o__ltow_s
_o__makepath
_o__makepath_s
_o__malloc_base
_o__mbbtombc
_o__mbbtombc_l
_o__mbbtype
_o__mbbtype_l
_o__mbccpy
_o__mbccpy_l
_o__mbccpy_s
_o__mbccpy_s_l
_o__mbcjistojms
_o__mbcjistojms_l
_o__mbcjmstojis
_o__mbcjmstojis_l
_o__mbclen
_o__mbclen_l
_o__mbctohira
_o__mbctohira_l
_o__mbctokata
_o__mbctokata_l
_o__mbctolower
_o__mbctolower_l
_o__mbctombb
_o__mbctombb_l

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-process-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

98:23:2b:d5:99:8b:18:19:1f:57:a8:ee:94:b4:65:fa:4a:d7:f6:d1:3e:ab:aa:a4:fe:7e:dd:29:56:34:fa:a9
Signer

Actual PE Digest

98:23:2b:d5:99:8b:18:19:1f:57:a8:ee:94:b4:65:fa:4a:d7:f6:d1:3e:ab:aa:a4:fe:7e:dd:29:56:34:fa:a9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-process-l1-1-0.pdb

Exports

Exports

_beep
_cwait
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_loaddll
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_unloaddll
_wexecl
_wexecle
_wexeclp
_wexeclpe
_wexecv
_wexecve
_wexecvp
_wexecvpe
_wspawnl
_wspawnle
_wspawnlp
_wspawnlpe
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-runtime-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:54:0e:fa:42:ce:48:48:03:55:6c:02:ad:6c:55:9d:12:94:d3:b8:99:ce:0c:63:b4:d0:c5:b2:77:79:00:b4
Signer

Actual PE Digest

44:54:0e:fa:42:ce:48:48:03:55:6c:02:ad:6c:55:9d:12:94:d3:b8:99:ce:0c:63:b4:d0:c5:b2:77:79:00:b4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-runtime-l1-1-0.pdb

Exports

Exports

_Exit
__control87_2
__doserrno
__fpe_flt_rounds
__fpecode
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__pgmptr
__p__wcmdln
__p__wpgmptr
__pxcptinfoptrs
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__wcserror
__wcserror_s
_assert
_beginthread
_beginthreadex
_c_exit
_cexit
_clearfp
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_crt_at_quick_exit
_crt_atexit
_crt_debugger_hook
_endthread
_endthreadex
_errno
_execute_onexit_table
_exit
_fpieee_flt
_fpreset
_get_doserrno
_get_errno
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_pgmptr
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_wide_winmain_command_line
_get_wpgmptr
_getdllprocaddr
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_query_app_type
_register_onexit_function
_register_thread_local_exe_atexit_callback
_resetstkoflw
_seh_filter_dll
_seh_filter_exe
_set_abort_behavior
_set_app_type
_set_controlfp
_set_doserrno
_set_errno
_set_error_mode
_set_invalid_parameter_handler
_set_new_handler
_set_thread_local_invalid_parameter_handler
_seterrormode
_sleep
_statusfp
_statusfp2
_strerror
_strerror_s
_wassert
_wcserror
_wcserror_s
_wperror
_wsystem
abort
exit
feclearexcept
fegetenv
fegetexceptflag
fegetround
feholdexcept
fesetenv
fesetexceptflag
fesetround
fetestexcept
perror
quick_exit
raise
set_terminate
signal
strerror
strerror_s
system
terminate

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-stdio-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:82:d3:cf:f5:25:ce:ea:b0:24:9a:1c:5d:6d:61:5d:65:df:43:8d:f3:0b:6a:c8:60:ca:53:3c:74:e8:ff:82
Signer

Actual PE Digest

22:82:d3:cf:f5:25:ce:ea:b0:24:9a:1c:5d:6d:61:5d:65:df:43:8d:f3:0b:6a:c8:60:ca:53:3c:74:e8:ff:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-stdio-l1-1-0.pdb

Exports

Exports

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_chsize
_chsize_s
_close
_commit
_creat
_dup
_dup2
_eof
_fclose_nolock
_fcloseall
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_flushall
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_ftell_nolock
_ftelli64
_ftelli64_nolock
_fwrite_nolock
_get_fmode
_get_osfhandle
_get_printf_count_output
_get_stream_buffer_pointers
_getc_nolock
_getcwd
_getdcwd
_getmaxstdio
_getw
_getwc_nolock
_getws
_getws_s
_isatty
_kbhit
_locking
_lseek
_lseeki64
_mktemp
_mktemp_s
_open
_open_osfhandle
_pclose
_pipe
_popen
_putc_nolock
_putw
_putwc_nolock
_putws
_read
_rmtmp
_set_fmode
_set_printf_count_output
_setmaxstdio
_setmode
_sopen
_sopen_dispatch
_sopen_s
_tell
_telli64
_tempnam
_ungetc_nolock
_ungetwc_nolock
_wcreat
_wfdopen
_wfopen
_wfopen_s
_wfreopen
_wfreopen_s
_wfsopen
_wmktemp
_wmktemp_s
_wopen
_wpopen
_write
_wsopen
_wsopen_dispatch
_wsopen_s
_wtempnam
_wtmpnam
_wtmpnam_s
clearerr
clearerr_s
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetwc
fgetws
fopen
fopen_s
fputc
fputs
fputwc
fputws
fread
fread_s
freopen
freopen_s
fseek
fsetpos
ftell
fwrite
getc
getchar
gets
gets_s
getwc
getwchar
putc
putchar
puts
putwc
putwchar
rewind
setbuf
setvbuf
tmpfile
tmpfile_s
tmpnam
tmpnam_s
ungetc
ungetwc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-string-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b7:47:e5:85:9d:5b:01:03:19:b3:ba:a9:39:35:40:cb:3e:37:20:68:10:d2:2c:0f:b1:32:71:0b:5a:86:99:54
Signer

Actual PE Digest

b7:47:e5:85:9d:5b:01:03:19:b3:ba:a9:39:35:40:cb:3e:37:20:68:10:d2:2c:0f:b1:32:71:0b:5a:86:99:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-string-l1-1-0.pdb

