Extracted

• 3ea65e1057c922eee0e977241e189fd022802637527c2c4943fd00025356d98fN

  .dll windows:6 windows x64 arch:x64

  d9b5c7201f67057600812d5093113397

  
  

  Code Sign

  33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  19/10/2023, 19:51

  Not After

  16/10/2024, 19:51

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0e:90:d2:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  08/07/2011, 20:59

  Not After

  08/07/2026, 21:09

  Subject

  CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  3f:21:1f:06:ad:9d:af:a8:14:5c:93:9d:70:41:79:48:ee:cf:29:e4:ae:69:b5:8b:4e:12:19:40:c5:4e:77:ae

  Signer

  Actual PE Digest

  3f:21:1f:06:ad:9d:af:a8:14:5c:93:9d:70:41:79:48:ee:cf:29:e4:ae:69:b5:8b:4e:12:19:40:c5:4e:77:ae

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  D:\vs_miansha\Dll2\x64\Release\Dll2.pdb

  Imports

  kernel32

  VirtualAlloc

  CreateProcessA

  GetThreadContext

  VirtualAllocEx

  WriteProcessMemory

  SetThreadContext

  ResumeThread

  CloseHandle

  TerminateProcess

  GetCurrentProcess

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  RtlCaptureContext

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  QueryPerformanceCounter

  GetCurrentProcessId

  vcruntime140

  __std_type_info_destroy_list

  __C_specific_handler

  memset

  memcpy

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _execute_onexit_table

  _initialize_onexit_table

  _configure_narrow_argv

  _seh_filter_dll

  _initterm_e

  _initterm

  _initialize_narrow_environment

  Exports

  Exports

  GetInstallDetailsPayload

  SignalInitializeCrashReporting

  Sections

  .text

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 44B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