Exports

Exports

__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__strncnt
__wcsncnt
_isalnum_l
_isalpha_l
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswblank_l
_iswcntrl_l
_iswcsym_l
_iswcsymf_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_memccpy
_memicmp
_memicmp_l
_strcoll_l
_strdup
_stricmp
_stricmp_l
_stricoll
_stricoll_l
_strlwr
_strlwr_l
_strlwr_s
_strlwr_s_l
_strncoll
_strncoll_l
_strnicmp
_strnicmp_l
_strnicoll
_strnicoll_l
_strnset
_strnset_s
_strrev
_strset
_strset_s
_strupr
_strupr_l
_strupr_s
_strupr_s_l
_strxfrm_l
_tolower
_tolower_l
_toupper
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsdup
_wcsicmp
_wcsicmp_l
_wcsicoll
_wcsicoll_l
_wcslwr
_wcslwr_l
_wcslwr_s
_wcslwr_s_l
_wcsncoll
_wcsncoll_l
_wcsnicmp
_wcsnicmp_l
_wcsnicoll
_wcsnicoll_l
_wcsnset
_wcsnset_s
_wcsrev
_wcsset
_wcsset_s
_wcsupr
_wcsupr_l
_wcsupr_s
_wcsupr_s_l
_wcsxfrm_l
_wctype
is_wctype
isalnum
isalpha
isblank
iscntrl
isdigit
isgraph
isleadbyte
islower
isprint
ispunct
isspace
isupper
iswalnum
iswalpha
iswascii
iswblank
iswcntrl
iswctype
iswdigit
iswgraph
iswlower
iswprint
iswpunct
iswspace
iswupper
iswxdigit
isxdigit
mblen
mbrlen
memcpy_s
memmove_s
memset
strcat
strcat_s
strcmp
strcoll
strcpy
strcpy_s
strcspn
strlen
strncat
strncat_s
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
strtok
strtok_s
strxfrm
tolower
toupper
towctrans
towlower
towupper
wcscat
wcscat_s
wcscmp
wcscoll
wcscpy
wcscpy_s
wcscspn
wcslen
wcsncat
wcsncat_s
wcsncmp
wcsncpy
wcsncpy_s
wcsnlen
wcspbrk
wcsspn
wcstok
wcstok_s
wcsxfrm
wctype
wmemcpy_s
wmemmove_s

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-time-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:09:41:c8:37:64:68:46:b8:59:1e:32:68:f9:4a:3e:38:fb:9d:8f:04:29:6f:c9:ff:f5:11:30:75:7d:db:0e
Signer

Actual PE Digest

87:09:41:c8:37:64:68:46:b8:59:1e:32:68:f9:4a:3e:38:fb:9d:8f:04:29:6f:c9:ff:f5:11:30:75:7d:db:0e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-time-l1-1-0.pdb

Exports

Exports

_Getdays
_Getmonths
_Gettnames
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__daylight
__dstbias
__timezone
__tzname
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_difftime32
_difftime64
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_futime32
_futime64
_get_daylight
_get_dstbias
_get_timezone
_get_tzname
_getsystime
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_localtime32
_localtime32_s
_localtime64
_localtime64_s
_mkgmtime32
_mkgmtime64
_mktime32
_mktime64
_setsystime
_strdate
_strdate_s
_strftime_l
_strtime
_strtime_s
_time32
_time64
_timespec32_get
_timespec64_get
_tzset
_utime32
_utime64
_wasctime
_wasctime_s
_wcsftime_l
_wctime32
_wctime32_s
_wctime64
_wctime64_s
_wstrdate
_wstrdate_s
_wstrtime
_wstrtime_s
_wutime32
_wutime64
asctime
asctime_s
clock
strftime
wcsftime

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/api-ms-win-crt-utility-l1-1-0.dll
.dll windows:10 windows x86 arch:x86

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a1:ac:08:cf:9e:9f:e1:52:73:68:26:d6:13:1a:92:e0:e0:42:e4:f3:da:33:4e:05:75:a1:69:c7:9b:83:b5:96
Signer

Actual PE Digest

a1:ac:08:cf:9e:9f:e1:52:73:68:26:d6:13:1a:92:e0:e0:42:e4:f3:da:33:4e:05:75:a1:69:c7:9b:83:b5:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-crt-utility-l1-1-0.pdb

Exports

Exports

_abs64
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_lfind
_lfind_s
_lrotl
_lrotr
_lsearch
_lsearch_s
_rotl
_rotl64
_rotr
_rotr64
_swab
abs
bsearch
bsearch_s
div
imaxabs
imaxdiv
labs
ldiv
llabs
lldiv
qsort
qsort_s
rand
rand_s
srand

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
runtime/runtime.manifest
.xml
runtime/ucrtbase.dll
.dll windows:10 windows x86 arch:x86

ea37cb467ea2adb2b776c1c8c105007c

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:35:b9:b4:24:a6:cd:44:51:6d:3f:c8:19:fe:10:67:7e:1b:ec:21:a4:36:1b:81:ab:15:37:8b:9a:68:e6:ef
Signer

Actual PE Digest

63:35:b9:b4:24:a6:cd:44:51:6d:3f:c8:19:fe:10:67:7e:1b:ec:21:a4:36:1b:81:ab:15:37:8b:9a:68:e6:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ucrtbase.pdb

Imports

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetErrorMode
SetLastError
GetLastError
RaiseException

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapCompact
HeapSize
HeapWalk
HeapValidate
HeapAlloc
GetProcessHeap
HeapQueryInformation
HeapFree

api-ms-win-core-processthreads-l1-1-0

GetStartupInfoW
GetCurrentProcess
TerminateProcess
TlsAlloc
GetCurrentThread
GetCurrentThreadId
TlsGetValue
ExitProcess
CreateThread
CreateProcessW
GetExitCodeProcess
TlsSetValue
ResumeThread
TlsFree
ExitThread
GetCurrentProcessId

api-ms-win-core-libraryloader-l1-1-0

LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
FreeLibraryAndExitThread
GetProcAddress
FreeLibrary
GetModuleHandleW

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
LeaveCriticalSection

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-processenvironment-l1-1-0

SetCurrentDirectoryW
FreeEnvironmentStringsW
GetStdHandle
GetCurrentDirectoryW
GetEnvironmentStringsW
GetCommandLineA
SetEnvironmentVariableW
GetCommandLineW
SetStdHandle

api-ms-win-core-file-l1-1-0

GetFileSizeEx
SetFilePointerEx
CreateFileW
GetFileType
FindClose
FindNextFileW
FindFirstFileExW
GetFullPathNameW
GetDriveTypeW
GetFileInformationByHandle
GetFileAttributesExW
SetFileAttributesW
GetDiskFreeSpaceW
GetLogicalDrives
CreateDirectoryW
SetFileTime
RemoveDirectoryW
LockFileEx
UnlockFileEx
FlushFileBuffers
SetEndOfFile
DeleteFileW
WriteFile
ReadFile

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
CompareStringW
MultiByteToWideChar

api-ms-win-core-localization-l1-2-0

LCMapStringW
EnumSystemLocalesW
IsValidLocale
GetACP
GetCPInfo
GetUserDefaultLCID
GetOEMCP
GetLocaleInfoW
IsValidCodePage

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-sysinfo-l1-1-0

SetLocalTime
GetSystemInfo
GetLocalTime
GetSystemTimeAsFileTime

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-console-l1-1-0

GetConsoleMode
SetConsoleCtrlHandler
WriteConsoleW
GetConsoleCP
SetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
ReadConsoleW
ReadConsoleInputW
PeekConsoleInputA

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
CreatePipe

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetTimeZoneInformation

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-memory-l1-1-0

VirtualProtect
VirtualQuery
VirtualAlloc

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer
Beep

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InterlockedFlushSList

Exports

Exports

_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_Cbuild
_Cmulcc
_Cmulcr
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_Exit
_FCbuild
_FCmulcc
_FCmulcr
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_IsExceptionObjectToBeDestroyed
_LCbuild
_LCmulcc
_LCmulcr
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
__acrt_iob_func
__conio_common_vcprintf
__conio_common_vcprintf_p
__conio_common_vcprintf_s
__conio_common_vcscanf
__conio_common_vcwprintf
__conio_common_vcwprintf_p
__conio_common_vcwprintf_s
__conio_common_vcwscanf
__control87_2
__current_exception
__current_exception_context
__daylight
__dcrt_get_wide_environment_from_os
__dcrt_initial_narrow_environment
__doserrno
__dstbias
__fpe_flt_rounds
__fpecode
__initialize_lconv_for_unsigned_char
__intrinsic_abnormal_termination
__intrinsic_setjmp
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__p___argc
__p___argv
__p___wargv
__p__acmdln
__p__commode
__p__environ
__p__fmode
__p__mbcasemap
__p__mbctype
__p__pgmptr
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__processing_throw
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__setusermatherr
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__stdio_common_vfprintf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_p
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswscanf
__strncnt
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__wcserror
__wcserror_s
__wcsncnt
_abs64
_access
_access_s
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_atoll_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_base
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chgsignf
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_configthreadlocale
_configure_narrow_argv
_configure_wide_argv
_control87
_controlfp
_controlfp_s
_copysign
_copysignf
_cputs
_cputws
_creat
_create_locale
_crt_at_quick_exit
_crt_atexit
_crt_debugger_hook
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_d_int
_dclass
_dexp
_difftime32
_difftime64
_dlog
_dnorm
_dpcomp
_dpoly
_dscale
_dsign
_dsin
_dtest
_dunscale
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_endthread
_endthreadex
_eof
_errno
_except1
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execute_onexit_table
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fd_int
_fdclass
_fdexp
_fdlog
_fdnorm
_fdopen
_fdpcomp
_fdpoly
_fdscale
_fdsign
_fdsin
_fdtest
_fdunscale
_fflush_nolock
_fgetc_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flushall
_fpclass
_fpieee_flt
_fpreset
_fputc_nolock
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_base
_free_locale
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwrite_nolock
_gcvt
_gcvt_s
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_initial_narrow_environment
_get_initial_wide_environment
_get_invalid_parameter_handler
_get_narrow_winmain_command_line
_get_osfhandle
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_stream_buffer_pointers
_get_terminate
_get_thread_local_invalid_parameter_handler
_get_timezone
_get_tzname
_get_unexpected
_get_wide_winmain_command_line
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwc_nolock
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_heapchk
_heapmin
_heapwalk
_hypot
_hypotf
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_initterm_e
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_invoke_watson
_is_exception_typeof
_isalnum_l
_isalpha_l
_isatty
_isblank_l
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbblank
_ismbbblank_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcblank
_ismbcblank_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_isnan
_isprint_l
_ispunct_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shared.dll
.dll windows:6 windows x86 arch:x86

6ebbaf9d2fa19b6088de6b13f303d4fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\shared.pdb

Imports

comctl32

ImageList_LoadImageW
CreateStatusWindowW

imagehlp

SymInitialize
SymCleanup
SymEnumerateModules
SymGetModuleInfo
SymGetSymFromAddr

uxtheme

GetThemeSysFont

dbghelp

MiniDumpWriteDump

kernel32

Sleep
CloseHandle
DeleteFileW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesW
InitializeCriticalSectionEx
WaitForSingleObject
MulDiv
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringW
lstrcmpiW
LoadLibraryW
CreateEventW
GlobalAlloc
GlobalFree
GlobalSize
GetEnvironmentVariableW
GetModuleHandleW
MoveFileW
RemoveDirectoryW
CreateMutexW
GetFullPathNameW
GetLongPathNameW
GetCommandLineW
GetTempPathW
GetTempFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetShortPathNameW
CompareStringW
CreateFileMappingW
LoadResource
LockResource
SizeofResource
FindResourceExW
FindResourceW
SearchPathW
GetProcAddress
SetThreadPriority
GetThreadPriority
GetCurrentThread
ResumeThread
WaitForMultipleObjects
FormatMessageW
GlobalLock
GlobalUnlock
InitOnceComplete
InitOnceBeginInitialize
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
GetTickCount64
WriteFile
SetLastError
CreateDirectoryW
GetLastError
CreateFileW
IsBadReadPtr
IsBadCodePtr
GetCurrentProcess

user32

SetClipboardData
InsertMenuW
AppendMenuW
MessageBoxW
wsprintfW
SendMessageW
SetDlgItemTextW
EmptyClipboard
GetDC
GetClipboardData
GetClassNameW
LoadCursorW
LoadIconW
LoadMenuW
RegisterWindowMessageW
GetClipboardFormatNameW
RegisterClipboardFormatW
GetMenuItemInfoW
ModifyMenuW
CloseClipboard
OpenClipboard
GetMenuStringW
GetKeyNameTextW
DdeAccessData
CreateWindowExW
DdeQueryStringW
DdeCreateStringHandleW
LoadImageW
ReleaseDC
IsWindowEnabled
SetActiveWindow
FlashWindow
GetWindow
MessageBeep
CharNextW
IntersectRect
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CharLowerW
CharUpperW
GetParent
GetWindowLongW
DdeInitializeW

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
ExtTextOutW
SetTextColor
SetBkMode
SetTextAlign
GetTextExtentPoint32W
LPtoDP
GetTextMetricsW
GetStockObject
GetObjectW
CreateFontIndirectW
GetDeviceCaps

comdlg32

GetSaveFileNameW
ChooseColorW
ChooseFontW
GetOpenFileNameW

advapi32

GetUserNameW

shell32

DragQueryFileW
ShellExecuteW
SHParseDisplayName
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetFolderPathW
SHCreateShellItem
SHBrowseForFolderW
SHGetMalloc

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize

msvcp140

?_Xbad_function_call@std@@YAXXZ

vcruntime140

_except_handler4_common
strstr
wcsrchr
memset
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3
memcpy
__std_type_info_destroy_list
_CxxThrowException
_except_handler3
strchr

api-ms-win-crt-heap-l1-1-0

free
_callnewh
_expand
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_execute_onexit_table
_configure_narrow_argv
_seh_filter_dll
_beginthreadex
_initialize_onexit_table
_initterm_e
_initialize_narrow_environment
_initterm
_cexit
abort
_crt_atexit

api-ms-win-crt-convert-l1-1-0

wcstoul

api-ms-win-crt-string-l1-1-0

_wcsdup

api-ms-win-crt-math-l1-1-0

lroundf

api-ms-win-crt-utility-l1-1-0

rand
srand

Exports

Exports

??0uCallStackTracker@@QAE@PBD@Z
??1uCallStackTracker@@QAE@XZ
?add_offset@audio_math@@YGXPAMMI@Z
?calculate_peak@audio_math@@YGMPBMI@Z
?convert_from_int16@audio_math@@YGXPBFIPAMM@Z
?convert_from_int32@audio_math@@YGXPBHIPAMM@Z
?convert_to_int16@audio_math@@YGXPBMIPAFM@Z
?convert_to_int16_calculate_peak@audio_math@@YGMPBMIPAFM@Z
?convert_to_int32@audio_math@@YGXPBMIPAHM@Z
?convert_to_int32_calculate_peak@audio_math@@YGMPBMIPAHM@Z
?create@t_font_description@@QBGPAUHFONT__@@XZ
?from_font@t_font_description@@QAGXPAUHFONT__@@@Z
?g_from_font@t_font_description@@SG?AU1@PAUHFONT__@@@Z
?g_from_logfont@t_font_description@@SG?AU1@ABUtagLOGFONTW@@@Z
?g_from_system@t_font_description@@SG?AU1@H@Z
?kill_denormal@audio_math@@YGXPAMI@Z
?popup_dialog@t_font_description@@QAG_NPAUHWND__@@@Z
?scale@audio_math@@YGXPBMIPAMM@Z
?uPrintCrashInfo_Suppress@@YGXXZ
_CreateFileAbortable@28
_FindOwningPopup@4
_GetInfiniteWaitEvent@0
_LoadResourceEx@16
_LoadSystemLibrary@4
_ModalDialog_CanCreateNew@0
_ModalDialog_PokeExisting@0
_ModalDialog_Switch@4
_PokeWindow@4
_stricmp_utf8@8
_stricmp_utf8_ex@16
_stricmp_utf8_max@12
_stricmp_utf8_partial@12
_stricmp_utf8_stringtoblock@12
_uAddPanicHandler@4
_uAddStringLower@12
_uAddStringUpper@12
_uAppendMenu@16
_uBrowseForFolder@12
_uBrowseForFolderEx@12
_uBrowseForFolderWithFile@16
_uBugCheck@0
_uCharCompare@8
_uCharLength@4
_uCharLower@4
_uCharUpper@4
_uChooseColor@12
_uCompareString@20
_uCreateDirectory@8
_uCreateEvent@16
_uCreateFile@28
_uCreateFileMapping@24
_uCreateMutex@12
_uCreateStatusWindow@16
_uCreateWindowEx@48
_uDdeAccessData_Text@8
_uDdeCreateStringHandle@8
_uDdeInitialize@16
_uDdeQueryString@12
_uDeleteFile@4
_uDragQueryFile@12
_uDragQueryFileCount@4
_uDumpCrashInfo@4
_uEvalKnownFolder@4
_uExceptFilterProc@4
_uExpandEnvironmentStrings@8
_uExtTextOut@32
_uFileExists@4
_uFindFirstFile@4
_uFindResource@16
_uFixAmpersandChars@8
_uFixAmpersandChars_v2@8
_uFixPathCaps@8
_uFormatSystemErrorMessage@8
_uGetCallStackPath@0
_uGetClassName@8
_uGetClipboardFormatName@8
_uGetClipboardString@4
_uGetCommandLine@4
_uGetCurrentDirectory@4
_uGetDlgItemText@12
_uGetEnvironmentVariable@8
_uGetFileAttributes@4
_uGetFontHeight@4
_uGetFullPathName@8
_uGetKeyNameText@8
_uGetLongPathName@8
_uGetMenuItemType@8
_uGetMenuString@16
_uGetModuleFileName@8
_uGetModuleHandle@4
_uGetOpenFileName@32
_uGetOpenFileNameMulti@24
_uGetShortPathName@8
_uGetSystemDirectory@4
_uGetTempFileName@16
_uGetTempPath@4
_uGetTextExtentPoint32@16
_uGetTextHeight@4
_uGetUserName@4
_uGetWindowText@8
_uGetWindowsDirectory@4
_uImageList_LoadImage@28
_uInsertMenu@20
_uListBox_GetText@12
_uLoadCursor@8
_uLoadIcon@8
_uLoadImage@24
_uLoadLibrary@4
_uLoadMenu@8
_uLoadResource@16
_uLoadString@12
_uMessageBox@16
_uModifyMenu@20
_uMoveFile@8
_uOutputDebugString@4
_uPrintCrashInfo@12
_uPrintCrashInfo_AddEnvironmentInfo@4
_uPrintCrashInfo_Init@4
_uPrintCrashInfo_OnEvent@8
_uPrintCrashInfo_SetComponentList@4
_uPrintCrashInfo_SetDumpPath@4
_uPrintCrashInfo_StartLogging@4
_uPrintfV@12
_uRegisterClipboardFormat@4
_uRegisterWindowMessage@4
_uRemoveDirectory@4
_uRemovePanicHandler@4
_uReplaceCharAdd@24
_uReplaceStringAdd@32
_uSearchPath@16
_uSendDlgItemMessageText@20
_uSendMessageText@16
_uSetClipboardRawData@12
_uSetClipboardString@4
_uSetCurrentDirectory@4
_uSetDlgItemText@12
_uSetDlgItemTextEx@16
_uSetWindowText@8
_uSetWindowTextEx@12
_uShellExecute@24
_uShellNotifyIcon@24
_uShellNotifyIconEx@32
_uSortPathCompare@8
_uSortStringCompare@8
_uSortStringCompareEx@12
_uSortStringCreate@4
_uSortStringFree@4
_uStringCompare@8
_uStringCompare_ConvertNumbers@8
_uTabCtrl_InsertItem@12
_uTabCtrl_SetItem@12
_uTextOutColors@32
_uTextOutColorsTabbed@36
_uTreeView_GetText@12
_uTreeView_GetUserData@8
_uTreeView_InsertItem@8

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sqlite3.dll
.dll windows:6 windows x86 arch:x86

7b0c8ec61ea721b3d37ca0989fe57ba1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Sources\foobar2000-2.1\foobar2000\Release\sqlite3.pdb

Imports

kernel32

AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

strrchr
__std_type_info_destroy_list
memmove
_except_handler4_common
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_endthreadex
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_beginthreadex

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-heap-l1-1-0

free
_msize
malloc
realloc

api-ms-win-crt-string-l1-1-0

strncmp
strcspn

Exports

Exports

sqlite3_aggregate_context
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace_v2
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug

Sections

.text
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
themes/foobox + 简介.fth
themes/foobox 基本版.fth
themes/foobox 深色 (2.0).fth
themes/foobox 默认颜色.fth
vccorlib140.dll
.dll windows:6 windows x86 arch:x86

e2c243eaa5d873a145fcef834080de02

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

72:38:b1:12:89:14:6f:4d:28:55:ff:f0:4d:57:11:d4:67:e3:7b:d6:2f:b2:0d:56:75:97:4b:c4:a3:6f:00:dd
Signer

Actual PE Digest

72:38:b1:12:89:14:6f:4d:28:55:ff:f0:4d:57:11:d4:67:e3:7b:d6:2f:b2:0d:56:75:97:4b:c4:a3:6f:00:dd

Digest Algorithm

sha256

PE Digest Matches

true

72:38:b1:12:89:14:6f:4d:28:55:ff:f0:4d:57:11:d4:67:e3:7b:d6:2f:b2:0d:56:75:97:4b:c4:a3:6f:00:dd
Signer

Actual PE Digest

72:38:b1:12:89:14:6f:4d:28:55:ff:f0:4d:57:11:d4:67:e3:7b:d6:2f:b2:0d:56:75:97:4b:c4:a3:6f:00:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\vccorlib140.i386.pdb

Imports

kernel32

RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
FormatMessageW
GetProcAddress
LoadLibraryExW
HeapFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetLastError
OutputDebugStringW
HeapAlloc
DeleteCriticalSection
GetProcessHeap
CreateEventExW
WaitForMultipleObjectsEx
SetEvent
CloseHandle
DecodePointer
InitializeSRWLock
TryAcquireSRWLockShared
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140

__std_type_info_destroy_list
memcpy
_except_handler4_common
_CxxThrowException
__current_exception_context
__current_exception
memmove
memset
_SetWinRTOutOfMemoryExceptionCallback
__GetPlatformExceptionInfo
__std_exception_copy
__std_exception_destroy
__std_terminate
_purecall
__CxxFrameHandler3

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vswprintf_s

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_invalid_parameter_noinfo_noreturn
_invoke_watson
__p___wargv
__p___argc
_configure_wide_argv
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_initterm_e
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

_aligned_offset_malloc
free
_callnewh
malloc
_aligned_free

api-ms-win-crt-string-l1-1-0

wcscpy_s

msvcp140

?_Xlength_error@std@@YAXPBD@Z

ole32

CoTaskMemAlloc
CoGetApartmentType
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoAddRefServerProcess
CoGetContextToken
CoGetObjectContext
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoReleaseServerProcess

oleaut32

SysAllocStringLen
SysFreeString

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsCompareStringOrdinal
WindowsGetStringLen
WindowsCreateString
WindowsCreateStringReference
WindowsStringHasEmbeddedNull
WindowsDeleteString

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo
RoOriginateError
GetRestrictedErrorInfo
RoTransformError

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoRegisterForApartmentShutdown
RoRegisterActivationFactories
RoUnregisterForApartmentShutdown
RoRevokeActivationFactories
RoGetApartmentIdentifier
RoInitialize

api-ms-win-crt-math-l1-1-0

ceil

Exports

Exports

?<Dispose>@Exception@Platform@@U$AAAXXZ
?<Dispose>@String@Platform@@U$AAAXXZ
?<Dispose>@Type@Platform@@U$AAAXXZ
??0AccessDeniedException@Platform@@Q$AAA@P$AAVString@1@@Z
??0AccessDeniedException@Platform@@Q$AAA@XZ
??0Attribute@Metadata@Platform@@Q$AAA@XZ
??0Boolean@Platform@@QAA@_N@Z
??0COMException@Platform@@Q$AAA@H@Z
??0COMException@Platform@@Q$AAA@HP$AAVString@1@@Z
??0ChangedStateException@Platform@@Q$AAA@P$AAVString@1@@Z
??0ChangedStateException@Platform@@Q$AAA@XZ
??0ClassNotRegisteredException@Platform@@Q$AAA@P$AAVString@1@@Z
??0ClassNotRegisteredException@Platform@@Q$AAA@XZ
??0Delegate@Platform@@Q$AAA@XZ
??0DisconnectedException@Platform@@Q$AAA@P$AAVString@1@@Z
??0DisconnectedException@Platform@@Q$AAA@XZ
??0Enum@Platform@@Q$AAA@XZ
??0Exception@Platform@@Q$AAA@H@Z
??0Exception@Platform@@Q$AAA@HP$AAVString@1@@Z
??0FailureException@Platform@@Q$AAA@P$AAVString@1@@Z
??0FailureException@Platform@@Q$AAA@XZ
??0GridLength@Xaml@UI@Windows@@QAA@NW4GridUnitType@123@@Z
??0IntPtr@Platform@@QAA@H@Z
??0IntPtr@Platform@@QAA@PAX@Z
??0InvalidArgumentException@Platform@@Q$AAA@P$AAVString@1@@Z
??0InvalidArgumentException@Platform@@Q$AAA@XZ
??0InvalidCastException@Platform@@Q$AAA@P$AAVString@1@@Z
??0InvalidCastException@Platform@@Q$AAA@XZ
??0MTAThreadAttribute@Platform@@Q$AAA@XZ
??0NotImplementedException@Platform@@Q$AAA@P$AAVString@1@@Z
??0NotImplementedException@Platform@@Q$AAA@XZ
??0NullReferenceException@Platform@@Q$AAA@P$AAVString@1@@Z
??0NullReferenceException@Platform@@Q$AAA@XZ
??0Object@Platform@@Q$AAA@XZ
??0ObjectDisposedException@Platform@@Q$AAA@P$AAVString@1@@Z
??0ObjectDisposedException@Platform@@Q$AAA@XZ
??0OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@Q$AAA@XZ
??0OperationCanceledException@Platform@@Q$AAA@P$AAVString@1@@Z
??0OperationCanceledException@Platform@@Q$AAA@XZ
??0OutOfBoundsException@Platform@@Q$AAA@P$AAVString@1@@Z
??0OutOfBoundsException@Platform@@Q$AAA@XZ
??0OutOfMemoryException@Platform@@Q$AAA@P$AAVString@1@@Z
??0OutOfMemoryException@Platform@@Q$AAA@XZ
??0Rect@Foundation@Windows@@QAA@VPoint@12@0@Z
??0Rect@Foundation@Windows@@QAA@VPoint@12@VSize@12@@Z
??0RepeatBehavior@Animation@Media@Xaml@UI@Windows@@QAA@N@Z
??0STAThreadAttribute@Platform@@Q$AAA@XZ
??0SizeT@Platform@@QAA@H@Z
??0SizeT@Platform@@QAA@PAX@Z
??0Type@Platform@@Q$AAA@P$AAVObject@1@@Z
??0Type@Platform@@Q$AAA@VIntPtr@1@@Z
??0Type@Platform@@Q$AAA@VTypeName@Interop@Xaml@UI@Windows@@@Z
??0ValueType@Platform@@Q$AAA@XZ
??0WrongThreadException@Platform@@Q$AAA@P$AAVString@1@@Z
??0WrongThreadException@Platform@@Q$AAA@XZ
??0char16@default@@QAA@_W@Z
??0float32@default@@QAA@M@Z
??0float64@default@@QAA@N@Z
??0int16@default@@QAA@F@Z
??0int32@default@@QAA@H@Z
??0int64@default@@QAA@_J@Z
??0int8@default@@QAA@C@Z
??0uint16@default@@QAA@G@Z
??0uint32@default@@QAA@I@Z
??0uint64@default@@QAA@_K@Z
??0uint8@default@@QAA@E@Z
??BIntPtr@Platform@@SA?AV01@H@Z
??BIntPtr@Platform@@SA?AV01@PAX@Z
??BIntPtr@Platform@@SAPAXV01@@Z
??BType@Platform@@SA?AVTypeName@Interop@Xaml@UI@Windows@@P$AAV01@@Z
??BType@Platform@@SAP$AAV01@VTypeName@Interop@Xaml@UI@Windows@@@Z
??DMatrix3D@Media3D@Media@Xaml@UI@Windows@@SA?AV012345@V012345@0@Z
??GDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z
??HDuration@Xaml@UI@Windows@@SA?AV0123@V0123@0@Z
??MDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??NDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??ODuration@Xaml@UI@Windows@@SA_NV0123@0@Z
??PDuration@Xaml@UI@Windows@@SA_NV0123@0@Z
?AlignedAllocate@Heap@Details@Platform@@SAPAXII@Z
?AlignedAllocate@Heap@Details@Platform@@SAPAXIII@Z
?AlignedAllocateException@Heap@Details@Platform@@SAPAXII@Z
?AlignedAllocateException@Heap@Details@Platform@@SAPAXIII@Z
?AlignedFree@Heap@Details@Platform@@SAXPAX@Z
?AlignedFreeException@Heap@Details@Platform@@SAXPAX@Z
?Allocate@Heap@Details@Platform@@SAPAXI@Z
?Allocate@Heap@Details@Platform@@SAPAXII@Z
?AllocateException@Heap@Details@Platform@@SAPAXI@Z
?AllocateException@Heap@Details@Platform@@SAPAXII@Z
?Compare@Duration@Xaml@UI@Windows@@SAHV1234@0@Z
?Contains@Rect@Foundation@Windows@@QAA_NVPoint@23@@Z
?CreateException@Exception@Platform@@SAP$AAV12@H@Z
?CreateException@Exception@Platform@@SAP$AAV12@HP$AAVString@2@@Z
?CreateValue@Details@Platform@@YGP$AAVObject@2@W4TypeCode@2@PBX@Z
?EnableFactoryCache@@YAXXZ
?EnumerateAllocatedObjects@Heap@Details@Platform@@SAXP$AAVHeapEntryHandler@23@@Z
?Equals@Attribute@Metadata@Platform@@Q$AAA_NP$AAVObject@3@@Z
?Equals@Boolean@Platform@@QAA_NP$AAVObject@2@@Z
?Equals@Delegate@Platform@@Q$AAA_NP$AAVObject@2@@Z
?Equals@Enum@Platform@@Q$AAA_NP$AAVObject@2@@Z
?Equals@Exception@Platform@@U$AAA_NP$AAVObject@2@@Z
?Equals@MTAThreadAttribute@Platform@@Q$AAA_NP$AAVObject@2@@Z
?Equals@Object@Platform@@Q$AAA_NP$AAV12@@Z
?Equals@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@Q$AAA_NP$AAVObject@4@@Z
?Equals@STAThreadAttribute@Platform@@Q$AAA_NP$AAVObject@2@@Z
?Equals@Type@Platform@@U$AAA_NP$AAVObject@2@@Z
?Equals@ValueType@Platform@@Q$AAA_NP$AAVObject@2@@Z
?Equals@char16@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@float32@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@float64@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@int16@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@int32@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@int64@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@int8@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@uint16@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@uint32@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@uint64@default@@QAA_NP$AAVObject@Platform@@@Z
?Equals@uint8@default@@QAA_NP$AAVObject@Platform@@@Z
?EventSourceAdd@Details@Platform@@YG?AVEventRegistrationToken@Foundation@Windows@@PAPAXPAUEventLock@12@P$AAVDelegate@2@@Z
?EventSourceGetTargetArray@Details@Platform@@YGPAXPAXPAUEventLock@12@@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YGPAXPAXIPBXPA_J@Z
?EventSourceGetTargetArraySize@Details@Platform@@YGIPAX@Z
?EventSourceInitialize@Details@Platform@@YGXPAPAX@Z
?EventSourceRemove@Details@Platform@@YGXPAPAXPAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceUninitialize@Details@Platform@@YGXPAPAX@Z
?FlushFactoryCache@@YGXXZ
?Free@Heap@Details@Platform@@SAXPAX@Z
?FreeException@Heap@Details@Platform@@SAXPAX@Z
?GetActivationFactory@Details@Platform@@YGJPAVModuleBase@1WRL@Microsoft@@PAUHSTRING__@@PAPAUIActivationFactory@@@Z
?GetActivationFactoryByPCWSTR@@YGJPAXAAVGuid@Platform@@PAPAX@Z
?GetCmdArguments@Details@Platform@@YAPAPA_WPAH@Z
?GetHashCode@Attribute@Metadata@Platform@@Q$AAAHXZ
?GetHashCode@Boolean@Platform@@QAAHXZ
?GetHashCode@Delegate@Platform@@Q$AAAHXZ
?GetHashCode@Enum@Platform@@Q$AAAHXZ
?GetHashCode@Exception@Platform@@U$AAAHXZ
?GetHashCode@Guid@Platform@@QAAHXZ
?GetHashCode@MTAThreadAttribute@Platform@@Q$AAAHXZ
?GetHashCode@Object@Platform@@Q$AAAHXZ
?GetHashCode@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@Q$AAAHXZ
?GetHashCode@STAThreadAttribute@Platform@@Q$AAAHXZ
?GetHashCode@Type@Platform@@U$AAAHXZ
?GetHashCode@ValueType@Platform@@Q$AAAHXZ
?GetHashCode@char16@default@@QAAHXZ
?GetHashCode@float32@default@@QAAHXZ
?GetHashCode@float64@default@@QAAHXZ
?GetHashCode@int16@default@@QAAHXZ
?GetHashCode@int32@default@@QAAHXZ
?GetHashCode@int64@default@@QAAHXZ
?GetHashCode@int8@default@@QAAHXZ
?GetHashCode@uint16@default@@QAAHXZ
?GetHashCode@uint32@default@@QAAHXZ
?GetHashCode@uint64@default@@QAAHXZ
?GetHashCode@uint8@default@@QAAHXZ
?GetIBoxArrayVtable@Details@Platform@@YGPAXPAX@Z
?GetIBoxVtable@Details@Platform@@YGPAXPAX@Z
?GetIidsFn@@YGJHPAKPBU__s_GUID@@PAPAVGuid@Platform@@@Z
?GetObjectContext@Details@Platform@@YGPAUIUnknown@@XZ
?GetProxyImpl@Details@Platform@@YGJPAUIUnknown@@ABU_GUID@@0PAPAU3@@Z
?GetType@Boolean@Platform@@QAAP$AAVType@2@XZ
?GetType@Guid@Platform@@QAAP$AAVType@2@XZ
?GetType@Object@Platform@@Q$AAAP$AAVType@2@XZ
?GetType@char16@default@@QAAP$AAVType@Platform@@XZ
?GetType@float32@default@@QAAP$AAVType@Platform@@XZ
?GetType@float64@default@@QAAP$AAVType@Platform@@XZ
?GetType@int16@default@@QAAP$AAVType@Platform@@XZ
?GetType@int32@default@@QAAP$AAVType@Platform@@XZ
?GetType@int64@default@@QAAP$AAVType@Platform@@XZ
?GetType@int8@default@@QAAP$AAVType@Platform@@XZ
?GetType@uint16@default@@QAAP$AAVType@Platform@@XZ
?GetType@uint32@default@@QAAP$AAVType@Platform@@XZ
?GetType@uint64@default@@QAAP$AAVType@Platform@@XZ
?GetType@uint8@default@@QAAP$AAVType@Platform@@XZ
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@P$AAV12@@Z
?GetWeakReference@Details@Platform@@YGPAU__abi_IUnknown@@Q$ADVObject@2@@Z
?InitControlBlock@ControlBlock@Details@Platform@@AAEXPAX_N11@Z
?InitializeData@Details@Platform@@YAJH@Z
?Intersect@Rect@Foundation@Windows@@QAAXV123@@Z
?IntersectsWith@Rect@Foundation@Windows@@QAA_NV123@@Z
?Invert@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QAAXXZ
?ReCreateException@Exception@Platform@@SAP$AAV12@H@Z
?ReferenceEquals@Object@Platform@@SA_NP$AAV12@0@Z
?ReferenceEquals@Object@Platform@@SA_NP$AAVString@2@0@Z
?RegisterFactories@Details@Platform@@YGP$AAVObject@2@PAPAVModuleBase@1WRL@Microsoft@@PAPAU__abi_Module@@P6GXXZ@Z
?ReleaseInContextImpl@Details@Platform@@YGJPAUIUnknown@@0@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AAEXXZ
?ResolveWeakReference@Details@Platform@@YGP$AAVObject@2@ABU_GUID@@PAPAU__abi_IUnknown@@@Z
?RunApplicationServer@Details@Platform@@YGXPAPAVModuleBase@1WRL@Microsoft@@PAPAU__abi_Module@@PB_W@Z
?RunServer@Details@Platform@@YGXPAPAVModuleBase@1WRL@Microsoft@@PAPAU__abi_Module@@PB_W@Z
?TerminateModule@Details@Platform@@YG_NPAVModuleBase@1WRL@Microsoft@@@Z
?ToInt32@IntPtr@Platform@@QAAHXZ
?ToString@Attribute@Metadata@Platform@@Q$AAAP$AAVString@3@XZ
?ToString@Boolean@Platform@@QAAP$AAVString@2@XZ
?ToString@Delegate@Platform@@Q$AAAP$AAVString@2@XZ
?ToString@Enum@Platform@@Q$AAAP$AAVString@2@XZ
?ToString@Exception@Platform@@U$AAAP$AAVString@2@XZ
?ToString@Guid@Platform@@QAAP$AAVString@2@XZ
?ToString@MTAThreadAttribute@Platform@@Q$AAAP$AAVString@2@XZ
?ToString@OnePhaseConstructedAttribute@CompilerServices@Runtime@Platform@@Q$AAAP$AAVString@4@XZ
?ToString@STAThreadAttribute@Platform@@Q$AAAP$AAVString@2@XZ
?ToString@Type@Platform@@U$AAAP$AAVString@2@XZ
?ToString@ValueType@Platform@@Q$AAAP$AAVString@2@XZ
?ToString@char16@default@@QAAP$AAVString@Platform@@XZ
?ToString@float32@default@@QAAP$AAVString@Platform@@XZ
?ToString@float64@default@@QAAP$AAVString@Platform@@XZ
?ToString@int16@default@@QAAP$AAVString@Platform@@XZ
?ToString@int32@default@@QAAP$AAVString@Platform@@XZ
?ToString@int64@default@@QAAP$AAVString@Platform@@XZ
?ToString@int8@default@@QAAP$AAVString@Platform@@XZ
?ToString@uint16@default@@QAAP$AAVString@Platform@@XZ
?ToString@uint32@default@@QAAP$AAVString@Platform@@XZ
?ToString@uint64@default@@QAAP$AAVString@Platform@@XZ
?ToString@uint8@default@@QAAP$AAVString@Platform@@XZ
?UninitializeData@Details@Platform@@YAXH@Z
?Union@Rect@Foundation@Windows@@QAAXV123@@Z
?Union@Rect@Foundation@Windows@@QAAXVPoint@23@@Z
?WriteLine@Console@Details@Platform@@SAXP$AAVObject@3@@Z
?WriteLine@Console@Details@Platform@@SAXP$AAVString@3@@Z
?WriteLine@Console@Details@Platform@@SAXXZ
?__abi_FailFast@@YGXXZ
?__abi_ObjectToString@__abi_details@@YGP$AAVString@Platform@@P$AAVObject@3@_N@Z
?__abi_Resolve@ControlBlock@Details@Platform@@UAGJAAVGuid@3@PAPAU__abi_IInspectable@@@Z
?__abi_WinRTraiseAccessDeniedException@@YGXXZ
?__abi_WinRTraiseCOMException@@YGXJ@Z
?__abi_WinRTraiseChangedStateException@@YGXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YGXXZ
?__abi_WinRTraiseDisconnectedException@@YGXXZ
?__abi_WinRTraiseFailureException@@YGXXZ
?__abi_WinRTraiseInvalidArgumentException@@YGXXZ
?__abi_WinRTraiseInvalidCastException@@YGXXZ
?__abi_WinRTraiseNotImplementedException@@YGXXZ
?__abi_WinRTraiseNullReferenceException@@YGXXZ
?__abi_WinRTraiseObjectDisposedException@@YGXXZ
?__abi_WinRTraiseOperationCanceledException@@YGXXZ
?__abi_WinRTraiseOutOfBoundsException@@YGXXZ
?__abi_WinRTraiseOutOfMemoryException@@YGXXZ
?__abi_WinRTraiseWrongThreadException@@YGXXZ
?__abi_cast_Object_to_String@__abi_details@@YGP$AAVString@Platform@@_NP$AAVObject@3@@Z
?__abi_cast_String_to_Object@__abi_details@@YGP$AAVObject@Platform@@P$AAVString@3@@Z
?__abi_make_type_id@@YGP$AAVType@Platform@@ABU__abi_type_descriptor@@@Z
?__abi_translateCurrentException@@YGJ_N@Z
?__getActivationFactoryByHSTRING@@YGJPAUHSTRING__@@AAVGuid@Platform@@PAPAX@Z
?get@Bottom@Rect@Foundation@Windows@@QAAMXZ
?get@BreakOnAllocationId@Heap@Details@Platform@@SAHXZ
?get@BreakOnFreeId@Heap@Details@Platform@@SAHXZ
?get@CurrentAllocationId@Heap@Details@Platform@@SAHXZ
?get@Empty@Rect@Foundation@Windows@@SA?AV234@XZ
?get@Empty@Size@Foundation@Windows@@SA?AV234@XZ
?get@FullName@Type@Platform@@Q$AAAP$AAVString@3@XZ
?get@HasInverse@Matrix3D@Media3D@Media@Xaml@UI@Windows@@QAA_NXZ
?get@Message@Exception@Platform@@Q$AAAP$AAVString@3@XZ
?get@ObjectCount@Heap@Details@Platform@@SAHXZ
?get@Right@Rect@Foundation@Windows@@QAAMXZ
?get@TrackingLevel@Heap@Details@Platform@@SA?AW4HeapAllocationTrackingLevel@34@XZ
?set@BreakOnAllocationId@Heap@Details@Platform@@SAXH@Z
?set@BreakOnFreeId@Heap@Details@Platform@@SAXH@Z
?set@TrackingLevel@Heap@Details@Platform@@SAXW4HeapAllocationTrackingLevel@34@@Z

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140.dll
.dll windows:6 windows x86 arch:x86

2262054530b5f8bbeb0c4e3a111a37eb

Code Sign

33:00:00:00:d1:69:66:1c:06:4a:07:c0:1c:00:00:00:00:00:d1
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:32

Not After

11/05/2023, 20:32

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:d2:76:3b:7e:63:a7:ff:42:e9:e4:69:b5:8b:b3:2e:cc:0a:93:7f:c3:0e:20:7b:65:68:e3:88:d9:29:e0:11
Signer

Actual PE Digest

bc:d2:76:3b:7e:63:a7:ff:42:e9:e4:69:b5:8b:b3:2e:cc:0a:93:7f:c3:0e:20:7b:65:68:e3:88:d9:29:e0:11

Digest Algorithm

sha256

PE Digest Matches

true

bc:d2:76:3b:7e:63:a7:ff:42:e9:e4:69:b5:8b:b3:2e:cc:0a:93:7f:c3:0e:20:7b:65:68:e3:88:d9:29:e0:11
Signer

Actual PE Digest

bc:d2:76:3b:7e:63:a7:ff:42:e9:e4:69:b5:8b:b3:2e:cc:0a:93:7f:c3:0e:20:7b:65:68:e3:88:d9:29:e0:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

LeaveCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
TlsGetValue
DeleteCriticalSection
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:6 windows x86 arch:x86

fd255cbda39972a4a3f4b56f771299ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Sources\zlib-1.3\Release\zlibwapi.pdb

Imports

vcruntime140

memcpy
_except_handler4_common
memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
memchr
memmove

api-ms-win-crt-stdio-l1-1-0

_read
_write
__stdio_common_vsprintf
_close
_wopen
_lseeki64
_open

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-runtime-l1-1-0

terminate
_cexit
_crt_at_quick_exit
_crt_atexit
_errno
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
strerror

kernel32

IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
GetModuleHandleW
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter

Exports

Exports

adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_combine_gen
crc32_combine_gen64
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

9dda1a1d1f8a1d13ae0297b47046b26e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 126KB

.ndata Size: - Virtual size: 216KB

.rsrc Size: 77KB - Virtual size: 77KB

6b225baf8d24583523d4f42890e12522

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 348B

.reloc Size: 1KB - Virtual size: 1KB

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 662B

0ef725341a4aecf8398c0e2132f38049

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

advapi32

ole32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 100B

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 1KB - Virtual size: 1KB

3b477381217c97b22146297f93df2a92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 126KB

.ndata
Size: - Virtual size: 216KB

.rsrc
Size: 77KB - Virtual size: 77KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 348B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 662B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 100B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 6KB - Virtual size: 6KB

.movehcs
Size: 512B - Virtual size: 4KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 10KB

.movehcs
Size: 512B - Virtual size: 4KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 688KB - Virtual size: 687KB